Privacy policy

I. PRIVACY POLICY AND DATA PROTECTION

In compliance with current legislation, SPACIOS (hereinafter, also the Website) undertakes to adopt the necessary technical and organizational measures, according to the appropriate level of security for the risk of the data collected.

Laws included in this privacy policy

This privacy policy is adapted to current Spanish and European regulations on the protection of personal data online. In particular, it complies with the following laws:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR).

  • Organic Law 3/2018, of 5 December, on the Protection of Personal Data and guarantee of digital rights (LOPD-GDD).

  • Royal Decree 1720/2007, of 21 December, approving the Regulation implementing Organic Law 15/1999, of 13 December, on the Protection of Personal Data (RDLOPD).

  • Law 34/2002, of 11 July, on Information Society Services and Electronic Commerce (LSSI-CE).

Identity of the data controller

The data controller for the personal data collected on SPACIOS is: SPACIOS (hereinafter, Data Controller). Contact information:

  • Address: Calle El Salvador 54 bajo, 03110 – Mutxamel (Alicante), Spain

  • Tax ID (CIF): B54491477

  • Phone number: +34 965 95 56 23

  • Email: info@spaciosconstruccion.com

Registration of personal data

In accordance with the GDPR and LOPD-GDD, we inform you that the personal data collected through the forms on this Website will be included in our database and processed for the purpose of facilitating, expediting, and fulfilling the commitments between SPACIOS and the User, or to maintain the relationship established in the forms or to address a request or query. Additionally, unless an exception under Article 30.5 of the GDPR applies, a record of processing activities is maintained detailing the purposes and operations carried out, as required by the GDPR.

Principles applicable to personal data processing

The processing of the User’s personal data shall comply with the following principles as established in Article 5 of the GDPR and Article 4 et seq. of Organic Law 3/2018:

  • Lawfulness, fairness, and transparency: User consent will be required after clear and complete disclosure of the purposes for which data is collected.

  • Purpose limitation: Data will be collected for specific, explicit, and legitimate purposes.

  • Data minimization: Only the data strictly necessary for the intended purposes will be collected.

  • Accuracy: Personal data must be accurate and up-to-date.

  • Storage limitation: Data will only be retained for as long as necessary for processing purposes.

  • Integrity and confidentiality: Data will be processed in a secure and confidential manner.

  • Accountability: The Data Controller is responsible for ensuring compliance with these principles.

Categories of personal data

SPACIOS only collects identifying data. No special categories of personal data, as defined in Article 9 of the GDPR, are processed.

Legal basis for processing personal data

The legal basis for processing is consent. SPACIOS undertakes to obtain express and verifiable consent from the User for one or more specific purposes.

The User may withdraw their consent at any time. Withdrawal will be as simple as giving it, and, as a rule, it will not affect the use of the Website.

When filling out forms to request information or for other purposes, the User will be informed whether providing certain data is mandatory for the proper handling of the request.

Purpose of processing personal data

Personal data is collected and managed by SPACIOS to facilitate, expedite, and fulfill the commitments established between the Website and the User, or to maintain the relationship derived from forms filled in by the User, or to address a specific request or inquiry.

Additionally, the data may be used for commercial purposes, personalization, operations, statistics, and other activities aligned with SPACIOS’s corporate purpose. This includes data extraction and storage for marketing analysis, in order to tailor content and improve the quality, functionality, and navigation of the Website.

When data is collected, the User will be informed of the specific purposes of the processing.

Data retention periods

Personal data will be retained only for the minimum time necessary to fulfill processing purposes, and in any case for a maximum of 24 months, unless the User requests its deletion.

At the time of data collection, the User will be informed of the expected data retention period or, if not possible, the criteria used to determine that period.

Recipients of personal data

User data may be shared with the following:

  • Digital service providers contracted by SPACIOS.

If the Data Controller intends to transfer data to a third country or international organization, the User will be informed of this intent at the time of data collection, including the name of the country or organization and whether an adequacy decision exists.

Personal data of minors

In accordance with Article 8 of the GDPR and Article 7 of Organic Law 3/2018, only Users over the age of 14 may give valid consent for their personal data to be processed by SPACIOS. For minors under 14, the consent of their parents or guardians is required.

Data confidentiality and security

SPACIOS commits to implementing appropriate technical and organizational measures to ensure a level of security appropriate to the risk, preventing unauthorized access, destruction, loss, or alteration of personal data.

The Website uses an SSL (Secure Socket Layer) certificate to ensure that data is transmitted securely between the server and the User, fully encrypted.

However, SPACIOS cannot guarantee absolute invulnerability of the internet or the absence of fraud by third parties. Therefore, in the event of a personal data breach that likely poses a high risk to the rights and freedoms of individuals, the User will be notified without undue delay.

Personal data will be treated confidentially. SPACIOS ensures that this confidentiality is respected by employees, partners, or any third party with access to the data, by legal or contractual obligation.

Rights related to personal data processing

Users have the following rights as recognized in the GDPR and Organic Law 3/2018:

  • Right of access: To know whether SPACIOS is processing their personal data and obtain a copy of such data and related information.

  • Right to rectification: To correct inaccurate or incomplete personal data.

  • Right to erasure (“right to be forgotten”): To request deletion of personal data when it is no longer needed, consent has been withdrawn, or the processing is unlawful, among other grounds.

  • Right to restriction of processing: To request that processing be restricted in certain circumstances (e.g., contesting the accuracy of data).

  • Right to data portability: To receive personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller.

  • Right to object: To object to the processing of their data based on legitimate interests or for direct marketing purposes.