Terms of use and privacy
Who is the data controller?
Data controller: VIVANCO ENOTURISMO Y EXPERIENCIAS S.L. N.I.F. B26308007. Postal address: Ctra. Nacional 232 Km 442, 26330 Briones (La Rioja). Telephone: 941322013. Email: protecciondatos@vivancoculturadevino.es. We inform you that the personal data that you provide us through this website will be processed in accordance with current regulations on the protection of personal data in Spain.
At the time of data collection, it will be indicated whether the data to be collected is voluntary or mandatory. Refusal to provide data classified as mandatory will result in the non-provision or impossibility of access to the service for which they were requested. Likewise, data may be provided voluntarily with the aim of optimising the services or products offered.
The data provided by the user must be accurate and truthfully reflect their current situation. The user entering the data is solely and ultimately responsible for the veracity of the information supplied on our website.
What do we process the personal data you provide to us for?
The main purposes for processing your personal data are as follows:
We process the data you provide through our website to contact you and respond to your request (information sent to interested parties will not be considered commercial communication, as long as its purpose is to maintain the existing relationship between the user and our organisation).
When you request a product or service from us, we will process the personal data you provide for the provision of the requested product or service and for its administrative and accounting management.
If you authorise us, we will process your contact details to send you information of interest about our products and services, as well as events we organise, for which we may use any means, including electronic means.
What is the lawful basis for processing personal data?
- Article 6.1.b) GDPR: the performance of pre-contractual measures to respond to your request.
- Article 6.1.b) GDPR: the performance of a contract for managing the products and services you have, request or contract with us.
- Article 6.1(a) GDPR: consent to allow us to inform you about our products, services, and events that we organise.
For how long will we keep personal data?
The data provided will be retained for the time necessary to respond to your request and manage the products and services you have requested or contracted, without prejudice to your right to request the deletion of your personal data, which will involve blocking the data for as long as our legal obligations persist, or until you revoke your authorisation for us to send you information about our products, services and events.
We may retain your data, once all relationship with the user has ended, to fulfil our legal obligations.
We will not share your personal data with third parties, unless we are required to do so by law or you have previously authorised us to do so.
No automated decision-making or profiling is envisaged.
Who are our data processors?
In order to provide you with an adequate service, we have contracted the following categories of data processors who will process your data on behalf of the controller: accounting and tax advisory services, labour advisory services, auditing and consultancy services, physical security services, legal services, security and cybersecurity services, hosting services, and catering services. Place of service provision: European Union.
What are your rights?
You have the right to obtain information as to whether we are processing your personal data (right of access), to request the rectification of inaccurate data (right to rectification) or its erasure when the data is no longer needed for the performance of the contract (right to erasure), to the restriction, in certain circumstances, of its processing (right to restrict processing), to receive the personal data provided that concern you or to request that we send them to another data controller of your choice, in a structured, commonly used and machine-readable format (right to data portability), as well as to withdraw your consent at any time to receive information of interest by any means (right to object).
You can exercise your rights by writing to the postal or electronic address of the data controller, in accordance with Articles 15 to 22 of the GDPR 2016/679. To exercise your rights, please accompany your request with a copy of your ID card or equivalent document proving your identity.
If you consider that the processing of your data infringes applicable personal data protection legislation, you can lodge a complaint with the competent supervisory authority.
Data Protection Policy Availability
We will provide users with the appropriate technical resources so that, prior to the delivery of personal data, they can access this Data Protection Policy or any other relevant information, and can give their consent so that we may proceed with the processing of users' personal data.
Current affairs and modification of information
The information on this website is valid as of the date of its last update. We reserve the right to make any changes and modifications we deem appropriate at any time, particularly to adapt to any regulatory changes concerning data protection within the European Union and Spain, and we may exercise this right at any time and without prior notice.