PALMA
Our Privacy Policy
INFORMATION TO THE USER in accordance with the provisions of Regulation (EU) 2016/679 of April 27, 2016 (GDPR) and Organic Law 3/2018 of December 5, on the Protection of Personal Data and guarantee of digital rights, you are informed of the identity of the Data Controller, the purpose of the processing, the legitimacy for the processing of your data, the categories of recipients of data transfers (if any), the origin of your processed data if different from your voluntary delivery, and the rights that assist you as an interested party.
INFORMATION REGARDING THE DATA CONTROLLER
Data Controller's Name: Raoul Wallenberg international school
Tax Identification Number (NIF): C.I.F. B67753329
Full Address: Raoul Wallenberg international School, C/Oblates 23, La Vileta, 07011 Palma de Mallorca
Contact Email: info@rwiss.eu
INFORMATION REGARDING THE PURPOSE AND LEGITIMACY OF PROCESSING
The operations planned to carry out the processing are:
By legitimate interest of the Data Controller:
Economic and accounting management, tax management, administrative management, billing management, customer and supplier management, collection and payment management, historical records of commercial relationships.
By express, unequivocal, and informed consent of the interested party:
Sending of commercial advertising communications by email, fax, SMS, MMS, social communities, or any other electronic or physical means, present or future, enabling commercial communications. These communications will be made by the CONTROLLER and related to its products and services, or those of its collaborators or suppliers with whom it has reached some promotion agreement. In this case, third parties will never have access to personal data.
Conducting statistical studies. Processing orders, requests, or any type of request made by the user through any of the contact forms provided.
Sending the newsletter of the website.
Data retention criteria: The data will be retained for the duration of the commercial relationship between the parties. Once this commercial relationship is terminated, the data will be blocked to prevent access, only being unblocked if such data are required by the Data Controller for legal (tax, commercial, labor, or judicial) authority and only until the expiry or legal prescription date. They will then be destroyed appropriately and with adequate guarantees to prevent their recovery.
INFORMATION REGARDING DATA TRANSFER OR COMMUNICATION
Personal data may be transferred for the maintenance of the commercial relationship and/or for the execution of operations, to Tax, Accounting, Commercial Advisory, Banks, Savings Banks, and Financial Institutions, Tax Agencies, and other competent Public Bodies. Data will not be communicated to other third parties, except by legal obligation. No data transfers to third countries outside the European Economic Area or to International Organizations are made.
INFORMATION REGARDING THE RIGHTS OF THE INTERESTED PARTY AND HOW TO EXERCISE THEM
Rights available to the User and how to exercise them: The interested party has the right to: Access their data, rectify their data, erase their data, port their data, limit the processing of their data, object to the processing of their data, withdraw the consent given, file a complaint with the Control Authority, lodge a judicial appeal.
You can exercise these rights by a reasoned written request, addressed to the Data Controller or their representative specifying the right you wish to exercise, accompanied by a photocopy of your identification document. You may also request in advance from the Data Controller a standard form for the right you wish to exercise.
Exercising rights will not entail any management costs for the interested party, except for postage costs if you choose to send it by postal mail. You can exercise your rights:
In person at the Data Controller's premises by identifying yourself with your ID card or equivalent document.
Through email addressed to the one specified in the Data Controller identification section and accompanying a photocopy of your ID card or equivalent document.
By postal mail (preferably certified) addressed to the address specified in the Data Controller identification section and accompanying a photocopy of your ID card or equivalent document.
Contact details to exercise your rights:
Raoul Wallenberg international School, C/Oblates 23, La Vileta, 07011 Palma de Mallorca,
MANDATORY OR OPTIONAL NATURE OF THE INFORMATION PROVIDED BY THE USER
Users, by checking the corresponding boxes and entering data in the fields marked with an asterisk (*) in the contact form or presented in download forms, expressly and freely and unequivocally accept that their data are necessary to meet their request by the provider, with the inclusion of data in the remaining fields being voluntary. The User guarantees that the personal data provided to the CONTROLLER are truthful and is responsible for communicating any changes to them. The CONTROLLER expressly informs and guarantees users that their personal data will not be transferred in any case to third parties, and that whenever any type of personal data transfer is made, the express, informed, and unequivocal consent of the Users will be requested beforehand. All data requested through the website are mandatory, as they are necessary for the provision of an optimal service to the User. If all the data are not provided, it is not guaranteed that the information and services provided will be completely tailored to their needs.
SECURITY MEASURES
In accordance with the provisions of current regulations on the protection of personal data, the CONTROLLER is complying with all the provisions of the GDPR regulations for the processing of personal data under its responsibility, and expressly with the principles described in Article 5 of the GDPR, by which they are processed lawfully, fairly, and transparently in relation to the data subject and are adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed. The CONTROLLER guarantees that it has implemented appropriate technical and organizational policies to apply the security measures established by the GDPR in order to protect the rights and freedoms of the Users and has provided them with the appropriate information to enable them to exercise them.