PRIVACY POLICY AND DATA PROTECTION

Basic Information on Data Protection

Controller
COMMUNITY OF OPERATION THE DUKE UNO

Purpose
To respond to your request for information, execution of the service provision contract, and sending commercial communications with your consent.

Legal Basis
Execution of contract and consent of the data subject (Art. 6.1 a) and b) GDPR).

Recipients
No data will be transferred to third parties, except under legal obligation.

Rights
You have the right to access, rectify, and delete data, as well as other rights indicated in the additional information, which you can exercise by contacting AVD. BRUSELAS Nº 17, 38660 ADEJE SANTA CRUZ DE TENERIFE SPAIN.

General

In accordance with the European Data Protection Regulation EU 2016/679, of April 27, of the Parliament and the Council, Law 3/2018, of December 5, on Data Protection and Guarantee of Digital Rights, and other applicable national regulations, COMMUNITY OF OPERATION THE DUKE UNO informs you that it fully complies with current legislation on personal data protection and the confidentiality commitments inherent to its activity.

COMMUNITY OF OPERATION THE DUKE UNO informs you of the existence of an information processing system, owned by COMMUNITY OF OPERATION THE DUKE UNO, for management, communication, and information purposes. This system is described in the corresponding Register of Processing Activities (RPA).

Security Measures and Levels

COMMUNITY OF OPERATION THE DUKE UNO has adopted the necessary measures to ensure information security, as required by Article 32 of the GDPR, based on the nature of the personal data processed and the circumstances of the processing.

The objective of these measures is to prevent, as much as possible and always in accordance with the state of the art, the alteration, loss, processing, or unauthorized access to personal data, thereby ensuring their confidentiality, integrity, and availability.

Scope of Application

The security measures described in the Register of Processing Activities will be applied to all assets of the information processing system where personal data is processed, to comply with current data protection legislation.

All personnel hired by COMMUNITY OF OPERATION THE DUKE UNO and its Data Processors are obliged to comply with the aforementioned regulations, with special attention to their functions and obligations, including the duty of secrecy, which will be duly determined by COMMUNITY OF OPERATION THE DUKE UNO.

International Data Transfer

COMMUNITY OF OPERATION THE DUKE UNO has its servers located in relation to the personal data it owns and processes through this website. Such data is subject to the adequacy agreement with the EU, ensuring the free flow of personal data between both parties, in compliance with Article 45 of the GDPR.

Additionally, the servers hosting the COMMUNITY OF OPERATION THE DUKE UNO website comply with the appropriate safeguards contemplated by Article 46 of the GDPR.

Data Collection

Acceptance of these conditions requires the user to provide essential data for service provision, which will be requested personally through forms or the website. At the time of data collection, the user will be duly informed of their rights.

To ensure that the information in our processing system is always up to date and free of errors, we ask our clients and users to promptly inform us of any modifications and corrections to their personal data.

Exercise of Rights

To exercise rights of access, challenge, rectification, cancellation, deletion, opposition, portability, or limitation of processing, you must contact COMMUNITY OF OPERATION THE DUKE UNO at AVD. BRUSELAS N* 17, 38660 ADEJE SANTA CRUZ DE TENERIFE, SPAIN, via written communication or email at rosahernand77@hotmail.es.

You may also file a complaint with the AEPD.

Consent

The user gives their consent for COMMUNITY OF OPERATION THE DUKE UNO to use their personal data to properly provide the contracted services.

Filling out the form on the website or sending emails or other communications to COMMUNITY OF OPERATION THE DUKE UNO implies the user’s express consent to include their personal data in the referenced processing system owned by COMMUNITY OF OPERATION THE DUKE UNO.

At the time of requesting this information, the client or user will be informed of:

  • The recipient of the information,
  • The purpose for which the data is collected,
  • The identity and address of COMMUNITY OF OPERATION THE DUKE UNO,
  • And the user’s ability to exercise their rights of access, challenge, rectification, cancellation, deletion, opposition, portability, limitation of processing, and to file a complaint with the AEPD.

Data Sharing with Third Parties

COMMUNITY OF OPERATION THE DUKE UNO does not share personal data without the express consent of its owners, which must be granted on each occasion. Data will only be shared for the stated purpose and always with the consent of the user or client.

Confidentiality and Professional Secrecy

All data collected in private communications between COMMUNITY OF OPERATION THE DUKE UNO and clients or users will be treated with absolute confidentiality. COMMUNITY OF OPERATION THE DUKE UNO commits to the duty of secrecy regarding personal data, its safeguarding, and the adoption of all necessary measures to prevent its alteration, loss, processing, or unauthorized access, in accordance with current regulations.

Additionally, any information exchanged between parties, which they agree to be confidential or relates to the content of such information, will also be treated as confidential. The display of data via the internet does not imply direct access to them unless expressly authorized by their owner.

We recommend that clients do not disclose their identification, password, or reference numbers provided by COMMUNITY OF OPERATION THE DUKE UNO to third parties. Furthermore, to ensure the protection of professional secrecy between COMMUNITY OF OPERATION THE DUKE UNO and the client, the client/user should not disclose confidential information to third parties.

Changes to Security and Data Protection Policy

COMMUNITY OF OPERATION THE DUKE UNO reserves the right to modify its security and data protection policy to adapt it to legislative or jurisprudential changes, as well as those that may arise from existing codes of conduct in the field or corporate strategic decisions, effective from the date of publication of such modification on the COMMUNITY OF OPERATION THE DUKE UNO website.

Contact Information

The website http://thedukeshop.com/ is managed by COMMUNITY OF OPERATION THE DUKE UNO, registered in the Commercial Register with CIF E76785310.

The created information processing system is located at the registered office, which is established for the purposes of this Legal Notice at COMMUNITY OF OPERATION THE DUKE UNO, AVD. BRUSELAS N* 17, 38660 ADEJE SANTA CRUZ DE TENERIFE SPAIN. This system is supervised and controlled by COMMUNITY OF OPERATION THE DUKE UNO, which assumes responsibility for adopting technical and organizational security measures to protect the confidentiality and integrity of information, in accordance with the European Data Protection Regulation EU 2016/679, of April 27, of the Parliament and the Council; Organic Law 3/2018, of December 5, on Data Protection and Guarantee of Digital Rights, other applicable national regulations, and relevant legislation.

Under Law 34/2002, on Information Society Services and Electronic Commerce, COMMUNITY OF OPERATION THE DUKE UNO informs users that this law broadly includes the provision of information through such means. In any case, the European Data Protection Regulation EU 2016/679, of April 27, the Organic Law 3/2018, of December 5, and other applicable regulations will apply, particularly regarding the collection of personal data, informing data subjects, and the creation and maintenance of personal data processing.