USER INFORMATION

Who is the controller of your personal data? Grey Heron is the CONTROLLER of the USER’s personal data processing and informs you that this data will be processed in accordance with the provisions of Regulation (EU) 2016/679 of 27 April (GDPR) and Organic Law 3/2018 of 5 December (LOPDGDD).  

For what purpose do we process your personal data? To maintain a commercial relationship with the user. The planned processing operations are:

• Sending commercial advertising communications by e-mail, fax, SMS, MMS, social networks or any other electronic or physical means, present or future, that enable commercial communications. These communications will be carried out by the CONTROLLER and will be related to its products and services, or those of its collaborators or suppliers with whom it has reached a promotional agreement. In this case, third parties will never have access to personal data.  
• Carrying out market studies and statistical analyses.
• Processing orders, requests, responding to queries or any type of request made by the USER through any of the contact forms available on the CONTROLLER’s website.  
• Sending the online newsletter about news, offers and promotions regarding our activity.  

On what legal basis can we process your personal data? Because the processing is legitimised by Article 6 of the GDPR as follows:

• With the USER’s consent: sending commercial communications and the newsletter.  
• For the legitimate interest of the CONTROLLER: carrying out market studies, statistical analyses, etc., and processing orders, requests, etc., at the USER’s request.  

How long will we keep your personal data? They will be kept for no longer than necessary to maintain the purpose of the processing or as long as there are legal requirements dictating their custody. When they are no longer necessary for this purpose, they will be deleted with appropriate security measures to ensure the anonymisation or total destruction of the data.  

To whom do we provide your personal data? No communication of personal data to third parties is foreseen, except, if necessary for the development and execution of the purposes of the processing, to our service providers related to communications, with whom the CONTROLLER has signed the confidentiality and data processor agreements required by current privacy regulations.  

What are your rights? The rights assisting the USER are:

• Right to withdraw consent at any time.
• Right of access, rectification, portability and erasure of your data, and the right to limit or object to its processing.  
• Right to lodge a complaint with the supervisory authority (www.aepd.es) if you consider that the processing does not comply with current regulations.  

Contact details to exercise your rights: Grey Heron Paseo de la Castellana 200, 28046 Madrid. E-mail: info@greyheron.es 

MANDATORY OR OPTIONAL NATURE OF THE INFORMATION PROVIDED BY THE USER

USERS, by checking the corresponding boxes and entering data in the fields marked with an asterisk (*) in the contact form or presented in download forms, expressly and freely and unequivocally accept that their data are necessary to fulfill their request by the provider, with the inclusion of data in the remaining fields being voluntary. The USER guarantees that the personal data provided to the CONTROLLER are truthful and is responsible for communicating any changes to them.  

The CONTROLLER informs that all data requested through the website are mandatory, as they are necessary for the provision of an optimal service to the USER. If all data are not provided, there is no guarantee that the information and services provided will be completely tailored to your needs.  

SECURITY MEASURES

That in accordance with the provisions of current regulations on personal data protection, the CONTROLLER is complying with all the provisions of the GDPR and LOPDGDD regulations for the processing of personal data under its responsibility, and manifestly with the principles described in Article 5 of the GDPR, whereby they are processed lawfully, fairly and transparently in relation to the data subject and are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.  

The CONTROLLER guarantees that it has implemented appropriate technical and organisational policies to apply the security measures established by the GDPR and the LOPDGDD in order to protect the rights and freedoms of USERS and has communicated the appropriate information to them so that they can exercise these rights.  

For more information about privacy guarantees, you can contact the CONTROLLER via E-mail: info@greyheron.es