PRIVACY POLICY
Who is responsible for data processing?
Data Controller: BODEGAS CRIADORES DE RIOJA, S.L. with registered address at Ctra. Clavijo s/n, 26141 Alberite (La Rioja), CIF B26260646, Phone: +34 941436304, email: protecciondatos@criadoresderioja.com. We inform you that the personal data you provide us through this website will be processed in accordance with the current regulations on the protection of personal data in Spain.
At the time of data collection, the voluntary or mandatory nature of the data to be collected will be indicated. Refusal to provide data classified as mandatory will result in the non-provision or impossibility of accessing the services for which they were requested. Likewise, voluntary data may be provided in order to optimize the services or products offered.
The user’s provided data must be accurate and truthful regarding the current situation of the data subject. The user entering the data is solely responsible for the accuracy of the information provided on our website.
What do we use the personal data you provide us for?
The main purposes of processing your personal data are as follows:
We process the data you provide us through our website to contact you and respond to your request (information sent to interested parties will not be considered commercial communication, as long as it aims to maintain the existing relationship between the user and our organization).
When you request a product or service, we will process the personal data you provide us for the provision of the requested product or service and for its administrative and accounting management.
If you authorize us, we will process your contact data to send you information of interest about our products and services, as well as about events we organize, for which we may use any means, including electronic media.
What is the legal basis for the processing of personal data?
Article 6.1.b) GDPR: the execution of pre-contractual measures to respond to your request. Article 6.1.b) GDPR: the execution of a contract to manage the products and services you have, request, or contract with us. Article 6.1.a) GDPR: consent to inform you about our products, services, and events we organize.
How long will we keep the personal data?
The provided data will be kept for the time necessary to respond to your request and manage the products and services you have requested or contracted with us, without prejudice to your right to request the deletion of your personal data, which will result in the blocking of the data for the duration of our legal obligations, or until you revoke your authorization to receive information about our products, services, and events.
We may retain your data, once all relationship with the user has ended, to comply with our legal obligations.
We will not disclose your personal data to third parties unless required by law or unless you have previously authorized us to do so.
Automated decision-making or profiling is not planned.
Who are our data processors?
In order to provide you with adequate service, we have hired the following categories of data processors who will process your data on behalf of the data controller: accounting and tax consulting services, labor consulting services, audit and consulting services, physical security services, legal activities services, security and cybersecurity services, hosting services, and restoration services. Place of service provision: European Union.
What are your rights?
You have the right to obtain information about whether we are processing your personal data (right of access), to request the rectification of inaccurate data (right of rectification), or the deletion of data when they are no longer necessary for the execution of the contract (right of erasure), to limit, under certain circumstances, their processing (right to restriction of processing), to receive the personal data concerning you that you have provided and to request that we send them to another data controller of your choice, in a structured, commonly used, and machine-readable format (right to data portability), as well as to withdraw your consent to receive information of interest by any means at any time (right to object).
You can exercise your rights by contacting the data controller by postal or electronic means, in accordance with the provisions of Articles 15 to 22 of the GDPR 2016/679. To exercise your rights, please include a copy of your ID card or equivalent document proving your identity with your request.
If you believe that the processing of your data violates the applicable personal data protection regulations, you can file a complaint with the competent Control Authority.
Availability of the Data Protection Policy
We will provide users with the appropriate technical resources so that, prior to providing personal data, they can access this Data Protection Policy or any other relevant information and give their consent so that we can proceed with the processing of their personal data.
Currency and modification of information
The information appearing on this website is current as of the date of its last update. We reserve the right to make, at any time, any changes and modifications we deem appropriate, especially to comply with any regulatory changes regarding the protection of data in the European Union and Spain, and we may exercise this right at any time without prior notice.