Privacy issues

In compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 (GDPR), and Organic Law 3/2018 of December 5, on the Protection of Personal Data and the Guarantee of Digital Rights (LOPDGDD), we provide you with the following information regarding the processing of your personal data:

Who is responsible for the processing of your data?

Identity:  Hidrosfera Sub XXI SL

NIF: B17701343

Address: Port Marina Palamós: Local 7 C/Salvador Albert i Pey S/N. 17230, Palamós, Girona (SPAIN)

Tel.: 609 866 648

Email: info@hidrosferasub.com

What is the purpose of processing your personal data?

• We process the information provided to manage our IT services.
• If you contact us to make an inquiry, we will process it in order to respond.
• If you give us your consent, we may also process your data to send you information about our activities, products, or services.

How long will we retain your data?

• The personal data provided will be retained as long as you are a user of our services or wish to receive information, as you can object to the processing of your data for promotional purposes at any time. After that, it will be retained for the periods established to comply with our legal obligations, which, in the case of accounting and tax documentation for commercial purposes, will be 6 years, in accordance with Article 30 of the Commercial Code, and for tax purposes, it will be 4 years, in accordance with Articles 66 to 70 of the General Tax Law.

What is the legal basis for processing your data?

The legal basis for processing your data is the execution of the service contract and the consent you provide.

Regarding information sent by individuals under the age of 14, it is a requirement that it be provided with the parental, guardian, or legal representative’s consent for the personal data to be processed. If this is not the case, the legal representative of the minor must inform us as soon as they become aware.

To which recipients will your data be disclosed?

The data will not be disclosed to third parties, unless required by law or necessary to fulfill the purpose of the processing.

What are your rights when you provide us with your data?

• Anyone has the right to obtain confirmation as to whether or not we are processing their personal data.
• Data subjects have the right to access their personal data, as well as to request the rectification of inaccurate data or, where applicable, request its deletion when, among other reasons, the data is no longer necessary for the purposes for which it was collected.
• In certain circumstances, data subjects may request the restriction of the processing of their data, in which case we will only retain it for the exercise or defense of claims.
• Also, in certain circumstances and for reasons related to their particular situation, data subjects may object to the processing of their data. In this case, we will cease processing it, unless there are overriding legitimate grounds or for the exercise or defense of potential claims.
• Data subjects will also have the right to data portability.
• Any data subject has the right not to be subject to a decision based solely on automated processing, including profiling, that produces legal effects concerning them or similarly significantly affects them.
• Finally, data subjects have the right to lodge a complaint with the competent supervisory authority.

How can you exercise your rights? 

By sending us a written request along with a copy of a document that identifies you, to our physical or electronic address.

How have we obtained your data?

The personal data we process comes from the data subject themselves, who guarantees that the personal data provided is accurate and is responsible for notifying any changes to it. The data marked with an asterisk are mandatory in order to provide the requested service.

What data do we process?

The categories of data we may process are:

• Identifying data
• Postal or electronic addresses.
• Data of legal representatives of legal entities.

The data is limited, as we only process the data necessary for the provision of our services and the management of our activities.

Do we make international data transfers

In the provision of our services, we rely on auxiliary companies that process data on our behalf outside the European Union. These international data transfers are covered by the standard contractual clauses for data protection adopted by the European Commission, in accordance with the examination procedure referred to in Article 93, paragraph 2 of the GDPR.

Do we use cookies?

We use cookies during browsing on our website with the user’s consent.

The user can configure their browser to notify them of the use of cookies and to prevent their use. Please visit our cookie policy.

What security measures do we apply?

We apply the security measures established in Article 32 of the GDPR, therefore we have adopted the necessary security measures to ensure an adequate level of security relative to the risk of the data processing we perform, with mechanisms that allow us to ensure the confidentiality, integrity, availability, and permanent resilience of the processing systems and services.

Some of these measures are:

• Information on data processing policies to staff.
• Performing regular backups.
• Data access control.
• Regular verification, evaluation, and assessment processes.

How do we process data on behalf of third parties?

When providing our services, if we need to process personal data for which other entities are the controllers, we will do so as data processors, in accordance with the provisions of Article 28 of the GDPR. These personal data processing activities will be governed by the corresponding data processing agreement