Privacy Policy

WEBSITE PRIVACY POLICY

 

www.talfrost.com

 

I. PRIVACY POLICY AND DATA PROTECTION

 

In order to comply with current legal provisions, Talfrost (hereinafter, also referred to as the Website) undertakes to take the necessary organisational and technical measures in accordance with the level of risk of the collected data.

 

Laws incorporated into this Privacy Policy

This Privacy Policy has been adapted to current Spanish and European legislation on the personal protection of data on the Internet. In particular, it complies with the following regulations:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council dated 27 April 2016, on the protection of individuals with regard to the processing of personal data and the free movement of such data (GDPR).
  • Organic Act 3/2018 of 5 December, on Data Protection and guarantee of digital rights (LOPD-GDD).
  • Royal Decree 1720/2007 of 21 December, approving the Regulations implementing Organic Act 15/1999 of 13 December, on Personal Data Protection (RDLOPD).
  • Act 34/2002 of 11 July on Information Society Services and E-Commerce (LSSI-CE).

 

Identity of the personal data controller

The controller of the personal data collected on Talfrost is: Transformados Agrícolas de Albacete S.L.U., with VAT: B02626810. Its contact data are:

Address: Ctra. Nacional N322 km. 341

Contact telephone: +34 967 046 754

Contact email: info@talfrost.com 

 

Recording of Personal Data

Pursuant to the provisions of GDPR and LOPD-GDD, we hereby inform you that the personal data collected by Talfrost through the forms set out on its Website will be incorporated into and processed in our file for the purpose of facilitating, speeding up and fulfilling the commitments established between Talfrosts and the User, or to maintain the relationship established in the forms completed by the User or deal with requests or queries submitted by the latter. Similarly, pursuant to the provisions of GDPR and LOPD-GDD, except where the exception set out in article 30.5 of GDPR applies, a record of processing activities is kept which specifies the processing activities carried out and other circumstances established in GDPR, depending on the purpose.

 

Principles applicable to the processing of personal data

The processing of the User’s personal data will be subject to the following principles, which are set out in article 5 of GDPR and in article 4 and following of Organic Act 3/2018 of 5 December, on Personal Data Protection and guarantee of digital rights:

  • Principle of lawfulness, loyalty and transparency: the User’s consent will be requested at all times on the basis of completely transparent information about the purposes for which the personal data are collected.
  • Principle of limitation of purpose: the personal data will be collected for specific, explicit and legitimate purposes.
  • Principle of data minimisation: the personal data collected will be limited to those that are strictly necessary in relation to the purposes for which they are processed.
  • Principle of accuracy: the personal data must be accurate and always updated.
  • Principle of storage limitation: the personal data will only be stored in such a way that the User’s identification is permitted for the period of time required for the processing purposes.
  • Principle of integrity and confidentiality: the personal data will be processed in a way that ensures their security and confidentiality.
  • Principle of proactive responsibility: the Data Controller will be responsible for ensuring that the above principles are complied with.

 

Personal data categories

LThe data categories processed by Talfrost are only those used for identification purposes. Under no circumstances do we process special data categories in the sense of article 9 of GDPR.

 

Legal basis for the processing of the personal data

The legal basis for the processing of the personal data is the User’s consent. Talfrost undertakes to obtain the express, verifiable consent of the User to process their personal data for one or more specific purposes.

The User will have the right to withdraw their consent at any time. Withdrawing the consent will be as easy as giving it. As a general rule, the withdrawal of consent will not condition the use of the Website.

In cases where the User must or is able to provide their data through the forms to submit queries, request information or for reasons related to the content of the Website, they will be informed in the event that the completion of any form is mandatory due to being essential for the correct implementation of the transaction that is being executed.

 

Purposes for which the personal data are processed

The personal data are collected and managed by Talfrost for the purpose of facilitating, speeding up and fulfilling the commitments established between the Website and the User or to maintain the relationship established in the forms completed by the User or to deal with requests or queries submitted by the latter.

Likewise, the data may be used for a commercial personalisation, operational or statistical purpose and for the activities included in the corporate purpose of Talfrost, as well as for data mining and storage and for marketing studies to adapt the content offered to the User and to improve the quality, operation and browsing experience of the Website.

As soon as the personal data have been obtained, the User will be informed about the specific purpose or purposes of the processing of the personal data; i.e., the use or uses to be made of the information obtained.

 

Personal data retention periods

The personal data will only be held for the minimum time required by the purpose of the processing and in all cases, only for the following period: 2 years or until the User requests their deletion.

As soon as the personal data have been collected, the User will be informed of the retention period of their personal data or if this is not possible, the criteria used to determine said period.

 

Recipients of the personal data

The User’s personal data will not be shared with any third parties.

In all cases, as soon as the personal data have been obtained, the User will be informed of the recipients or the categories of the recipients of the personal data.

 

Personal data of minors

Pursuant to the terms of articles 8 GDPR and 7 of Organic Act 3/2018 of 5 December, on Personal Data Protection and guarantee of digital rights, only persons over the age of 14 may give their consent to the legal processing of their personal data by Talfrost. In the case of minors under the age of 14, the consent of their parents or guardians will be necessary for the processing and the processing will only be considered licit if it has been authorised by them.

 

Secrecy and security of the personal data

Talfrost undertakes to take the necessary organisational and technical measures, depending on the level of security appropriate for the risk of the data obtained, to guarantee the security of the personal data and prevent the destruction, loss or accidental/illegal alteration of personal data transmitted, stored or processed in any other way, or the unauthorised communication of or access to said data.

The Website has an SSL (Secure Socket Layer) certificate which guarantees that the personal data are transmitted in a secure and confidential manner, since the data is transmitted between the server and the User and in feedback, totally ciphered or encrypted.

Nonetheless, since Talfrost cannot guarantee the infallibility of the Internet or the total absence of hackers or other agents who fraudulently access personal data, the Data Controller undertakes to inform the User immediately in the event of a security breach affecting the personal data that could entail a high risk to the rights and freedoms of individuals. According to the provisions of article 4 of GDPR, personal data security breach means any security breach that causes the destruction, loss or accidental/illegal alteration of personal data transmitted, stored or processed in any other way, or the unauthorised communication of or access to said data.

The personal data will be treated in the strictest confidence by the Data Controller, who undertakes to inform and warrant, through a legal or a contractual obligation, that said confidentiality will be respected by its employees, associates and any person who accesses the information.

 

Rights arising from the processing of personal data

The User has the following rights with respect to Talfrost which they may exercise before the Data Controller. Said rights are recognised in GDPR and in Organic Act 3/2018 of 5 December, on Personal Data Protection and guarantee of digital rights:

  • Right to access: The User’s right to obtain confirmation as to whether Talfrost is processing their personal data or not, and if so, to obtain information about their specific personal data and the processing carried out or to be carried out by Talfrost, as well as the information available about the origin of such data and the recipients of the communications of the data that have been made or are to be carried out.
  • Right to rectification: The User’s right to modify all inaccurate personal data or incomplete data, taking into account the purposes of the processing.
  • Right to erasure (“right to be forgotten”): The User’s right to have their personal data removed when they are no longer necessary for the purposes for which they were collected or processed, except if established otherwise by current law; when the User has withdrawn their consent to processing and the latter has no other legal basis; when the User objects to the processing and there is no other legitimate reason to continue it; when the personal data have been processed illegally; when the personal data must be erased to comply with a legal obligation; or when the personal data have been obtained as the result of a direct offer of information society services to a minor under the age of 14. In addition to removing the data, the Data Controller, considering the available technology and the cost of its application, will take all reasonable steps to inform the parties responsible for processing the personal data of the request of the data subject to erase all links to such personal data.
  • Right to restrict processing: The User’s right to restrict the processing of their personal data. The User has the right to restrict processing when they challenge the accuracy of their personal data; when the processing is illegal; when the Data Controller no longer needs the personal data but the User needs them to file claims; and when the User has objected to the processing.
  • Right to data portability: If the processing is carried out using automated methods, the User will have the right to receive their personal data from the Data Controller in a structured, commonly used and machine-readable format, and to transmit them to another Data Controller. Provided this is technically possible, the Data Controller will transmit the data directly to that other Controller.
  • Right to object: The User’s right to object to the processing of their personal data or to stop the processing of said data by Talfrost.
  • The right not to be subject to a decision based solely on automated processing, including profiling: The User’s right not to be subject to an individual decision based solely on the automated processing of their personal data, including profiling, except if established otherwise by current law.

The User may therefore exercise their rights by writing to the Data Controller with the reference «RGPD-https://www.talfrost.com/», specifying:

  • The User’s first name and surname and attaching a copy of their ID. In cases in which representation is admitted, the person representing the User must also identify themselves using the same method as well as submitting a document that accredits the representation. The photocopy of the ID may be replaced by any legal other method that permits the identity to be accredited.
  • Request giving the specific reasons for said request or the information that is to be accessed.
  • Address for receiving notifications.
  • Date and signature of the person submitting the request.
  • All the documentation that accredits the formulation of the request.

The request and all other attached documents may be sent to the following address and/or email address:

Postal address: Ctra. Nacional N322 km. 341 ,02080 Albacete, España

Email address: info@talfrost.com

 

Links to third-party websites

The Website may include hyperlinks or links that permit access to third-party websites other than Talfrost, and which are thus not operated by Talfrost. The owners of those Websites will have their own data protection policies and are responsible in each case for their own files and their own privacy practices.

 

Claims submitted to control authorities

If the User considers that there is a problem or infringement of current legal provisions related to the way in which their personal data are being processed, they will have the right to effective legal protection and to file a claim with a control authority, and in particular, in the State where they have their habitual residence, workplace or where the alleged infringement takes place. In the case of Spain, the control authority is the Spanish Data Protection Agency (http://www.agpd.es).

 

II. ACCEPTANCE AND CHANGES TO THIS PRIVACY POLICY

 

The User must have read and be in agreement with the personal data protection conditions set out in this Privacy Policy, and accept the processing of their personal data so that the Data Controller can proceed with the processing within the indicated term, during the indicated periods and for the indicated purposes. Use of this Website requires the acceptance of its Privacy Policy.

Talfrost reserves the right to change its Privacy Policy based on its own criteria or due to changes in legislation, case-law or the doctrine of the Spanish Data Protection Agency. Changes or updates of this Privacy Policy will not be explicitly notified to the User. The User is advised to consult this page from time to time to keep abreast of the latest changes or updates.

This Privacy Policy was updated in order to adapt it to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, in relation to the protection of individuals regarding the processing of their personal data and the free movement of such data (GDPR) and to Organic Act 3/2018 of 5 December on Personal Data Protection and guarantee of digital rights.

This Website Privacy Policy document was created with the online privacy policy generator on 01/07/2021.