Privacy Policy

Privacy PolicyThe Management/Board of Ian Vela Ferrando (hereinafter, ianverrando.com) assumes the utmost responsibility and commitment to establishing, implementing, and maintaining this Data Protection Policy. It ensures the continuous improvement of the data controller to achieve excellence in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016, regarding the protection of natural persons with respect to the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119/1, 04-05-2016), as well as Spanish regulations on the protection of personal data (Organic Law, specific sectoral legislation, and its implementing rules).

It ensures the continuous improvement of the data controller to achieve excellence in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016, regarding the protection of natural persons with respect to the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119/1, 04-05-2016), as well as Spanish regulations on the protection of personal data (Organic Law, specific sectoral legislation, and its implementing rules).

Data Protection

The Data Protection Policy of ianverrando.com is based on the principle of proactive responsibility, whereby the data controller is accountable for compliance with the legal and regulatory framework governing this Policy and is able to demonstrate it to the relevant supervisory authorities.

In this regard, the data controller will adhere to the following principles, which serve as a guide and framework for reference for all personnel involved in the processing of personal data:

  1. Data protection by design: The data controller will apply appropriate technical and organizational measures, such as pseudonymization, to effectively implement data protection principles, including data minimization, and to integrate necessary safeguards into the processing.
  2. Data protection by default: The data controller will apply appropriate technical and organizational measures to ensure that, by default, only the personal data necessary for each specific processing purpose are processed.
  3. Data protection throughout the information lifecycle: Measures to ensure the protection of personal data will apply throughout the entire lifecycle of the information.
  4. Lawfulness, fairness, and transparency: Personal data will be processed lawfully, fairly, and transparently concerning the data subject.
  5. Purpose limitation: Personal data will be collected for specified, explicit, and legitimate purposes and not further processed in a manner incompatible with those purposes.
  6. Data minimization: Personal data will be adequate, relevant, and limited to what is necessary for the purposes for which they are processed.
  7. Accuracy: Personal data will be accurate and, where necessary, kept up to date. Reasonable measures will be taken to ensure that inaccurate data are corrected or deleted without delay.
  8. Storage limitation: Personal data will be kept in a form that allows the identification of data subjects for no longer than is necessary for the purposes for which the data are processed.
  9. Integrity and confidentiality: Personal data will be processed securely, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures.
  10. Information and training: Key to ensuring the protection of personal data is providing information and training to all personnel involved in processing such data. Throughout the information lifecycle, all personnel with access to data will be properly trained and informed about their obligations concerning data protection compliance.

The Data Protection Policy of ianverrando.com is communicated to all personnel of the data controller and made available to all interested parties.

Consequently, this Data Protection Policy involves all personnel of the data controller, who must understand and adopt it as their own, being responsible for applying it and verifying the data protection regulations applicable to their activity, as well as identifying and contributing any improvement opportunities deemed appropriate to achieve excellence in compliance.

This Policy will be reviewed by the Management/Board of ianverrando.com as often as deemed necessary to remain compliant with current personal data protection regulations.