Skip to main content
0
AQUAPOOL SPAS

Privacy Policy

In compliance with the provisions of the General Data Protection Regulation 2016/679 (GDPR) and the Organic Law on Data Protection and Digital Rights Guarantee (LOPDGDD) of December 2018, we inform you:

1. DATA CONTROLLER

Identity: Aquapool Spas S.L with CIF B92468123, hereinafter “the Controller”
Address: Carril de Picaza 17; 29670; SAN PEDRO DE ALCÁNTARA – MÁLAGA
Phone: 952 927811
Contact Email: [email protected]

2. PURPOSE OF DATA PROCESSING

We inform you that the data you provide may be processed for the following purposes:

  • Managing a personal account with a unique registration for use on the website for the acquisition of products offered therein.
  • Marketing of our products, management of orders and purchases made through the website, including any incidents related to the order (order inquiries, returns, complaints, etc.).
  • Responding to contact requests, information requests, and inquiries received through available contact methods on the website.
  • Sending commercial information, with express authorization, about our products and services that may be of interest.
  • Facilitating, expediting, and fulfilling the commitments established between the Controller and the user and maintaining the established relationship.

Likewise, in accordance with the GDPR, a record of processing activities is maintained, specifying, according to its purposes, the processing activities carried out and other circumstances established in the GDPR. Personal information may not be used for purposes other than those related to the contracted services or acquired products. No automated decisions will be made based on such a profile.

4. PERSONAL DATA PROCESSED AND SOURCE

The personal data processed is of an identifying nature and has been provided by the User through the completion of the contact form, sending emails, or using the functionalities offered on the website. The use of contact sections, form completion, and/or functionalities offered on the Portal is voluntary. However, completing certain fields of the form or providing information through the use of other functionalities is necessary to correctly address and manage the request, so the User’s refusal to provide the required information will prevent the Controller from addressing and managing it correctly.

The User guarantees that the data provided are true, accurate, and complete. Data will be canceled, deleted, or blocked when they are inaccurate, incomplete, or are no longer necessary or relevant for their purpose in accordance with current legislation. If the personal data provided belong to a third party, the User guarantees that they have informed them of the Privacy Policy and obtained their authorization to provide their data for the aforementioned purposes. They also guarantee that the provided data is accurate and up-to-date, being responsible for any direct or indirect damage that may occur as a result of the breach of such obligation. The User agrees and is responsible for the truthfulness and correctness of the data provided, undertaking to keep them duly updated.

6. PERSONAL DATA RETENTION PERIOD

The personal data provided by the User will be kept as long as they remain registered in the service, as long as the business relationship is maintained, as long as the User does not request its deletion, or for the legal period established. They may also be kept when necessary to comply with a legal obligation or for the formulation, exercise, and defense of claims.

If the User revokes their consent or exercises opposition or deletion rights, their data will be kept blocked and available to the Judiciary for the periods established by law to address possible responsibilities arising from the processing of personal data. In no case will it condition the provision of the service and/or the execution of contracts with the Controller.

7. CONFIDENTIALITY AND SECURITY OF PERSONAL DATA

The Controller undertakes to adopt the necessary technical and organizational measures, according to the appropriate security level for the risk of the collected data, to guarantee the security of personal data and avoid their destruction, loss, or accidental or unlawful alteration of personal data transmitted, stored, or processed in another way, or unauthorized access or communication to such data. Personal data will be treated as confidential by the Controller, who undertakes to inform and guarantee through a legal or contractual obligation that such confidentiality is respected by its employees, associates, and any person to whom the information is made accessible.

8. DATA TRANSFERS AND RECIPIENTS OF PERSONAL DATA

Personal data will only be communicated in cases legally provided for, for example, to Public Administrations for the fulfillment of obligations directly enforceable to the Controller, or when necessary to comply with the processing purposes mentioned above.

9. USER RIGHTS

The right to confirm whether or not we are processing personal data concerning the User.

The right to access personal data and request rectification of inaccurate data or, where appropriate, request deletion when, among other reasons, the data is no longer necessary for the purposes for which it was collected.

In certain circumstances, the right to request the limitation of data processing, in which case we will only keep them for the exercise or defense of claims.

In certain circumstances and for reasons related to their particular situation, the right to object to the processing of their data, in which case the data controller will stop processing the data, except for compelling legitimate reasons, or the exercise or defense of possible claims.

In cases where legally applicable, the right to data portability, which implies the right to receive personal data concerning the User and store it on their own device.

The User can exercise, if applicable, the rights of access, rectification, opposition, deletion, limitation of processing, portability, and object to individual automated decisions by written communication accompanied by a photocopy of their ID to prove their identity, with the reference “GDPR Rights” addressed to the following address: Carril de Picaza 17; 29670; SAN PEDRO DE ALCÁNTARA – MÁLAGA or to the email address: [email protected].

Likewise, we inform you that you can submit any type of claim regarding the protection of personal data to the Spanish Data Protection Agency www.agpd.es, the Control Authority in Spain