Privacy policy

SUMMARY TABLE OF INFORMATION

Basic information on data protection
ResponsableEpona Spain, S.L.
Aims
    • Show the services developed by Epona Spain.
    • Management and response to online inquiries.
    • Sending promotions, advertising and event information.

For more information continue reading.

LegitimationConsent of the interested party. For more information continue reading.
AddressesNo data will be transferred to third parties, except legal obligation. They may yield analytical results by request of installed tools. For more information consult Cookies policy.
RightsAccess, rectify and delete the data, limit and oppose the treatment, the portability of the data and withdraw consent.
Additional informationYou can consult the additional and detailed information on Data Protection continuing with the reading of this notice.

WHAT DOES THE PROCESSING OF PERSONAL DATA MEAN?

The operations, procedures and technical procedures that are carried out in an automated or non-automated way and that enable the collection, storage, modification, transfer and other actions on personal data, are considered to be personal data processing.

WHAT IS THE USE OF THE WEB?

Prior to sending any request for information through any email address on the web eponaspain.com, the user agrees to read this Privacy Policy, for which he gives his unequivocal, free, specific and informed consent to the treatment of his personal data for the stated purposes.

The aforementioned express consent implies the authorization of the processing of your data by Epona Spain in the terms established in this Privacy Policy, as well as by the co-managers and processors with whom Epona Spain maintains a contractual and compliance control relationship.

WHO IS RESPONSIBLE FOR THE TREATMENT?

  • Comercial designation: Epona Spain
  • Tax name: Epona Spain, S.L.
  • ID: B-91498147
  • Address: A-4, Km. 519 · 41410 · Carmona · Andalucía · España (ES)
  • Phone: (+34) 636 97 20 90
  • Email: info@eponaspain.com
  • Website: https://eponaspain.com

Epona Spain guarantees the confidentiality and privacy of the personal data collected, having taken security measures to prevent alteration, loss, treatment or unauthorized access and guarantee the integrity and security of personal data, in accordance with the provisions of the Regulations. 2016/679 of the European Parliament and of the Council of April 27, 2016, which develops the Organic Law 3/2018 of December 5 on Protection of Personal Data and Guarantees of Digital Rights, putting for this the technical means necessary to prevent any alteration, loss, unauthorized access or misuse of the data processed, according to the nature of the data, the state of technology, and the risks to which they are exposed..

FOR WHAT PURPOSE WILL WE USE THE DATA COLLECTED?

Epona Spain informs you that the personal data provided through this website, including the IP address, will be processed in response to the following purposes::

  1. Properly and with all guarantees, the requested product or service.
  2. Send informative communications to the request for registration as a user or registration in the newsletter and events, either through the email provided on the website or through the contact forms or user records.
  3. Manage and offer promotions, discounts, and new services for advertising and commercial purposes.
  4. Respond and send information to the interested party about our privacy policy or request to exercise rights regarding Data Protection.
  5. Manage our social networks regarding the data of the people who become followers. In this regard, the treatment of data is governed by the provisions of this Privacy Policy and by the terms and conditions, privacy policies and specific access regulations of each social network.
  6. Carry out periodic web analysis studies for statistical purposes based on the data provided.
  7. Analyze user behavior during web browsing..

With the express and informed consent, access by Epona Spain to the data that, according to the infrastructure of this website, is required to contact the user, manage comments on the blog, validations or recommendations on social networks and / or is legalized. send you the Epona Spain newsletter.

We will not use your data for any other purpose not expressed in this privacy policy, nor will we send additional information not requested with your express consent.

WHAT IS THE LEGITIMATION OF THE TREATMENT?

The legitimacy of the different treatment activities carried out by Epona Spain are:

  • For the purpose of service provision, the treatment is based on the execution of a contract between the parties.
  • For marketing and commercial management purposes, the treatment is based on the consent of the interested party.
  • For the purposes related to the analysis of user behavior on the web, the treatment is based on the legitimate interest of Epona Spain, which is based on the search for improvement of the platform, its functionality, its adaptation to users and the provision of a more individualized service for those interested.

DO WE GIVE THE DATA?

Epona Spain undertakes not to transfer data to third parties without having obtained the express consent of the users. However, it can yield metrics and analytics requested by computer tools installed on the website owned by other than Epona Spain. Some of these services may be owned by third parties residing outside the European Union (Google, WordPress, etc.).

Epona Spain tries and usually uses secure tools whose servers are preferably located in Spain, or failing that, in a member state of the European Union, or that comply with European legality in accordance with the guidelines and recommendations of the Spanish Protection Agency. Data, the European Commission and community reference agreements on international data transfer, including obtaining certification in the Privacy Shield list.

WHAT IS OUR POLICY WITH TREATMENT MANAGERS?

At Epona Spain we only share personal information with third parties in order to provide services or carry out commercial operations in the terms described in this Privacy Policy or when we consider that the law allows or requires it. Most of the times what we share with third parties is non-personal, anonymous or statistical data. When we share personal information, we do so in accordance with the privacy and data security requirements previously reported in each case and under the signature of private treatment manager contracts, in which they ensure that our suppliers comply with security measures. adequate for complete data protection and legal compliance.

WHAT DO WE DO WITH DATA ON SOCIAL NETWORKS?

Epona Spain has channels on the social networks of Facebook, Youtube, Linkedin and Twitter with the main purpose of publishing and disseminating information about the products offered through the Epona Spain website, interacting with users and serving as a service channel and social interaction.

In the event that you access this website using any application that connects a social network to this website, you are authorizing the social network to share some data with Epona Spain.

It is important that you know that if you have geolocated your accounts on social networks, such location information when sharing on networks will be visible to third parties with whom you share or share your information.

You can obtain more information about the use of your data on these social networks by consulting the privacy policy of each one of them.

WHAT RIGHTS DOES THE USER HAVE? HOW ARE RIGHTS EXERCISED?

How can you exercise your rights? At any time the user can withdraw their consent and exercise their rights of access, rectification, deletion, limitation, opposition and portability provided for in Data Protection Regulation 679/2016 and LO 3/2018 on Data Protection and Rights Guarantee. digital, by sending an email to info@eponaspain.com or by sending a postal mail to Polígono Industrial PISA · Calle Innovación, 10 · 41927 · Mairena del Aljarafe · Seville · Andalusia · Spain (ES).

What do we need to verify your identity? In both cases, the user must accompany a copy of their national identity document, passport or other valid document that identifies them.

Is there a model for the exercise of rights? You can request our model through email or by going to our headquarters (both addresses previously described).

You can also make use of the models and forms that the portal of the Spanish Agency for Data Protection makes available to exercise these rights, which can be found at the following address:

http://www.agpd.es/portalwebAGPD/CanalDelCiudadano/derechos/principales_derchos/index-ides-idphp.php.

WHAT DO THESE RIGHTS CONSIST OF?

  • Right to information: interested party must be previously informed in an express, precise and unequivocal way of, among others, the existence of a file, the possibility of exercising their rights and the person responsible for the treatment.
  • Right of access: allows the citizen to know and obtain free information about their personal data undergoing treatment.
  • Right of rectification: This right is characterized in that it allows correcting errors, modifying the data that turns out to be inaccurate or incomplete and guaranteeing the certainty of the information that is being processed.
  • Right of cancellation: allows you to delete the data that turns out to be inadequate or excessive without prejudice to the duty to block contained in the LOPD.
  • Right of opposition: The right of opposition is the right of the affected party to not carry out the processing of their personal data or to cease it.
  • Right of limitation: the user has the right to decide what personal data he does not want to be processed again in the future, being able to exercise this right when he has previously contested the accuracy of the same; When the treatment is illegal and instead of exercising the suppression of them, decide to limit them for future treatments. In case of limitation of the treatment, the restriction may be lifted if there is the consent of the interested party; possibility that the treatment affects the protection of the rights of another natural or legal person; judicial procedure that justifies it; or there is an important reason for public interest based on current legislation.
  • Right of portability: you have the right to receive the personal data provided or that Epona Spain transmits it to another person responsible, in a structured format of common use and mechanical reading, as long as the treatment is carried out by automated means and the treatment is based on the consent that the User once gave for one or more specific purposes, or for the execution of a contract to which he was a party. The right to portability will not apply when transmission is technically impossible; nor when it may negatively affect the rights and freedoms of third parties; nor when the treatment has a mission of public interest based on current legislation.
  • Right to file a claim with the Control Authority: you have the right to file a claim with the Spanish Data Protection Agency (control authority in Spain) through the following link:: aepd.es.

OTHER RIGHTS

  • Right to be forgotten: Elimination of names in the search engine results list.
  • Advertising rights: Right to exclude phone books, Right not to receive unwanted advertising, Rights of subscribers and users of telecommunications services,

WHAT SECURITY MEASURES DO WE APPLY TO THE PROCESSING OF PERSONAL DATA?

At Epona Spain for the protection of the personal data of its users, we have security protocols and the application of technical and organizational measures appropriate to the state of the art, taking into account the scope, context and purposes of the treatment, as well as the risks of variable probability and severity for the rights and freedoms of the interested parties, trying to be able to ensure the confidentiality, integrity, availability and resilience of the treatment systems and services.

Furthermore, we are concerned with ensuring the correct choice of your data processors, in compliance with the Data Protection regulations.

In particular Epona Spain has the following measures:

  1. Privacy and security risk assessment strategy, as well as a disaster recovery plan designed to safeguard the continuity of our services and to protect our staff and our data.
  2. Implementation of Technical and Organizational Security Measures: We apply technical and organizational measures to the functions described in this privacy policy.
  3. Incident Registry: Epona Spain staff uses the incident registry to report any incident related to the security of information and personal data included in the files with personal data that they process.
  4. Regular training and awareness of our staff and collaborators to avoid errors in data management.
  5. Identification and Authentication System: to give access only to the necessary data and the specific profile that uses them.

NOTIFICATION OF PERSONAL DATA SECURITY GAPS

In the event of a breach of the security of personal data, provided that it is not improbable that said breach of security constitutes a risk to the rights and freedoms of natural persons, Epona Spain will notify the Spanish Data Protection Agency before 72 hours have elapsed since the incident has been recorded, describing the nature of the violation, the possible consequences that may arise and the measures adopted or proposed to remedy the security breach; and if possible, it will be known what the categories are and the approximate number of interested parties and data affected.

In addition, Epona Spain will notify the interested parties, as soon as possible, when it is probable that the violation of the security of personal data entails a high risk for the rights and freedoms of natural persons, describing the possible consequences that may arise and measures taken or proposed to remedy the security breach.

FOR HOW LONG DO WE KEEP THE DATA?

The personal data provided to Epona Spain will be deleted once the relevant period for the exercise of claims has elapsed. In cases in which the treatment is based on the consent of the interested party, the data will be kept until you request its cancellation or deletion, or withdraw your own consent, or are not necessary to serve the purpose for which it was collected..

COOKIES POLICY

In the “Cookies Policy” link, we inform you that this Epona Spain website may use cookies (small information files that the server sends to the user’s computer that accesses this website) to carry out certain functions that are considered essential for the Correct operation and visualization of the site, to share on social networks and, in some cases, to carry out analysis of evaluation statistics and proposals for improvement.

To obtain these analyzes, this website may automatically store certain information in the server logs by using cookies that collect usage and navigation data related to the use of this website by you as a user.

The IP is considered a personal data, Epona Spain does not associate IP addresses, nor other data that the use of cookies throws, nor the results of metrics, with identifiable information of people, nor to collect personal information, although it may occasionally serve us to direct advertising or segment users to whom to direct it.

It is convenient that as a user you know that we use Internet tools and platforms that install cookies that do not depend on us, so it is possible that the owners of said tools use such data for other uses, for which we are not responsible.

For this reason, it is convenient that you read the Cookies policy to know which ones have their own character, which are from third parties, which are permanent, temporary or session; and you can decide to uninstall the ones you consider appropriate, since it will not greatly affect the result, comfort or browsing experience.

PRIVACY OF MINORS

Following the instructions of the Spanish Data Protection Agency, minors under 14 years of age must not transfer their personal data to Epona Spain without the prior consent of their parents or guardians. With the publication of the European General Data Protection Regulation, the determination of the age to consent to the transfer of personal data between 16 and 13 years is foreseen, an issue that currently has to be defined.

In the event that Epona Spain detects users who may be under the age of 16, it reserves the right to request a copy of their ID or equivalent document, or, where appropriate, the authorization of their parents or guardians, causing their withdrawal in the event of not proving compliance with this requirement or lack of response.

RESPONSIBILITY OF THE USER

As a user, you accept and guarantee that the personal data you provide is true, being the only person responsible for any direct or indirect damage or loss that may be caused to Epona Spain as the person in charge of this website or to a third party, if you fill out any form with false data or third parties causing deception, damage or prejudice.

Please inform us of any changes that may occur in the data provided by sending an email to info@eponaspain.com.

At Epona Spain we store the user’s personal data on secure servers, protected against the most common types of attacks and located in Spain. However, and since there is no invulnerable technology, the user must also put the means at their disposal to maintain the level of security of their data, through the use of strong passwords, the periodic modification of their passwords, avoiding using it in various accounts, as well as avoiding taking note of them on any physical or non-encrypted medium.

PROHIBITION TO USERS TO GIVE THIRD PARTY DATA

Epona Spain expressly prohibits the user from sharing, providing or transferring any data from third parties to anyone, which may be obtained as a result of contact, interaction or browsing or consultation through this website, except if it could prove the express authorization of the user whose data it intends give. We remind you that the images are considered protected data and therefore no one can use it without the express consent of the person who appears in it.

As a user, you acknowledge assuming your responsibility, forcing yourself to hold Epona Spain harmless against any possible claim, penalty, fine or sanction that it may be forced to bear as a result of the user’s failure to comply with the described duty.

In case you provide us with personal data of other people, you must do so with your consent and having previously informed you of the extremes contained in this Privacy Policy.

LEGISLATION AND APPLICABLE JURISDICTION

Epona Spain is based in Spain, specifically in the city of Seville, which is why it is bound by Spanish and European data protection laws.

Therefore, the user accepts that the claims or complaints against Epona Spain that come from or are related to the use of this website and more specifically to the treatment of their personal data will be resolved by the court of the competent jurisdiction located in Seville.

If the user accesses this site from a location outside of Spain, he is responsible for complying with all applicable local and international laws.

MODIFICATION

Epona Spain may modify this privacy policy at any time by publishing it on this website, which will always contain the date of the last applicable update.