Who administers this website and what it complies with
The address of this website is: https://www.rachellascar.com
https://www.rachellascar.com complies with the Spanish regulations for the protection of personal data, and guarantees full compliance with the obligations set forth in the Organic Law 15/1999, of December 13th, on the Protection of Personal Data (LOPD), Royal Decree 1720/2007, of December 21st, which approves the Regulations for the development of the LOPD and other regulations in force at all times, and ensures that the correct use and treatment of your personal data as a user is guaranteed. In addition, it has been updated to the newGeneral Data Protection Regulation (GDPR UE 2016/679) that entered into force on May 24th, 2016, applicable with mandatory compliance from May 25th, 2018, taking all necessary measures for it. From now on in this document I will name the General Data Protection Regulation as GDPR.
The amount and type of information I collect depends on the nature of the interaction you have with me on this website, but none of that information collected is considered as sensitive, as you will see later. For example, I ask visitors who want to leave a comment to provide a username and email address. You as a visitor can always refuse to provide personally identifiable information, but you may not be able to leave a comment or request a purchase invoice, for example. All this introduction is explained in detail and clearly in the following paragraphs.
What obligations do I have to save your data
I comply with the principles that are required from the GDPR:
1. Legality, loyalty and transparency in all my actions. I will never transfer, sell or do business with your personal information.
2. Personal data is only used for the specific, legitimate and explicit purpose for which it was collected, as manifested on this page.
3.The personal data collected is adequate, relevant and limited to what is necessary.
4. The personal data that I have, at all times, are accurate and updated.
5.I only keep personal data for a time that is just and necessary for the purpose it has been collected, as explained on this page.
6. Personal data is processed guaranteeing its security, for this I have this service signed and subcontracted with the external company SERED HOSTING S.L, specialized in this purpose, which is in charge of the treatment of the database. To see the data of this company you just have to follow the link. It is a leading Spanish company in the hosting service, whose servers are safe against attacks by brute force, have all accounts protected against malware and offer me the web with the Hiper-Text transfer security protocol (HTTPS). Therefore, I have no inconvenience to show the contract with this company to whoever asks me, if they provide clear evidence that their data is not safe with me. This company is the sole recipient of the personal data I collect.
7. The person in charge of the treatment of the data that I keep is myself as the owner, with my data indicated at the end of this page; therefore I will respond and demonstrate when required by the competent authority, the measures taken and that I am carrying out to comply with the GDPR.
8. In the event of a breach of data security, I will notify the relevant control authorities, without undue delay and within a maximum period of 72 hours, in addition to preparing a full report, complying with all the conditions that are required from the GDPR.
9. I am obliged to transfer personal data in exceptional cases as required by law, and I will do so. Also, and only if you give me permission to do so, I can transfer your personal data to interested third parties, but in this case, as it is not a legal requirement, I will always ask for your consent.
Responsibility for proactivity:
This principle forces me to analyze what data I process, for what purpose I do it and what type of treatment operations I carry out. All of this is fully exposed in this document.
Therefore, I am clear that the measures I have applied are those provided by the GDPR for this case and I am sure that they are adequate to comply with it. In addition, at any time, I can demonstrate it at the request of any interested party and before the supervisory authorities.
What personal data do I collect and why?
Whenever I need any information from your side, I will ask for your express consent, checking a box indicated for this purpose to allow me to save it. In my WEB I do not need to obtain your data from another source that is not you directly, since I do not request data from people from anyone except you as interested. The sources from which I obtain the personal data that I keep in my database are:
When you as a visitor leave comments on the web, I collect the data displayed in the comment form, as well as your IP address and the agent chain of your browser to help detect spam. These collected data have the sole purpose of your identification for security, both yours and mine. I will not give them any other use than indicated and I will keep them as long as you do not remove the consent that you have given me by entering them. These data are stored in the Hosting contracted with SERED HOSTING S.L.
Finally you should know that if you are not yet 14 years old you can not leave comments or personal data on my website, it is prohibited by law, so do not do it. If you do, you will be falsifying your age, assuming the legal repercussions that this may have.
If you upload images to the web you should avoid uploading images with location data (GPS EXIF) included. Web visitors can download and extract any location data from images on the web. But on our WEB, as a general rule, images are not uploaded because we are not going to ask you for them.
If you leave a comment on my website you can choose to save your name, email address and website in cookies. You have done this by accepting the pop-up cookie bar when you first entered the site.
This is for your convenience, so you don’t have to fill in your details again when you leave another comment. These cookies will last for one year.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie does not include personal data and simply indicates the ID of the article you just edited. It expires after 1 day.
At the moment I do not allow users to register but if necessary the conditions will be as follows:
• If you have an account and connect to this site, a temporary cookie will be installed to determine if your browser accepts cookies. This cookie does not contain personal data and is deleted when closing the browser.
• When you log in, various cookies will also be installed to save your login information and screen display options. Login cookies last two days, and display options cookies last one year. If you select «Remember Me», your login will last for two weeks. If you log out of your account, login cookies will be removed.
You can refuse to accept cookies by activating the setting in your browser that allows you to reject cookies. However, if you select this setting, you may not be able to access certain parts of the website or you may not be able to take advantage of any of the services.
Unless you have adjusted your browser settings to reject cookies, the system will produce cookies when you connect to my website.
If you read the Cookies Policy you will understand in detail, how and where these cookies are stored and for how long. You can also manage which cookies you want to be used when you interact in this section of the page.
4. Embedded content of other websites
Articles on this site may include embedded content (for example, videos, images, articles, etc.). The embedded content of other websites behaves in exactly the same way as if you, as a visitor, had visited this other website.
Third party links
On my site there may be links to other web pages managed by third parties, which are obviously not under my control.
If you follow a link and / or provide your personal data or any information to the website of a third party, please note that I am not responsible for the data you have given to that third party.
What rights do you have over your data
You as a user are registered or not, if you have made a comment or simply browsed this website, you have the following rights to your data (which you can exercise at any time), which are explained below each of them. And to be understood, described in a simple and transparent way:
Right to be informed
As a user you have the right to be informed in a concise, transparent and timely manner, as I am doing now. Any request for information from me will be handled with diligence and transparency without any opposition.
Right of access
As a user you should know and obtain when you require it and free of charge, all the information about your personal data that will be processed on my website.
As a user you have the right to object to this website processing your data for any other service than the one I indicated when I asked for your consent. For example, I will not use the data from a comment to send you advertising. If this were the case, firstly, you would be informed and it would only be done in the event of giving your written consent.
Right of Rectification
It consists of the right that you have as a user to correct or modify your personal information data that is erroneous, inaccurate or incomplete.
Right to Suppression (“Right to Forget”)
This is the right that you have as a user to delete, from the database that I own, all the information that you have provided me or any data that you understand to be inappropriate or excessive (this does not include any data that you are obliged to keep for administrative purposes, legal or security, or what is the same my duty of blocking collected in the LOPD y el RGDPR).
As a user you have the right to ask me, free of charge, for all your data that is in my possession, which I will deliver to you in a standard and easily readable format, if you request it, to export or send this file to another company.
Right to limit the treatment of your data
As a user you have the right to limit the treatment of your data, by this website, as a precaution, for example, if you are not sure of the data you gave me and you want to check it. So, in the period of time that you require, I will keep all your information in the database, but I will not make any use of it. Once you have made the relevant checks, you can either keep your data in my database, modifying them if you ask me, or request the total deletion of them, if that is what you prefer.
Right not to be subject to individualized or automated decisions
As a user you have the right not to use the information I have about your data to make a decision that may affect you directly, based solely on it, not even for profiling.
You can exercise your rights at the time you decide simply by sending an email to firstname.lastname@example.org with what you want me to do.
I will reply to your initial registration email so that you can correctly identify yourself with your national identity document or passport. Once this step is done, I will do what you tell me about your personal data immediately.
If you have not been clear about all your rights or simply want to expand the information, you should only consult the legal document Guide for the citizen of the Spanish Agency for Data Protection
If you have exercised any of these rights and I have not answered you within the maximum legal period allowed by the GDPR that is 1 month, or the response you receive has been unsatisfactory, you can file a claim before the Spanish Agency for Data Protection, following the link.
Also, in the hypothetical case, of receiving a request for complex rights or when I have many requests at the same time, I am entitled to a 3-month extension to answer you, but in less than 1 month I will inform you that I need more time to answer you, that’s for sure.
Where do I send your data
Your comments as a visitor may be reviewed by an automatic spam detection service.
In compliance with the Organic Law 15/1999, of December 13th, Protection of Personal Data (‘LOPD’), and the new General Data Protection Regulation (GDPR UE 2016/679) of 24 May 2016, I inform you that your personal data and information that you provide me when completing any electronic form, will be incorporated into a personal data file owned by me.
In this sense, the information and the collection and treatment of your data have the resolution of the queries raised about the content of this website. The fields marked with an asterisk are mandatory, being impossible to carry out the stated purpose if you do not provide these details.
To be able to use the consultation form, it is an essential requirement to check the acceptance box for the use of your data, this implies that you express your consent so that the data provided is incorporated into an automated file owned by me.
Also, I beg you to incorporate in any consultation form (since they are not necessary in any case), data related to your health, racial or ethnic origin, religious or philosophical beliefs, political opinions, union affiliation, sexual life, sexual orientation, genetic data, biometric data or data related to the commission of criminal or administrative offenses. In case of doing it by mistake, please, I ask you to contact me immediately to remove them from the database.
In any case, you can exercise the rights of Access, Opposition, Rectification, Suppression, Portability, Limitation and not to be subject to individualized decisions, provided by Law, writing an email to me as responsible for the file to the address email@example.com, indicating your name and surname, and including as the subject of the email «GDPR Rights”.
How long will I keep your data
If you leave a comment, the comment and its metadata are preserved indefinitely. This is so you can automatically recognize and approve successive comments instead of keeping them in a moderation queue.
If this is the case, and as a user you register on my website, I will also store the personal information you provide in your user profile. As a user you can view, edit or delete your personal information at any time (except that you cannot change your username). Administrators of the web, if at any time there is someone other than me, can also view and edit that information.