I. PRIVACY AND DATA PROTECTION POLICY

In compliance with current legislation, BiciFix (hereinafter also referred to as the Website) undertakes to adopt the necessary technical and organisational measures, according to the level of security appropriate to the risk of the data collected.

Laws incorporated into this privacy policy

This privacy policy is adapted to current Spanish and European regulations on the protection of personal data on the internet. Specifically, it complies with the following regulations:

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR).

Organic Law 3/2018 of 5 December on the Protection of Personal Data and Guarantee of Digital Rights (LOPD-GDD).

Royal Decree 1720/2007 of 21 December, approving the Regulations implementing Organic Law 15/1999 of 13 December on the Protection of Personal Data (RDLOPD).

Law 34/2002, of 11 July, on Information Society Services and Electronic Commerce (LSSI-CE).

Identity of the person responsible for processing personal data

The data controller for the personal data collected by BiciFix is: Ivaylo Petrov Ivanov, with Tax ID Number: Z0565344D (hereinafter, the Data Controller). Their contact details are as follows:

Address: c. Ciutat de Barcelona 21, Gandia

Contact telephone number: +34 604 83 18 66

Contact email: Contact form

Registration of personal data

In compliance with the provisions of the GDPR and the LOPD-GDD, we inform you that the personal data collected by BiciFix through the forms on its pages will be incorporated and processed in our file in order to facilitate, expedite and fulfil the commitments established between BiciFix and the User or to maintain the relationship established in the forms that the User fills in, or to respond to a request or query from the User. Likewise, in accordance with the provisions of the GDPR and the LOPD-GDD, unless the exception provided for in Article 30.5 of the GDPR applies, a record of processing activities is kept which specifies, according to their purposes, the processing activities carried out and the other circumstances established in the GDPR.

Principles applicable to the processing of personal data

The processing of the User’s personal data shall be subject to the following principles set out in Article 5 of the GDPR and in Article 4 et seq. of Organic Law 3/2018 of 5 December on the Protection of Personal Data and the guarantee of digital rights:

Principle of lawfulness, fairness and transparency: the User’s consent shall be required at all times, following fully transparent information on the purposes for which the personal data are collected.

Principle of purpose limitation: personal data will be collected for specific, explicit and legitimate purposes.

Principle of data minimisation: the personal data collected will be only those strictly necessary in relation to the purposes for which they are processed.

Principle of accuracy: personal data must be accurate and always up to date.

Principle of storage limitation: personal data shall only be kept in a form that allows the identification of the User for as long as is necessary for the purposes of its processing.

Principle of integrity and confidentiality: personal data shall be processed in a manner that ensures its security and confidentiality.

Principle of proactive responsibility: the Data Controller shall be responsible for ensuring that the above principles are complied with.

Categories of personal data

The categories of data processed by BiciFix are solely identifying data. Under no circumstances are special categories of personal data processed within the meaning of Article 9 of the GDPR.

The categories of data processed by BiciFix are both identifying data and special categories of personal data within the meaning of Article 9 of the GDPR.

Special categories of personal data are understood to be those that reveal ethnic or racial origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data aimed at uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.

For the processing of special categories of personal data, the explicit consent of the User for one or more specific purposes will be required in all cases.

Legal basis for the processing of personal data

The legal basis for the processing of personal data is consent. BiciFix undertakes to obtain the express and verifiable consent of the User for the processing of their personal data for one or more specific purposes.

The User shall have the right to withdraw their consent at any time. Withdrawing consent shall be as easy as giving it. As a general rule, withdrawal of consent will not affect the use of the Website.

On occasions when the User must or may provide their data through forms to make enquiries, request information or for reasons related to the content of the Website, they will be informed if the completion of any of these forms is mandatory because they are essential for the proper performance of the operation carried out.

Purposes of the processing of personal data

Personal data is collected and managed by BiciFix for the purpose of facilitating, expediting and fulfilling the commitments established between the Website and the User or maintaining the relationship established in the forms filled out by the latter or to respond to a request or query.

Likewise, the data may be used for commercial purposes of personalisation, operation and statistics, and activities related to the corporate purpose of BiciFix, as well as for the extraction, storage of data and marketing studies to adapt the Content offered to the User, as well as to improve the quality, functioning and navigation of the Website.

At the time the personal data is obtained, the User will be informed of the specific purpose or purposes for which the personal data will be processed; that is, the use or uses that will be made of the information collected.

Períodos de retención de los datos personales

Los datos personales solo serán retenidos durante el tiempo mínimo necesario para los fines de su tratamiento y, en todo caso, únicamente durante el siguiente plazo: 24, o hasta que el Usuario solicite su supresión.

En el momento en que se obtengan los datos personales, se informará al Usuario acerca del plazo durante el cual se conservarán los datos personales o, cuando eso no sea posible, los criterios utilizados para determinar este plazo.