Thank you for visiting this website.

Please read the Terms and Conditions contained herein carefully, as use of this website implies express and full acceptance of the same, in the version published at the time you access it. We recommend that you read this document carefully each time you access the website to check if there have been any changes to the conditions of use and that you leave it if you do not agree with such changes. If we believe that certain modifications are significant, we will update the "Last modified" date at the top of this page. It is your responsibility to review and familiarize yourself with any modifications made.

1. IDENTIFICATION

In compliance with the duty of information contained in article 10 of Law 34/2002, of July 11, on Information Society Services and Electronic Commerce with current legislation on data protection, specifically, Organic Law 3/2018, of December 5, on the protection of personal data and guarantee of digital rights (LOPDDGG) that fully implements Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons regarding the processing of personal data and the free movement of such data (GDPR).

Responsible for the Treatment: LOSAN GESTION INTEGRAL, SL (hereinafter LOSAN)
Tradename: LOSAN
Tax ID: B15848617
Business details: Commercial Registry of La Coruña. Volume 2.648, General Section, folio 41, page C-29.744, entry 1

2. COMMUNICATION

To contact us for any questions regarding the processing of personal data, we provide you with different means of contact, which are detailed below: 

Phone: Phone: 981 168 200
Email: [email protected]
Address: Calle Casares Quiroga, 9. A Coruña. Spain.
Website: www.losan.es

All notifications and communications provided in this section will be considered effective, for all purposes, when made through any of the means detailed above. 

We understand that the privacy and security of your personal information is extremely important. Therefore, this policy sets out what we do with your information and what we do to keep it secure. It also explains where and how we collect your personal information, as well as your rights over any personal information we hold about you.

What is the new Data Protection Regulation?

This is a new European regulation. This Regulation unifies criteria for confidentiality and processing of personal data at a community level and adapts its management to new digital environments, such as the Internet and mobile applications. In this way, you will have more control over your data.

When will the new regulations be applicable?

The European Union approved the Regulation in 2016. Member States must implement it from 25 May 2018.

What changes will this mean for you?

European regulations add new rights to those included in current Spanish regulations. For this reason, we must update the information available to you on our company's data protection measures. We will also request your authorization to process your data in some new cases. In this way, we will be able to offer you a service that is more adapted to your needs.

What measures have we taken to ensure the confidentiality, integrity and security of your data?

• We only ask for the minimum amount of information necessary, collecting only what we believe is essential to doing business or for the specific transaction involved;
• We have established a series of confidentiality agreements with all our suppliers, staff and collaborators; 
• We have a specialized consultancy that will not only assist us permanently in this matter but will also carry out periodic controls to ensure correct compliance with this regulation; 
• We have established a series of computer security measures that will protect us from possible external attacks; 
• We have reviewed all our documentation to ensure that it is adequate according to the new regulations; 
• We have assessed the impact that our procedures may have on the protection of your personal data; 
• We have trained our staff so that we can all act diligently and ethically, complying with all the requirements set out in the new regulations.

Principles that we will apply to your personal information

In the processing of your personal data, we will apply the following principles that meet the requirements of the new European data protection regulation:

• Principle of legality, loyalty and transparency: We will always require your consent to the processing of your personal data for one or more specific purposes that we will inform you in advance with absolute transparency.

• Principle of data minimization: We are only going to request strictly necessary data in relation to the purposes for which we require them. The minimum possible.
• Principle of limitation of the conservation period: the data will be kept for no longer than necessary for the purposes of the treatment, depending on the purpose, we will inform you of the corresponding conservation period, in the case of subscriptions, we will periodically review our lists and eliminate those inactive records for a considerable time.
• Principle of integrity and confidentiality: Your data will be treated in such a way that an adequate security of personal data is guaranteed and confidentiality is guaranteed. You should know that we take all necessary precautions to prevent unauthorized access or improper use of the data of our users by third parties.

LEGAL BASIS FOR THE COLLECTION AND USE OF INFORMATION 

If you are an individual in the European Economic Area (EEA), our legal basis for collecting and using information depends on the personal information concerned and the context in which we collect it. Most of our information collection and processing activities are generally based on: 1) a contractual necessity; 2) one or more legitimate interests of LOSÁN or a third party which are not overridden by your data protection interests or 3) your consent. Sometimes we will have a legal obligation to collect your information or we will need your personal information to protect your vital interests or those of another person.

TREATMENTS

We will explain below how we collect, use, disclose, transfer and store your information. This Privacy Policy applies to personal information collected through our website. It is important that you check this Privacy Policy frequently for updates.

All users who access our website will be able to see all its content without having to provide any personal information. Your personal data will only be collected when you voluntarily complete our form(s). In this case, the user guarantees the authenticity, accuracy and veracity of the information provided, committing to keep the personal data updated so that it reflects, at all times, his/her real situation. The user will be solely responsible for any false or inaccurate statements and for any damages that they may cause. Through this means of communication, you expressly agree to receive periodic communications only from the entity, which will keep the personal data it receives from users through the website in total secrecy, guaranteeing its confidentiality, and will adopt the necessary technical measures to prevent any alteration, loss, misuse, or unauthorized access to this data. 

We also inform you that all data provided through electronic forms and/or by email are strictly necessary for the correct identification of the sender. This information will be treated with strict confidentiality and for the sole purpose of managing requests for information, contracting our services and products and other purposes specified below. You are informed and give your full express consent to use your data for activities related to the corporate purpose of the entity. 

The consent given, both for the processing and for the transfer of the data of the interested parties, is revocable at any time by communicating it to the email address [email protected] in the terms established in this Policy for the exercise of rights. This revocation will in no case be retroactive.

How we use your data

We may use your personal data in the following ways: the information you provide us may help us make decisions, respond to requests, improve services, detect new needs, generate promotions, understand your expectations and provide you with a better service. We may also use your data for the following purposes.

Specific reason: If you provide your personal data for a specific purpose, we will use it in a manner related to the purpose for which it was provided. For example, if you contact us by email, we will use the personal data you provide to answer your question or resolve the problem, and we will reply to the email address from which the message was sent. 

Internal purposes. We may use your personal data for internal purposes, such as to rely on it to improve the content and functionality of the Services, better understand our customers' needs, improve the Services, protect against, identify or address fraudulent activity, enforce our Terms of Service, manage your account and provide you with customer service, and generally manage the Services and our business, among others. 

Commercial communications. Provided we have your express consent (which will be obtained through a dedicated box on our forms), we may use your personal data to contact you in the future for marketing actions that may be of interest to you, always related to the products and/or services offered by the company. In any case, you will always have the option to "stop receiving" these electronic messages at the bottom of said messages or notify us by sending an email to the following address: [email protected] However, you may continue to receive notices and emails whenever they are necessary and essential for the maintenance of our contractual transactions. In accordance with Law 34/2002, of July 11, on information society services and electronic commerce (LSSICE), LOSÁN does not engage in SPAM practices and undertakes not to send commercial communications without properly identifying them.

Please note that even if you decide not to subscribe or unsubscribe from promotional or commercial electronic communications, LOSÁN may still need to contact you as a User with important information about transactions related to your account and your purchases of products, reservations of activities or contracting of other services.

Below we explain in more detail what types of data are collected and processed and what their purposes are:

The legal bases are linked to the purposes of the previous point.

Data provided voluntarily by the interested party

Possible consequences of not providing such data

Possible transfers of data to third parties

International transfers

Conservation periods

 

OTHER ASPECTS RELATED TO THE TRANSFER OF DATA

As a general rule, the data you provide to us will not be disclosed to third parties without your consent, except under legal obligation, for example: in the event of a subpoena or a request from a government agency, or if we believe in good faith that such action is necessary to a) comply with a legal obligation; b) protect or defend our rights, interests or property, or those of a third party; c) prevent or investigate potential wrongdoing in connection with the Services; d) act in urgent circumstances to protect your personal safety; or e) protect against legal liability.  

 

STORAGE

We may store your data or transfer it to a third party who will store it in accordance with this Privacy Policy. We take reasonable steps to protect personal data against loss, misuse, unauthorized use, unauthorized access, inadvertent disclosure, modification and destruction. However, no network, server, database or Internet or email transmission is completely secure or error-free. In the event of a data breach in our custody, we will take all necessary steps to mitigate the consequences and notify the Supervisory Authority of this fact, together with all relevant information for the documentation and communication of the incident. 

 

CONSENTS

The consent of the interested party, in accordance with the provisions of data protection regulations, is a free communication by the interested party by which he/she accepts that his/her data will be processed for a specific purpose, under certain conditions, of which he/she must be previously informed.

Can you modify or withdraw your consent at any time?

Of course you can. The information on the treatments you have consented to will always be accessible. You can modify or withdraw it whenever you want by sending us an email.
Likewise, you can unsubscribe from our database at any time by sending us an email to: [email protected]

 

AUTOMATED DECISIONS 

LOSÁN does not make any decisions based solely on the automated processing of your data. 

 

STATISTICAL STUDIES

LOSÁN does not carry out studies for scientific, historical or statistical purposes, in which case the dissociation of the data from the object of the study will be attempted to preserve its confidentiality. 

 

NOTICE OF PERSONAL DATA BREACH OR SECURITY BREACHES

A personal data breach is a breach of the security of LOSÁN's information systems that causes or may cause the destruction, alteration, loss, unauthorized disclosure or access, accidental or not, to personal data transmitted, stored or processed in connection with the provision of our services. In the event that the personal data we store and/or process at LOSÁN is compromised in any way, we will promptly notify those affected, in accordance with the provisions of Article 33 of the GDPR.

 

DATA PROTECTION RIGHTS 

Users may send a written communication to the registered office of LOSÁN or to the email address indicated in the heading of this Legal Notice, including in both cases a photocopy of their ID or other similar identification document, to request the exercise of the following rights:

• Right to request access to personal data: you may ask us if we are processing your data; 
• Right to request rectification (if incorrect) or deletion (when personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed).
• Right to request the limitation or cancellation of your processing, in which case they will only be kept by us for the exercise or defense of claims; 
• Right to object to processing: We will stop processing the data in the manner you indicate, unless there are compelling legitimate reasons or the exercise or defence of possible claims that require continued processing; 
• Right to data portability: If you want your data to be processed by another company, we will facilitate the portability of your data to any other company that you indicate to us in a structured, intelligible and automated format. 

These rights are personal and will be exercised by the interested party, without any limitations other than those provided for by applicable legislation. However, the legal representative of the interested party may act when the latter is in a situation of incapacity or minority that prevents him from personally exercising them. The exercise of his rights will be made effective by the Data Controller within thirty days following receipt of the request. In the event that the Data Controller considers that it is not appropriate to access the requested data, he will inform the interested party with reasons and within the period indicated in this section. In cases where, although the cancellation of the data is appropriate, its physical extinction is not possible, either for technical reasons or due to the computer support used, we will proceed to block them in order to prevent their use, until they are completely eliminated from the information systems. 

 

PAYMENT SERVICE PROVIDERS

In accordance with Article 6, paragraph 1, letter b of the GDPR, the data provided by the user will be transferred to our payment service provider together with the order information (first and last name, postal address, bank account number, bank code, credit card number – if applicable – invoice amount, currency and transaction number) as part of the ordering process. The data will be transmitted exclusively for the purpose of executing the payment via the payment service provider and only insofar as this is necessary for this purpose. The user may object to the processing of his or her data at any time by simply sending a message to the payment service provider. The respective data protection policies and contact options of the payment service providers can be found in the table at the end of this Data Protection Policy.

 

COLLECTION OF DATA FROM MINORS

LOSÁN does not authorize minors under 14 years of age to provide their personal data, either by filling out the web forms enabled for requesting services, contact forms, or by sending emails. If we become aware that a child under 14 years of age has provided us with personal information, we will take steps to delete that information. If you believe that a child under 14 years of age has provided us with personal information, write to the email [email protected] with the details and we will take the necessary steps to delete the information we hold about that child.

 

PROCESSING OF SPECIAL CATEGORIES OF PERSONAL DATA AND PERSONAL DATA RELATING TO CRIMINAL SENTENCES AND OFFENCES

When completing free text fields, the introduction of personal information relating to personal data that reveal ethnic or racial origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data aimed at uniquely identifying a natural person, data relating to health or data relating to the sexual life or sexual orientations of a natural person, as well as personal data relating to criminal convictions and offences is not permitted. If any information relating to the aforementioned aspects is entered into any of our forms or via email, it will be immediately deleted from our information systems without being able to respond to the query made, since such data is neither necessary nor relevant for the purposes determined in the processing of this Website.

 

DATA PROTECTION DELEGATE

We have appointed ELEONORA CARCERONI GARBAYO, a lawyer registered with the Provincial Bar Association of A Coruña, number 4693, as our Data Protection Officer. Her email address is: [email protected]. As described in art. 38.4 of the GDPR, interested parties may contact the Data Protection Officer regarding all matters relating to the processing of their personal data and the exercise of their rights under this Regulation.

 

COMPLAINT TO THE CONTROLLING AUTHORITY

If you consider that there is a problem with the way we are handling your data, you may direct your complaints to the corresponding data protection authority, the Spanish Data Protection Agency being the one indicated in the case of Spain. (www.agpd.es) 

LOSAN GESTION INTEGRAL, SL has adapted this website to the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 regarding the protection of natural persons (RGPD), Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights (LOPDGDD), as well as with Law 34/2002, of July 11, on Information Society Services and Electronic Commerce (LSSICE or LSSI).

© All rights reserved: LOSAN GESTION INTEGRAL, SL