The data controller of your personal data is HOMELY GROUP PROGRAM SYSTEM SL in accordance with the applicable data protection legislation, (Regulation EU 679/2016 and Organic Law 3/2018 on Data Protection and Guarantee of Digital Rights in the Kingdom of Spain).
Our contact details are:
To make inquiries and obtain any information related to the processing of your personal data, please contact the Data Protection team at Cartañá Abogados y Consultores at any time.
The email address where you can contact us is: abogados@cartana.es
We collect and process your data to initiate a contractual relationship and manage the services we provide. Stored data includes the name, provided addresses, contact details, and any information of your own or third parties that you provide or we may incorporate to your file to provide the contracted services in defense of your interests. The legal basis for processing your data is Art. 6 (1) b) GDPR (necessary for the execution of a contract or pre-contract).
In addition, we use your contact data to keep you permanently informed about the progress of your files. This is done to fulfill a contractual obligation under Article 6 (1) b) GDPR or to safeguard our legitimate interests under Article 6 (1) f) GDPR. The legitimate interest lies in the interest of fulfilling data protection obligations, as well as ensuring your awareness to create trust in our services.
If necessary, we process your data, such as technical data associated with the device you use, and browsing behavior data, beyond the purposes of the contract to protect legitimate interests in accordance with Article 6 (1) f) GDPR, to develop and improve our offerings and manage business activities, especially when we use cookies or other service management systems in the web user area.
Furthermore, there is a legitimate interest in maintaining risk management and compliance within HOMELY GROUP PROGRAM SYSTEM SL. In the context of legitimate interest under Art. 6 (1) f) GDPR, we also use your data to inform you of legislative updates, updates to our services, and similar products. In exceptional cases, we will process your personal data for direct marketing purposes based on our legitimate interest under Art. 6 (1) f) GDPR, and if you are not our client, we will request your consent under Art. 6 (1) a) GDPR.
When you use free services, such as downloading a report or publication provided as an update newsletter, we also obtain your consent in accordance with Art. 6 (1) a) GDPR (consent) for advertising purposes.
Thus, you agree to allow us to inform you by postal mail, telephone, or email about the services provided by HOMELY GROUP PROGRAM SYSTEM SL.
Additionally, any associated company that contributed to the creation of the free service (technical document/publication) may also advertise through the aforementioned advertising channels. You can unsubscribe from advertising consent at any time at info@bedloop.com.
If you do not wish to receive further advertising from an associated company, please send your revocation directly to the respective company.
In addition to the personal data we receive directly from you, we also process and collect data to supplement and validate it through our own research under Art. 14 GDPR. The legal basis for this is the principle of data accuracy in accordance with Art. 5 d) GDPR, as well as the protection of our legitimate interests to verify and manage your files in accordance with Art. 6 f) GDPR. The data is used exclusively within the framework of the purposes established here.
If you register for an event or webinar produced or managed by us, or if we participate as a sponsor or speakers, the data you provide will be used for the purpose of event participation.
The data you provide allows us to register you for the event according to your specifications, contact you for this purpose, and thus allow the event to run smoothly.
The objective is to make your participation as pleasant as possible, allow exchanges between participants during and after the event, and provide you with information on products and services (considering 47 of GDPR).
For some events, we may contact you later for promotional purposes. We may use your data for advertising purposes, to inform you about similar offers and products, which is a legitimate interest under Art.6 (1) f) GDPR.
In this regard, we have carried out the balancing exercise required by data protection law and comply with general obligations under the GDPR accountability principle.
We will process your data to inform you about HOMELY GROUP PROGRAM SYSTEM SL services by postal mail, telephone, or email. The legal basis for this data processing is Art. 6.1 a) (consent), Art. 6 (1) b) GDPR (fulfillment of a contract), Art. 21 of Law 24/2002 on the Information Society Services of Spain, and in any case, the existence of a legitimate interest under Art. 6 (1) f) GDPR.
To prevent corruption and money laundering, we collect and document your personal data as required by the Money Laundering Prevention Law, specifying the type of data collected and retention period.
The processing of your personal data is carried out by legal obligation under Art. 6 (1) c) GDPR and in our legitimate interest under Art. 6 (1) f) GDPR.
Our legitimate interest lies in the need for detailed documentation and compliance with relevant transactions.
HOMELY GROUP PROGRAM SYSTEM SL contracts specialized technical service providers in the area of technical processing of your personal data for service management. These service providers are carefully selected and are legally and contractually required to ensure a high level of data protection. Order processing is carried out in accordance with Article 28 of GDPR.
We only share your personal data with third parties for purposes other than those mentioned here to the extent that we are legally required to do so in the form of an imperative legal provision (for example, an auditor in the case of an audit).
Participation in one of our events may mean that it is necessary to transmit your data to the respective organizer for registration purposes.
The personal data collected and stored by us will be treated confidentially and protected by appropriate technical and organizational measures against loss, alteration, and unauthorized access by third parties.
We store your personal data for as long as it is necessary to fulfill our contractual obligations and achieve the contractual purpose. In addition, the obligations and retention periods stipulated by applicable law or data protection authorities are also in force.
Once these obligations and retention periods expire, it is standard procedure to delete your data. If any data is not subject to the aforementioned obligation, it will be deleted as soon as its storage is no longer necessary for the intended purpose. Note that the business relationship may become an ongoing obligation, which can last several years.
Even after fulfilling the contractual or legal obligation, a retention obligation may remain in effect as follows:
Commercial and tax retention periods
The prescribed retention and/or documentation periods are up to 10 years after the termination of the business, contractual relationship, or the completion of a service.
You have the right to withdraw your consent, request access to your personal data or data processing (Art. 15 GDPR), rectification, deletion, and restriction of your personal data or data processing (Art. 16 to 18 GDPR), as well as the transfer of your personal data (Art. 20 GDPR). In addition, you have the right to object to the processing of your data in accordance with Art. 21 GDPR, based on a "legitimate interest" pursued by the controller under Article 6 (1) f) GDPR.
If you wish to exercise these rights or if you wish to revoke your consent to the processing of personal data, in whole or in part,
If you wish to exercise these rights or if you wish to revoke your consent to the processing of personal data, in whole or in part, with future effect, please send an email to: info@bedloop.com, or send a letter to the address indicated in Point 1.
Additionally, under Art. 77 (1) GDPR, you also have the right to file a complaint with a supervisory authority, particularly in the Member State where you reside or work, or where the alleged violation occurred, if you believe that the processing of your personal data is in violation of the GDPR.