Xavi Capdevila, SL is committed to protecting the privacy of users who access this website and/or any of its services. The use of the website and/or any of the services offered by Xavi Capdevila, SL implies the user’s acceptance of the provisions contained in this Privacy Policy and that their personal data will be processed in accordance with it. Please note that although there may be links from our website to other websites, this Privacy Policy does not apply to the websites of other companies or organizations to which this site may redirect. Xavi Capdevila, SL does not control the content of third-party websites and assumes no responsibility for the content or privacy policies of those websites.
Information about data processing (Regulation (EU) 2016/679 and Organic Law 3/2018)
| Data Controller |
Identity: Xavi Capdevila, SL
NIF: B09971466
Address: Av. de Rhode, 291, Local 5, 17480 Roses, Girona
Phone: 609 42 47 11
Email: info@xavicapdevila.com |
| Purpose of processing |
To offer and manage our IT services. |
| Legal basis |
In general, the legal basis for data processing is the consent of the data subject or the execution of a service contract. |
| Recipients |
The data will not be shared with third parties unless required by law or necessary to fulfill the purpose of the processing. |
| Data subjects’ rights |
Data subjects have the right to exercise the rights of access, rectification, restriction of processing, erasure, portability, and objection by sending their request to our address. |
| Data retention period |
As long as the commercial relationship is maintained or for the years necessary to comply with legal obligations. |
| Complaints |
Data subjects may contact the AEPD to file any complaint they consider appropriate. |
| Additional information |
You can consult additional and detailed information below under “Privacy Questions.” |
Privacy Questions
In compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR) and Organic Law 3/2018 of 5 December on the Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD), we provide the following information regarding the processing of your personal data:
Who is responsible for your data?
Identity:
Xavi Capdevila, SL
NIF: B09971466
Address: Av. de Rhode, 291, Local 5, 17480 Roses, Girona
Phone: 609 42 47 11
Email: info@xavicapdevila.com
Why do we process your personal data?
- We process the information you provide to manage our IT services.
- If you contact us with an inquiry, we will process your data to respond to you.
- If you give us your consent, we may also process your data to send you information about our activities, products, or services.
How long will we keep your data?
- Personal data provided will be kept as long as you remain a user of our services or wish to receive information. You can object to promotional processing at any time. Afterward, data will be kept for the periods required to comply with legal obligations: for accounting and commercial purposes, 6 years in accordance with Article 30 of the Commercial Code; for tax purposes, 4 years as per Articles 66 to 70 of the General Tax Law.
What is the legal basis for processing your data?
The legal basis is the execution of the service contract and your consent.
For any information sent by minors under 14 years old, it is essential that it is done with the consent of a parent, guardian, or legal representative. Otherwise, the legal representative must inform us as soon as they become aware.
Who will receive your data?
Data will not be shared with third parties unless required by law or necessary to fulfill the processing purpose.
What are your rights when you provide us your data?
- Anyone has the right to confirm whether we are processing their personal data.
- Data subjects have the right to access their personal data, request correction of inaccurate data, or request deletion when the data is no longer necessary for the purposes for which it was collected.
- In certain circumstances, data subjects may request restriction of processing. In that case, we will keep the data only for the exercise or defense of legal claims.
- In certain circumstances and for reasons related to their particular situation, data subjects may object to processing. We will stop processing the data unless there are compelling legitimate grounds or for the establishment or defense of legal claims.
- Data subjects also have the right to data portability.
- Any person has the right not to be subject to a decision based solely on automated processing, including profiling, that produces legal effects or significantly affects them.
- Lastly, data subjects have the right to lodge a complaint with the appropriate Supervisory Authority.
How can you exercise your rights?
By sending us a written request along with a copy of a document that identifies you, to our physical or electronic address.
How did we obtain your data?
The personal data we process is provided by the data subject, who guarantees the accuracy of the information and is responsible for informing us of any changes. Fields marked with an asterisk are required to provide the requested service.
What data do we process?
We may process the following categories of data:
- Identification data
- Postal or email addresses
- Data of legal representatives of legal entities
The data is limited to what is necessary to provide our services and manage our business activity.
Do we make international data transfers?
In providing our services, we use third-party companies that process data on our behalf outside the European Union. These international data transfers are based on the standard contractual clauses adopted by the European Commission, in accordance with the procedure referred to in Article 93(2) of the GDPR.
Do we use cookies?
We use cookies during browsing on our website with the user’s consent.
The user can configure their browser to be notified of the use of cookies and to block them. Please refer to our cookie policy.
What security measures do we apply?
We apply the security measures established in Article 32 of the GDPR. Therefore, we have adopted the necessary measures to ensure a level of security appropriate to the risk, with mechanisms that guarantee confidentiality, integrity, availability, and resilience of the systems and services.
Some of these measures include:
- Informing staff of data processing policies.
- Regular backups.
- Access control to data.
- Regular verification, evaluation, and assessment procedures.
How do we process data on behalf of third parties?
When we process personal data on behalf of other entities as part of our services, we act as data processors in accordance with Article 28 of the GDPR. These data processing activities will be regulated in the corresponding data processing agreement.
