INFORMATION ON THE PROTECTION OF PERSONAL DATA
Who is responsible for processing your data?
GRUPO OSBORNE S.A.U. (“OSBORNE”)
CIF A-11535564. Listed in the Business Registry Volume 1528, Folio 73, Sheet CA-21487.
Postal Address: Calle Salvatierra, 6, 28034 Madrid.
Why do we process your data?
ODISA processes the data provided for the following purposes:
- To manage the relationship with people interested in the ODISA brand.
- To manage the process of responding to inquiries sent in through the website.
- To send newsletters and commercial information on the ODISA brand and the OSBORNE brand via physical and/or electronic means.
- To manage the sending of commercial or informative newsletters or communications via physical and/or electronic means on the products and services of ODISA based on their preferences, as well as to engage in marketing activities through promotions, actions, campaigns, drawings or invitations to events in the cities of the data subjects.
- To prepare profiles on preferences and interests pertaining to products from Osborne brands, to track the data subjects’ following of the brand, to prepare profiles pertaining to the preferences of users, without having this entail the adoption of automated decisions that have effects on individuals.
- To manage the information gathered previously on their interests in order to select ads, process data on what ads to show and how often, when and where they will be shown and if the person took any action involving the ads, such as clicking on them or similar actions, so as to enable the selection of future advertising and contents.
What is the legal basis for processing your data?
The legal basis for processing data is as follows:
- The consent of individuals involving the handling of inquiries and contacts, laid out in Article 6.1.a) of the European Data Protection Regulation.
- The consent and legitimate interest for the remaining purposes: Art. 6.1.a) and 6.1.f) of the European Data Protection Regulation for the remaining purposes indicated.
To what recipients will your data be disclosed?
Companies in the Osborne Group: Grupo Osborne, S.A., Bodegas Osborne, S.A., Bodegas Montecillo, S.A., Osborne Selección, S.A., S.R.C Jabugo, S.A., Osborne Restauración S.L. and Grupo Osborne, S.A.
Other companies as required by law.
Not applicable within the scope of this processing.
Personal data involving contact management are stored for one year after ODISA’s reply.
Personal data involving the sending of commercial information, profile analysis and brand tracking activity are stored until the person expresses his/her objection to the processing referred to in the request.
What are your rights when you provide us your data?
Everyone has the right to obtain information on whether ODISA is processing personal data of concern to them.
Data subjects have the right to access their personal data and request that inexact data be rectified or request that they be erased when, among other reasons, the data are no longer necessary for the purposes for which they were collected.
In certain circumstances, data subjects can request to restrict the processing of their data, in which case we will only store them for the exercise or defense of legal claims.
In certain circumstances and for reasons pertaining to their specific situation, data subjects may object to the processing of their data. In these cases, ODISA will stop processing the data, save for overriding legitimate reasons or for the exercise or defense of legal claims.
Data subjects can request data portability in order to obtain the data they provided to ODISA in a structured format that is widely used and machine-readable, which they can download themselves or have ODISA transfer to another entity.
Data subjects can exercise their rights by sending an email to firstname.lastname@example.org. They can also file a claim with the Data Protection Agency, especially if they have unsuccessfully attempted to exercise their rights, at the postal and/or electronic address shown on the website www.agpd.es.
Data shall be processed confidentially and subject to technical and organizational security measures that are suitable to avoiding any unauthorized tampering, loss, processing or access.