I. Data Controller
Company name: 51TRIPS BRAND, S.L. ("51TRIPS")
Taxpayer Identification Number: B01975176
Registered office: Calle Muntaner, 537 - ENT 1, Barcelona, 08022 , Barcelona
Registration in the Mercantile Registry: Mercantile Registry of Barcelona, Volume: 47515, Folio: 201, Section: 8, Page: B554293, Inscription: 1.
Contact email: firstname.lastname@example.org
The data obtained by 51TRIPS are used for the proper functioning of the App tools. In the event of any refusal or error in the provision of data 51TRIPS will not be able to adequately provide the services requested.
III. Purpose of data processing
51TRIPS will process the data for the following purposes:
- User registration.
- Navigation through the App/Web.
- Order management (printing, shipping, etc.)
- To send, by any means, including electronic means, communications in relation to promotions, commercial actions and advertising.
The legitimacy of the data processing is the consent of the User.
IV. Data category
51TRIPS will collect the following data:
- Identification data: name, surname, telephone number, e-mail address, postal address, image, etc.
The data will be treated as long as their deletion, opposition or revocation of consent is not requested. Once the data is blocked, 51TRIPS will keep it for the legally established period for the purpose of enforcing any personal or civil liability action.
In no case 51TRIPS will transfer the data to third parties without previously informing the User and requiring his consent.
V. Data recipients
The data will be communicated to public bodies for compliance with the corresponding legal obligations. Also, the data will be provided to service providers with whom 51TRIPS has a contractual relationship for the proper development and operation of the service. Such providers may include, but are not limited to: software developers, hosting services, printing companies, logistics services and legal advisory services.
51TRIPS will ensure to obtain confirmation from these suppliers that they carry out the correct processing of Users' data for the exclusive purposes of the commercial relationship and with appropriate security protocols according to the data processed.
The User declares to be over 16 years of age and that the data provided are true and accurate, otherwise the User will be responsible for the completion of the forms with false, inaccurate, incomplete or outdated data.
Users may exercise the following rights:
- Right of rectification: This is the User's right to have his or her personal data that proves to be inaccurate or, taking into account the purposes of the processing, incomplete, modified.
- Right of deletion: ("the right to be forgotten"): This is the User's right, provided that the legislation in force does not provide otherwise, to obtain the deletion of his or her personal data when such data is no longer necessary for the purposes for which it was collected or processed to continue with the same; the personal data has been unlawfully processed; the personal data must be deleted in compliance with a legal obligation; or the personal data has been obtained as a result of a direct offer of information society services to a minor under 14 years of age. In addition to deleting the data, the Controller, taking into account the technology available and the cost of its implementation, shall take reasonable steps to inform controllers who are processing the personal data of the data subject's request for the deletion of any link to such personal data.
- Right to limitation of processing: This is the User's right to limit the processing of his/her personal data. The User has the right to obtain the limitation of processing when he/she contests the accuracy of his/her personal data; the processing is unlawful; the controller no longer needs the personal data but the User needs it to make claims; and when the User has objected to the processing.
- Right to data portability: In the event that the processing is carried out by automated means, the user shall have the right to receive from the Data Controller his/her personal data in a structured, commonly used and machine-readable format, and to transmit to another Data Controller. Whenever technically possible, the Controller shall transmit the data directly to such other controller.
- Right of opposition: This is the user's right not to have his or her personal data processed or to cease the processing of such data by 51TRIPS.
- Right not to be subject to a decision based solely on automated processing, including profiling: It is the right of the user not to be subject to an individualized decision based solely on automated processing of personal data, including profiling, existing unless otherwise provided by law. Those affected may exercise their rights of access, rectification, deletion, limitation and portability, as well as all those that current legislation grants the citizen to 51TRIPS BRAND, S.L. by writing to its headquarters at Calle Muntaner, 537 - ENT 1, Barcelona, 08022, Barcelona.
In the event that the user considers that he/she has a problem or infringement of the regulations in force in the way in which his/her personal data is being processed, he/she shall have the right to effective judicial protection and to file a complaint with the supervisory authority, in particular in the State in which he/she has his/her habitual residence, place of work or place of the alleged infringement. In the case of Spain, the supervisory authority is the Spanish Data Protection Agency (http://www.aepd.es).
51TRIPS has adopted technical and organizational security measures to prevent alteration, loss, misuse, treatment and unauthorized access or theft of them.
However, because 51TRIPS cannot guarantee the impregnability of the Internet or the total absence of hackers or others who fraudulently access personal data, the controller undertakes to notify the User without undue delay when a breach of security of personal data occurs that is likely to involve a high risk to the rights and freedoms of natural persons. Following the provisions of Article 4 of the GDPR, a breach of security of personal data means any breach of security resulting in the accidental or unlawful destruction, loss or alteration of personal data transmitted, stored or otherwise processed, or the unauthorized communication of or access to such data.
Personal data will be treated as confidential by the Data Controller, who undertakes to inform and to ensure by means of a legal or contractual obligation that such confidentiality is respected by its employees, partners, and any person to whom it makes the information accessible.
Minors under 16 years of age may not use the services of the App, without the prior authorization of their parents, guardians or legal representatives, who will be responsible for all acts performed by minors in their care. 51TRIPS is not responsible for any data transferred by minors without the appropriate authorization.