Enrique González Sardinero, who is the titleholder of the portal https://www.egsardinero.es (hereinafter: the “portal”) hereby informs users of the portal that he is the data controller for processing that is carried out using this portal, unless otherwise indicated in the corresponding processing.
Enrique González Sardinero complies with current legislation in respect of the protection of personal data, user privacy, and the secrecy and security of personal data, pursuant to the provisions of applicable legislation in matters of data protection, specifically Regulation (EU) 2016 / 679 of the European Parliament and of the council of 27 April 2016. To that end, he adopts the technical and organisational means necessary to avoid the loss, misuse, alteration, unauthorised access, and theft of personal data provided, taking into consideration the state of technology, the nature of the data, and the risks to which the data are exposed.
Specifically, portal users are hereby informed that their personal data can only be obtained for processing when they are adequate, relevant, and not excessive in relation to the scope and the particular, explicit, and legitimate purposes for which they have been obtained.
When personal data are collected through the portal, users are first given clear and unambiguous information on the following points:
- personal data will be processed;
- the identity and contact details of the data controller of the personal data obtained;
- the contact details of the Data-Protection Officer, where appropriate;
- the purposes for which the personal data are processed, and the legal basis for processing;
- the recipients or categories of recipients of personal data, where appropriate;
- where appropriate, the data controller’s intention to transfer personal data to a third country;
- the period or criteria for information storage;
- the existence of the right to ask the data controller for access to personal data relating to the data subject, the rectification or elimination of that data, the limitation on processing that data, the portability of that data, or the right to object; similarly, the way in which the aforesaid rights are exercised;
- when processing is based on the consent of the data subject, the existence of the right to withdraw consent at any time, without that withdrawal of consent affecting the lawfulness of consent-based processing carried out before withdrawal of consent; if processing is not based on consent, the data subject’s right to object against processing;
- the right to lodge a complaint with a supervisory authority;
- the existence of automated decisions, where they exist, including drawing up profiles and exercising rights associated with the said processing.
In particular, when data relating to children are collected, processing shall only be considered lawful if consent was given or authorised by the holder of parental authority or of guardianship over the child.
The user shall bear sole liability for forms that are completed with false, inaccurate, or incomplete data, or data that are not up to date.