Privacy Policy
1-3-24 as data controller and owner of this website, in compliance with the information duty established by the applicable laws to the company and EU Regulation 2016/679, General Data Protection Regulation (GDPR), we make this privacy policy available to inform you about how we process and protect your privacy and the data you provide us
In this notice we explain what your rights are and how to exercise them in regards to your personal information. Additionally, in the event you should require to contact the Data Protection Authority in charge, we provide you with the details.
‘Us’ as Data Controllers of the processing of your personal information |
Identity: ………………….. Tax. No.: …………………… Address: …………………… Phone No.: …………………… E-mail:
|
|
|
Our Data Protection Officer (DPO) |
If you have any queries or comments related to how we process your personal information, please contact our Data Protection Officer at xavi@aurisadvocats.com
|
What Kind of Information About You We May Collect?
The personal data that we collect from our users and customers can be grouped according to the following categories:
– Basic and contact data: such as name, surname, username or similar identifier, marital status, degree, date of birth or gender. This category also may include your billing and delivery address, email and phone number.
– Financial and economic data: this category includes payment, return and reimbursement details as well as the commercial transactions you completed with us. This may include data to verify your identity for payment acceptance purposes to be able to perform commercial transactions with you.
– Professional and employment data: this category includes your professional interests and your professional identity that is public and online. For example, your LinkedIn profile.
– Technical data: including IP address, registration data, browser and version used, zone and time usage, type of plugins installed in your browser, operating system and other technology used during navigation through our platform.
– User account data: such as your profile name and password, history of subscriptions/purchases, interests, preferences, suggestions sent by you or any type of survey that you have responded to us.
– Browsing data: includes information regarding the way your brows when visiting our platform.
– Marketing and communication preferences: we collect your preferences in regards to accepting our commercial updates, information and Newsletters. We gather all your granted consents and your chosen communication preferences.
– Images captured by surveillance cameras: footage that we may capture through our security video surveillance systems in our shops or premises.
How Do We Collect Your Personal Information?
Generally, you provide most of the personal information we collect directly. Either personally at our stores or by telephone, mail, web forms or by responding to our surveys. However, we may also collect personal information from:
– Publicly accessible sources, such as commercial or property registries.
– From third parties linked to us, such as:
– A company of our group
– Credit reference agencies
– From your employer
– From a third party that has previously obtained your consent to do so, such as your bank.
– From the cookies that we enable on our website – For more information on how we use cookies, please visit our Cookie Policy.
– From our systems to access our premises, if there are any. Such as, for example, entry and reception registers, security surveillance cameras, communication systems and instant messaging, email or social networks.
What Happens If You Don’t Provide Us with Your Personal Information?
If you decide to not provide us with certain information when requested, we may not be able to perform the contract we have entered into with you. Whenever required by law to collect your personal data or, whenever colleting personal data becomes mandatory. In the event that we need to cancel your order because of this, we will notify you first when necessary.
Using Your Personal Data: Purposes & Situations
We attach below a detailed table with all the possible purposes for which we may collect your data and an explanation of the legal grounds to do so.
Purpose/Activity |
Lawful basis for processing including basis of legitimate interest |
To register you as a new customer |
Performance of a contract with you |
To provide products and to process and deliver your order including to: manage payments, fees and charges collect and recover money owed to us
|
performance of a contract with you necessary for our legitimate interests (to recover debts due to us) |
To manage our relationship with you which will include: notifying you about changes to our terms or privacy policy asking you to leave a review or take a survey |
performance of a contract with you necessary to comply with a legal obligation necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services) |
To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) |
necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise) necessary to comply with a legal obligation |
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences |
Necessary for our legitimate interests (to define types of customers for our products/services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy) |
To make suggestions and recommendations about products or services that may be of interest to you |
Necessary for our legitimate interests (to develop our products/services and grow our business) |
Preventing unauthorised access and modifications to systems |
For our legitimate interests or those of a third party, i.e. to prevent and detect criminal activity that could be damaging for us and for you To comply with our legal and regulatory obligations |
Updating and enhancing customer records |
For the performance of our contract with you or to take steps at your request before entering into a contract To comply with our legal and regulatory obligations For our legitimate interests or those of a third party, e.g. making sure that we can keep in touch with our customers about existing orders and new products |
Ensuring safe working practices, staff administration and assessments |
To comply with our legal and regulatory obligations For our legitimate interests or those of a third party, e.g. to make sure we are following our own internal procedures and working efficiently so we can deliver the best service to you |
Provide greater security to our facilities (installation of CCTV cameras / video surveillance, access control) |
For our legitimate interests or those of a third party, e.g. to prevent harm over our employees and clients |
Register as an attendee to congresses of different medical societies |
Express consent of the interested party For the performance of our contract with you |
To present papers, abstracts |
Legitimate interest For the performance of our contract with you |
With Whom Might We Share Your Personal Data?
We may share your personal information:
– With the companies of our group
– Third-party companies that we subcontract or service providers that we contract in order to be able to provide our services.
– Third parties we need to manage our business. For example, advertising agencies, lawyers, mutual societies, etc.
– Insurance companies, brokers
– The banking entities with which we work.
All suppliers we work with are contractually bound to us. We can guarantee that they comply with all the necessary security measures to safeguard your personal information, that they will use your personal data solely and exclusively for the specified purposes, in accordance with our instructions and always in full compliance with international GDPR standards.
We will also share personal information with law enforcement agencies when required to do so by law.
Badge scanning
If you authorize your badge scanned by an exhibitor/sponsor at CSRS 2022 in its own booth, you thereby agree that your personal data (consisting of title, name, contact data, address data & organization/institute), collected by Torres Pardo, may be forwarded (via a contracted service provider) to the selected exhibitor/sponsor, and the respective company may contact you directly for its own purpose only related to the Specialty / Topic of the event.
If you authorize your badge scanned by an exhibitor/sponsor at CSRS 2022 when attending a sponsored session (symposia, workshop, etc) you thereby agree that your personal data (consisting of title, name, contact data, address data & organization/institute), collected by Torres Pardo, may be forwarded (via a contracted service provider) to the selected exhibitor/sponsor, and the respective company may contact you directly only to send information related to the product or technique presented in the session.
Where Do We Store Your Personal Information?
All the information you provide us, both through this website and by other means or channels, will be hosted in Amazon’s Cloud Web Service. These servers are hosted within the European Economic Area.
International Transfer of Personal Information
In order to be able to provide the service, we will sometimes need to transfer your data outside the European Economic Area (EEA). For example:
– To communicate with you or our suppliers when you are outside the EU;
– When there is an international dimension in the products/services that we provide you.
International data transfers are subject to special rules governed by the principles of data protection laws. This means that we can only transfer your data to countries or international organizations outside the EU, when:
– The receiving country is considered safe by the competent authority in terms of the level of protection applied to personal data.
– All the pertinent measures have been taken to guarantee the safeguarding of security and the correct development of your legal rights, as well as the possibility of filing claims.
– There is an applicable exception according to data protection law.
For How Long Will We Keep Your Personal Information?
Your personal data will be kept throughout the duration of our contract or commercial relationship, unless stated otherwise by the exercise of the right to access, rectification, erasure, restriction, portability or to withdraw consent. Nevertheless, we will keep specific personal data during the maximum 2-year term by legal imposition to respond to the Authority when required for legal prosecution purposes regarding unlawful web usage.
Hereby we inform you that our conservation policies meet the legal terms regarding conservation:
a) General rule
In virtue of what is stated in art. 30 of the Commerce Code, all business data will be kept during 6 years.
This affects all accounting, tax, labour or commercial documentation, including mail.
b) Specific terms
Our company must also set minimum deadlines in regards to the type of data and considering the different prescription periods, which each department must know.
This table lists the prescription periods that affect or may affect our organization:
Subject |
Period? |
Rule |
Labour infringements |
3 years |
Art. 4.1 RD 5/2000 |
Social security regarding infringements |
4 years |
Art. 4.2 RD 5/2000 |
Prevention of occupational hazards for the purposes of infractions |
5 years |
Art. 4.3 RD 5/2000 |
Fiscal for the purpose of tax debts |
4 years |
Art. 66 Ley 58/2003 |
Tax for the purposes of checks on compensated fees or applied deductions |
10 years |
Art. 66 bis Ley 58/2003 |
Accounting and commercial |
6 years |
Art. 30 del CC |
Crimes against Public Finance and Social Security |
10 years |
Art. 131 LO 10/1995 |
Our Communications
Any communication sent will be incorporated into our Information Systems. By accepting these conditions, terms, and policies, you are expressly consenting TORRES PARDO to carry out the following activities and/or actions, unless stated otherwise:
- The sending of commercial and/or promotional communications by any means enabled informing the Users of the activities, services, promotions, advertising, news, offers, and other information about the services and products related to the activity.
- In the event that the User has expressly consented to the sending of commercial communications electronically by subscribing the NEWSLETTER, the sending of such communications by electronic means informing the Users of the activities, services, promotions, advertising, news, offers, and other information about the services and products of TORRES PARDO equal or similar to those that were originally the aim of the contract or interest by the User.
- The storage of personal data during the periods provided in the applicable provisions.
How to Stop Receiving Marketing Communications (Opting-Out)?
At any time, users may revoke any previous express consent given us in regards to the sending of commercial information. To do this, please request to unsubscribe using the option (opt-out) whenever enabled on our app/web, or by writing us an email with the subject “unsubscribe” to
In accordance with the LSSICE, we never carry out SPAM, therefore, we will not send you commercial emails if they have not been requested or authorized by you. However, in all our communications, you will have the possibility to revoke your consent.
We will not treat your personal data for any other purpose than those described except by legal obligation or judicial requirement.
User’s Declaration of Veracity
By providing us with your personal information through electronic channels, User’s declare that they are over 14 years of age and that all data provided to us is truthful, accurate, complete and updated. For these purposes, User’s confirm that they are responsible for the veracity of the all communicated information and that will keep such information conveniently updated so it responds to the reality. User’s will be made liable for any false or inaccurate data unlawfully provided, as well as for any harm and damages that may arise from this situation.
If You Send Us Your Resume
In the event that you wish to send us your CV through email, we inform you that the data provided will be processed to make you a candidate in the selection processes that may exist, carrying out an analysis of your professional profile with the goal to select the most suitable candidate.
We don’t accept resumes sent through other channels (for example, hand-delivered on paper). In the event of any change in your personal data, please notify us in writing as soon as possible, in order to keep your data duly updated.
The CV will be kept for a maximum period of one year, after it will be securely destroyed and all the data included will be deleted. We guarantee full respect for confidentiality. In this sense, after the aforementioned period, if you wish to continue participating in our recruitment processes you must send your resume again.
The data may be processed and/or transferred to the companies that are members of our group during the time your CV is kept and for the same purposes previously reported.
How do We Keep Your Information Safe?
We take the protection of your data very seriously. For this reason, we guarantee the implementation of appropriate security measures, controls and procedures of a physical, organizational and technological nature to prevent your information from being accidentally lost, used or maliciously accessed.
We limit access to your data to authorized entities & personnel. To do so and we make sure to properly train all our staff. All those involved in the processing of your personal data are subject to the duty of confidentiality.
Additionally, we apply technical procedures to immediately react to a data security breach incident or suspicion. If necessary, we will notify you of it as well as the control authority (the AEPD in Spain), in accordance with current regulations.
How to Exercise Your Rights
You may request to exercise the following rights at any time by contacting us by email to rgpd@torrespardo.com or in writing to the postal address located in the letterhead. Please attach valid Id (like passport or driving license).
These are your rights related to your personal data:
Right to access |
?Allows the interested party to acknowledge and obtain information about their personal data submitted to processing. |
Right to rectification or deletion |
It allows to correct errors and modify the data that proves to be inaccurate or incomplete. |
Right to erasure |
Allows data that turns out to be inadequate or excessive to be deleted. |
Right to withdraw consent |
The right of the interested party to not carry out the processing of their personal data or to cease it. |
Restriction of personal data processing |
Involves the marking of personal kept data, with the purpose of limiting its’ future processing. |
Portability of data |
Facilitation of the data subject to processing to the interested party, so that he or she can transmit it to another person in charge, without impediments. |
The right not to be subject to automated individual decisions (including the elaboration of profiles) |
the right not to be the subject of a decision based on automated processing that produces effects or significantly affects the User. |
You may also contact our Data Protection Officer directly:
Please attach to your request, exact information of what right you wish to exercise and, in all cases, send ID proof that is legally valid.
The Supervisory Data Protection Authority
We hope to be able to resolve any concerns that may trouble you in regards to your personal information. You also have the right to submit a complaint to the supervisory authority if you believe that your rights may have been violated in relation to the protection of your personal data. In Spain, the authority is the Agencia Española de Protección de Datos.
In Spain, the highest authority in terms of data protection is the Spanish Data Protection Agency (AEPD).
http://www.aepd.es – Tel: 91 266 35 17.
Updates & Changes in our Privacy Policy
We may change or upgrade our Privacy Policy at any time to maintain it compliant with rules in force. Please check regularly.