This is your guide as to how your personal data is managed by FISIO L’ESCALA. Data privacy is taken very seriously by us. This document outlines our approach under the General Data Protection Regulation 2018 (GDPR). In this notice – we explain how we collect personal information about you, how we use it and how you can interact with us about it.
Who we are
– Name: Marta Barretina i Ginesta
– Business Name: FISIO L’ESCALA
– NIF: 77914604B
– Address: Rda. Pedró, 12 17130 L’ESCALA (Girona)
– Phone: +34 972 771 475
– email: [email protected]
What personal data we collect and why we collect it
There are a number of reasons why FISIO L’ESCALA collect information. We need to know how to contact you, we need to be certain of your identity and we need to understand your circumstances so that we can offer you the best possible customer experience.
The type of information that FISIO L’ESCALA may collect from you includes:
– Your identity & contact name, copies of ID (which may include your date of birth), PPS number (or foreign equivalent), online user identifiers (such as your log on details), IP addresses, cookie identifiers, email addresses and contact phone numbers.
– Bank account details, credit/debit card details, authorised signatory details, information relating to power of attorney arrangements.
– Information which you have consented to us using such as allowing us to contact and send you property related communications on a periodic basis.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
We collect personal information from our contact forms in accommodation pages and contact page also.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
We may also collect CCTV images at our office location (but only for security reasons and to help prevent fraud or crime). We will also hold information on data access, correction, restriction, deletion, porting and complaints relating to you.
We use technologies to automatically collect information about your internet browser settings or Internet Protocol (IP) address, log in information, location based data and google analytics for statistical purposes to improve our website offerings to you and to enhance your online visit to us.
How we use your information
We may use your personal data for matters such as confirming your identity, to help us in the processing of an application for one of our services or to improve your customer experience with us.
Your data is used to manage and administer your account. Your data is also used to process transactions. For example, if you have provided us with your credit or debit card information or if you have provided us with your bank account details.
We may use your data to contact you by post, phone, text message, email or social media using our website or other means but not in a way that is contrary to your instructions to us, legitimate interest or contrary to law. We may monitor and record our conversations when we speak on the telephone (to check your instructions to us and for training and quality purposes) but will advise you if we are doing so. Your data may also be used to recover debts you may owe and also to manage and respond to a complaint or appeal that you have.
We may also use your data to manage our business for our legitimate interests, such as gathering location information from your mobile phone or other electronic device you may use to interact with us. Another legitimate interest of FISIO L’ESCALA is to conduct marketing activities such as direct marketing (provided that you have not objected to us using your details in this way) and research, including customer surveys, analytics and related activities.
We protect your information with security measures under laws that apply and we meet international standards in doing so. We keep our equipment, files and buildings secure. Personal data could be used to prevent and detect fraud, dishonesty and other crimes (such as preventing someone trying to steal your identity), including using CCTV at FISIO L’ESCALA office premises.
FISIO L’ESCALA may in the future wish to sell, transfer or merge part or all of its business or assets or to buy a new business or the assets of another business or enter into a merger with another business. If so, we may disclose your personal information under strict duties of confidentiality to a potential buyer, transferee, merger partner or seller and their advisers, so long as they agree to keep it confidential and to use it only to consider the possible transaction.
We need to use your information to manage and administer legal and compliance matters within FISIO L’ESCALA, including compliance with regulatory, legislative and voluntary codes of practice to which we have committed. We use your data to comply with your information rights, to establish your identity and to comply with laws and regulations concerning the prevention of money laundering, fraud and terrorist financing. As a result, we may need to disclose information to government and other statutory bodies. Your data may be used to comply with binding court orders, search warrants, requests to assist the Government Security Forces with the investigation or prevention of an offence and orders relating to requests for mutual legal assistance in criminal matters received from foreign law enforcement agencies.
Who we share your data with
We only share your information with a certain number of other parties and only as necessary. Examples of information sharing here include:
Third parties we need to share your information with in order to facilitate payments (for example, stripe, SWIFT, credit card issuers and merchant banks) and those you ask us to share your information with.
We only share your information with a certain number of other parties and only as necessary. Examples of information sharing here include:
Your authorised representatives. This would include your Attorney (under a Power of Attorney) and any other party authorised by you to receive your personal data.
Companies that provide support services for the purposes of protecting our legitimate interests. Your personal information remains protected when our service providers use it. We only permit service providers to use your information in accordance with our instructions, they have appropriate measures in place to protect your information. Our service providers include marketing and market research companies, IT and telecommunication service providers, software development contractors, data processors, debit/credit card companies, computer maintenance contractors, printing companies, property contractors, document storage and destruction companies, business advisers, debt collection agencies, auditors and other consultants, including legal advisers.
Statutory and regulatory bodies (including central and local government) and law enforcement authorities.
Visitor’s website comments may be checked through an automated spam detection service.
Links on our website to other sites and social media
Our Site may, from time to time, contain links to and from other websites and web platforms. In addition, third parties websites may also provide links to our Site. If you follow a link to any of those websites or web platforms, please note that those websites and web platforms have their own privacy policies and that we do not accept any responsibility or liability for those policies. Please check those policies before you submit any personal data to those websites. We do not accept, and we disclaim, any responsibility for the privacy statements and information protection practices of any third party website (whether or not such website is linked on or to the Site). These links are provided to you for convenience purposes only, and you access them at your own risk. It is your responsibility to check the third party website’s privacy statements before you submit any personal data to their websites.
How long we retain your data
The length of time we hold your data depends on a number of factors, such as regulatory and statutory requirements. Other considerations are the type of data we hold about you, whether the data is required for a legal dispute and whether you or a regulatory authority asks us to keep it for a valid reason.
As a general rule, we keep your information for a period of 8 years. However, if you request that FISIO L’ESCALA delete your data (prior to this 8 year period elapsing) we shall process your request unless there is a valid reason not to delete the data (such as a requirement to hold onto your data as we have a legal obligation to do so).
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What happens if you do not provide requested information to FISIO L’ESCALA?
Sharing information with us is in both your interest and ours. We need your information in order to provide our services to you, fulfil any contracts we have with you, to manage our business for our legitimate interests and to comply with our legal obligations.
You can choose not to share information with us but must understand that this may limit the services we are able to provide to you. We may not be able to provide you with certain services that you request.
What is the legal basis for FISIO L’ESCALA using my information?
We will use your data and may share that data where:
Its use is necessary in relation to a service or a contract that you have entered into or because you have asked for something to be done so that you can enter into a contract with us or so that we can provide a service to you.
Its use is in accordance with our legitimate interests. Where we process your information for our legitimate interests, we ensure that there is a fair balance between our legitimate interest and your fundamental rights and freedoms. We may use your personal information to manage our everyday business needs including internal reporting, market research, to progress and respond to legal claims, to ensure appropriate IT security and to prevent fraud. Our legitimate interest here is the effective management of our business. We may use your personal information for marketing reasons, i.e. to update you in regarding to property related matters. Our legitimate interest here is to connect with you and to update you on properties and services we provide which may be of interest to you.
Its use is necessary because of a legal obligation that applies to us.
You have consented to the using of your data (including special categories of data) in a specific way.
Where you have made clearly sensitive categories of data about yourself public.
Where the processing of special categories of data is necessary for the establishment, exercise or defence of legal claims.
Does FISIO L’ESCALA process my information outside the European Economic Area (EEA)?
Your information is stored on secure systems within the premises of FISIO L’ESCALA and with providers of secure information storage. FISIO L’ESCALA do not transfer information about you outside the EEA.
We may allow the transfer of information about you outside the EEA by our service providers, but only if they agree to act solely on our instructions and to protect your information to the same standard that applies in the EEA. Where we authorise the processing/transfer of your personal information outside of the EEA, we require your personal information to be protected to at least Spanish standards.
What rights do I have under GDPR?
You have several rights in relation to how we use your information and we have significant obligations in this regard.
You have the right to:
- Find out if we use your information, to access your information and to receive copies of the information we have about you. When you contact us to ask about your information, we may ask you to identify yourself. This is to help protect your data. If you make your request electronically, we will, where possible, provide the relevant information electronically unless you ask us otherwise.
- Request that inaccurate information is corrected and incomplete information updated.
- Object to particular uses of your personal data where the legal basis for our use of your data is our legitimate business interests. However, doing so may have an impact on the services we can / are willing to provide.
- Object to use of your personal data for direct marketing purposes.
- Have your data deleted or its use restricted – you have a right to this under certain circumstances.
- Obtain a transferable copy of certain data which can be transferred to another provider, known as “the right to data portability”. This right applies where personal information is being processed based on consent or for performance of a contract and the processing is carried out by automated means. The right also permits the transfer of data directly to another provider where technically feasible.
- Withdraw consent at any time, where any processing is based on consent. If you withdraw your consent, it will not affect the lawfulness of processing based on your consent before its withdrawal.
- We shall process your request without undue delay. In most instances, we will respond within one calendar month. If we are unable to deal with your request fully within a calendar month (due to the complexity or number of requests), we may extend this period by a further two calendar month period. Should this be necessary, we will explain the reasons why.
- You have the right to complain to FISIO L’ESCALA or the Data Protection Commission or another supervisory authority. If you have a complaint about the use of your personal information, please let FISIO L’ESCALA know and we shall seek to resolve your issue as soon as possible. If you wish to make a complaint to FISIO L’ESCALA you may do so in person, by telephone, in writing or by email. Please be assured that all complaints received by us will be fully investigated. We ask that you supply as much information as possible to help us to resolve your complaint quickly.