This legal text gives you details of how your personal data is collected and processed when you use our website (), including any information you may provide to us through the site when you provide your contact details via the contact form.
Please note that by providing us with your data, our services are not possible for those individuals who are prevented by law from giving consent, so when you submit the forms to us you warrant to us that you have sufficient capacity to give such consent.
Contact details of the person responsible NOSSAYU SLU, Paseo de la Castellana, 216, Planta 8, 28046, MADRID (Madrid) and e-mail firstname.lastname@example.org .
What data do we collect?
According to the General Data Protection Regulation a personal data is any information about an identified or identifiable natural person, i.e. any information capable of identifying a person. This would not include anonymised data, nor percentage data.
Personal data processed on our website may include, but is not limited to, the following data
Identity data: first name, surname and user name.
Contact details: email or billing address.
We do not collect any data relating to special categories of personal data (data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership and information about your health, genetic or biometric data).
If you are required to collect personal data by law or under the terms of a contract between us and you refuse to provide it to us, we may not be able to enter into the contract or provide the service and you must let us know in advance.
How do we collect your personal data?
The means we use to collect personal data are:
Through the form on our website, through our contact emails, by telephone or post, when, among other things:
You request information about our products or services
You contract the provision of our services or products
Request a quote
Send your comments
To ensure the quality of our site, we reserve the right to refuse any application for registration or to suspend or cancel a previously accepted registration if we believe it does not comply with these requirements or any other law or regulation. If this happens, we will try to give reasons for our decision, but we cannot undertake to do so in all cases.
Through technology or automated interactions: On our website we may automatically collect technical data about your computer, browsing actions and usage patterns. This data is collected through cookies or similar technologies. For more information, please see our cookies policy here.
Through third parties:
Purpose and legitimacy for the use of your data.
The most common uses of your personal data are:
– For the formalisation of a contract between NOSSAYU SLU and you.
– When you consent to the processing of your data.
– When we need it to comply with a legal or regulatory obligation.
– When it is necessary for our legitimate interest or that of a third party.
You may withdraw your consent at any time by sending an email to email@example.com or by referring to the exercise of rights section below.
We may process some personal data for additional legal reasons, so if you need details please email firstname.lastname@example.org .
Purpose: Your data will only be used for the purposes for which we collect it, unless we reasonably believe that we should use it for another purpose. You will be notified in advance so that you are informed of the lawful reason for processing and provided that the purpose is compatible with the original purpose.
Retention period: They will be kept for as long as is necessary to fulfil the purpose for which they were collected and to determine any liability that may arise from that purpose and from the processing of the data. The provisions of the different regulations regarding the retention period shall apply, insofar as they are applicable to the present processing.
Your Data Protection Rights
Users may contact by sending a communication to the registered office of NOSSAYU SLU or email address, including a photocopy of your ID or other similar identification document, to request the exercise of the following rights:
– Access to your personal data: you can ask NOSSAYU SLU if it is using your personal data.
– Rectification of your personal data, if they are not correct.
– Right to be forgotten your personal data.
– Limitation of treatment: your data will only be kept by NOSSAYU SLU for the exercise or defence of claims.
– Opposition: you may oppose the processing of your data. In this case NOSSAYU SLU will stop processing the data in the manner you indicate, unless for legitimate reasons or for the exercise or defence of possible claims, these must continue to be treated.
– Portability: if you want your data to be processed by another firm, NOSSAYU SLU, will facilitate the portability of your data to the new responsible.
To exercise these rights you can use the forms made available by the Spanish Data Protection Agency.
Similarly, you can complain to the AEDP if you think there is a problem with the way NOSSAYU SLU is treating your data. You may address your complaints to the corresponding supervisory authority: The Spanish Data Protection Agency.
We may need to ask you for specific information to help us confirm your identity and guarantee your right to access your personal data (or exercise any of the other rights mentioned above). This is a security measure to ensure that personal data is not disclosed to anyone who is not entitled to receive it.
All requests are dealt with by us within the stated legal deadline of 1 month. However, it may take longer than one month if your request is particularly complex, or if you have already taken a number of actions previously. In this case, we will notify you and keep you updated.
Access to personal data for the provision of services
In the course of our work, we may need the assistance of third parties (processors), who will only process the data for the purpose of providing the contracted service, and with whom we have appropriate measures in place to safeguard your rights:
– Service providers who provide system administration and information technology services.
– Professional advisers including lawyers, auditors and insurers providing banking, legal, insurance and accounting consultancy services.
All processors to whom we transfer your data will respect the security of your personal data and will process it in accordance with the GDPR.
We only allow such processors to process your data for specified purposes and in accordance with our instructions. However, you can ask us, in compliance with transparency requirements, for a list of who these companies are that provide us with services, you can do so by email: .
We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised manner, modified or disclosed. In addition, we restrict access to your personal data to those employees, agents, contractors and other third parties who have a business need to know that data. They will only process your personal data in accordance with our instructions and are bound by a duty of confidentiality.
We have implemented procedures to deal with any suspected breach of your personal data and will notify you and the Supervisory Authority in the event of a breach of security as regulated in Articles 33 and 34 of the GDPR.