Identity of the Data Controller
- Controller: BM&A Asesores Legales S.L.
- Tax ID number: B66009317
- Address: Avda. Pau Casals, 22, 2º, 08021 Barcelona (Spain)
- Email: email@example.com
- Website: https://bmaabogados.com
Principles applied to data processing
When processing your personal data, the Controller will apply the following principles, which comply with the requirements of the new European Data Protection Regulation (GDPR):
- Principle of lawfulness, fairness and transparency: the Controller will always require consent to process personal data, which may be for one or more specific purposes, and which the Controller will inform the user of beforehand with absolute transparency.
- Data minimization principle: The Controller will only request those data that are strictly necessary for the intended purpose(s).
- Principle of limitation of the storage period: the Controller will store the personal data collected only for as long as strictly required for processing purposes. The Controller will inform the user of the corresponding storage period based on the purpose.
In the case of subscriptions, the Controller will periodically review its lists and remove records that have been inactive for a considerable length of time.
- Principle of integrity and confidentiality: the personal data collected will be processed in such a way that its security, confidentiality and integrity are guaranteed.
The Controller takes the necessary precautions to prevent third parties from improperly accessing or using the data of its users.
Obtaining personal data
Users do not need to provide any personal details to browse the website.
The Controller informs you that you have the right to:
- Request access to your stored data.
- Request rectification or deletion.
- Request to limit processing.
- Object to the processing.
The right to data portability cannot be exercised.
The exercise of these rights is personal, and must therefore be exercised directly by the data subject by filing a request directly with the Controller. This means that any client, subscriber or collaborator who provided their details at some point can contact the Controller and request information on the data it has stored, on how they were obtained, and request to rectify them, object to their processing, limit their use or request that these data be deleted from the Controller’s files.
To exercise your rights, you have to email your request, together with a photocopy of a valid form of identification, to firstname.lastname@example.org The exercise of these rights does not pertain to any information that the Controller is required to keep for administrative, legal or security purposes.
You have the right to effective judicial protection and to file a claim with the supervisory authority, in this case, the Spanish Data Protection Agency, if you believe that your personal data are being processed in a way that violates the law.
Purpose of the personal data processing
When you connect to the website to send an email to the Controller, you are subscribing to its newsletter and providing personal information for which the Controller is responsible. This information may include personal data, such as your IP address, full name, physical address, email address, telephone number and other information. By providing this information, you consent to your information being collected, used, managed and stored by Balaguer-Morera & Asociados. The personal data and the purpose of the processing by the Controller differ depending on the information gathering system:
There are other purposes for which the Controller processes personal data:
- To guarantee compliance with the conditions set out in the applicable laws. This may include the development of tools and algorithms that help the website ensure the confidentiality of the personal data it collects.
- To support and improve the services offered by this website.
Personal data security
The Controller takes all reasonable precautions to protect your personal data and follows the best industry practices to prevent their loss, misuse, improper access, disclosure, alteration or destruction.
Your data may be added to a mailing list file that is managed and processed by the Controller. The security of your data is guaranteed, since the Controller takes all necessary security measures and guarantees that your personal data will only be used for the purposes stated.
The Controller informs you, the user, that your personal data will not be transferred to third parties, except when said data transfer is covered by a legal obligation or when the provision of a service involves the need for a contractual relationship with a data processor. In the latter case, data will only be transferred to the third party when the Controller has the express consent of the user.
However, in some cases, the Controller may collaborate with other professionals, in which case the user’s consent will be required, informing them of the identity of the collaborator and the purpose of the collaboration. This will always be carried out using the strictest security standards.
Content of other websites
The pages of this website may include embedded content (such as videos, images, articles, etc.). The embedded content of other websites behaves exactly the same as if you were visiting said websites.
Legal basis for data processing
The legal basis for processing your data is:
- The consent of the data subject.
Categories of personal data
The categories of personal data processed by the Controller are:
- Identifying details.
- No specially protected data categories are processed.
Storing of personal data
The personal data provided to the Controller will be stored until their deletion is requested.
When browsing the website, non-identifying data may be gathered, which may include IP address, geolocation, a record of how the services and sites are used, browsing habits and other data that cannot be used to identify you.
The website uses the following third-party analysis services:
The Controller uses the information collected to obtain statistical data, analyze trends, manage the site, study browsing patterns and gather demographic information.
The Controller is not responsible for the processing of personal data that takes place on those websites that may be accessible via the various links contained on the website.
Accuracy and veracity of the personal data
You agree that the details provided to the Controller are correct, complete, accurate and current, and to keep them duly updated.
As a user of the website, you are solely responsible for the veracity and correctness of the data entered in the website, and hold the Controller harmless against any liability in this regard.
Acceptance and consent
As a user of the website, you declare that you have been informed of the conditions on the protection of personal data, and you accept and consent to the processing of said data by the Controller in the way and for the purposes specified herein.
These policies will remain in effect until they are modified by other duly published policies.
What personal data we collect and why we collect them
When visitors leave comments on the website, we gather the data shown in the comment form, as well as the visitor’s IP address and the browser user agent string to help identify spam.
If you upload images to the website, you should avoid uploading images that include location data (EXIF GPS). Visitors to the website can download and extract location data from web images.
The information provided via the contact forms is stored on our own mail server for the sole purpose of contacting the user who sent it. The user can request at any time that said data be deleted by writing to: email@example.com
If you leave a comment on our site, you can choose to save your name, email address and website in cookies. This is for your convenience, so you do not have to enter your details again when you leave another comment. These cookies will be stored for one year.
If you have an account and you log into this site, we will install a temporary cookie to determine if your browser accepts cookies. This cookie does not contain personal data and is deleted when the browser is closed.
When you log in, we will also install several cookies to store your login information and screen display options. Login cookies last two days, and the screen option cookies last one year. If you check “Remember me,” your login session will last for two weeks. If you log out of your account, the login cookies will be deleted.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie does not include any personal data and simply indicates the ID of the article you just published. It expires after 1 day.
Embedded content from other websites
The articles of this website may include embedded content (such as videos, images, articles, etc.). The embedded content of other websites behaves exactly the same as if the visitor had visited said websites.
How long we store your data
If you leave a comment, the comment and its metadata are stored indefinitely. This is so we can automatically recognize and approve successive comments instead of keeping them in a moderation queue.
We also store the personal information that the users who are registered on our website (if any) provide in their user profile. All users can view, edit and delete their personal information at any time (except for their username, which cannot be changed). Website administrators can also view and edit this information.
What rights you have involving your data
If you have an account or have left comments on this website, you can request to receive an exported file with the personal data we have on you, including any details you have provided. You can also request that we delete any personal data we have on you. This does not pertain to any information that we are required to keep for administrative, legal or security purposes.
Where we send your data
Visitor comments may be reviewed by an automatic spam detection service.