In compliance with current legislation, Silver Asteroid (hereinafter also referred to as the Website) commits to adopting the necessary technical and organizational measures, according to the appropriate level of security, to protect the data collected.

This privacy policy complies with current Spanish and European regulations regarding the protection of personal data on the internet. Specifically, it adheres to the following regulations:

• The General Data Protection Regulation (GDPR), Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
• The Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights (LOPD-GDD).
• The Royal Decree 1720/2007, of December 21, approving the Regulation implementing Organic Law 15/1999, of December 13, on the Protection of Personal Data (RDLOPD).
• The Law 34/2002, of July 11, on Information Society Services and Electronic Commerce (LSSI-CE).

The entity responsible for the processing of personal data collected at Silver Asteroid is SILVER ASTEROID SL, with Tax Identification Number (NIF): B66496696, registered in the Commercial Registry of Barcelona under the following registration details: [specific registration details], represented by Silver Asteroid (hereinafter, Data Controller). The contact details are as follows:

Address: Calle Pamplona, 92 – 1 1, Barcelona, 08018, Barcelona

Contact phone number: 637 06 29 48

Contact email: pablo@silverasteroid.com

In compliance with the GDPR and the LOPD-GDD, we inform you that the personal data collected by Silver Asteroid through the forms on its pages will be incorporated and processed in our files for the purpose of facilitating, expediting, and fulfilling the commitments established between Silver Asteroid and the User, or maintaining the relationship established in the forms filled out by the User, or to respond to a request or inquiry from the User. Additionally, in accordance with the provisions of the GDPR and the LOPD-GDD, unless the exception provided in Article 30.5 of the GDPR applies, a record of processing activities is maintained that specifies, according to their purposes, the processing activities carried out and other circumstances established in the GDPR.

The processing of the User’s personal data shall be subject to the following principles as set out in Article 5 of the GDPR and Article 4 and subsequent articles of Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights:

• Principle of lawfulness, fairness, and transparency: User consent will be required at all times, preceded by fully transparent information about the purposes for which personal data is collected.
• Principle of purpose limitation: Personal data will be collected for specified, explicit, and legitimate purposes.
• Principle of data minimization: The personal data collected will be limited to what is strictly necessary in relation to the purposes for which it is processed.
• Principle of accuracy: Personal data must be accurate and kept up to date.
• Principle of storage limitation: Personal data will only be retained for as long as necessary for the purposes of its processing.
• Principle of integrity and confidentiality: Personal data will be processed in a manner that ensures its security and confidentiality.
• Principle of proactive responsibility: The Data Controller will be responsible for ensuring that the above principles are complied with.

The categories of data processed at Silver Asteroid are solely identifying data. Under no circumstances are special categories of personal data processed as defined in Article 9 of the GDPR.

The legal basis for the processing of personal data is consent. Silver Asteroid commits to obtaining the express and verifiable consent of the User for the processing of their personal data for one or more specific purposes. The User will have the right to withdraw their consent at any time. Withdrawal of consent will be as easy as giving it. Generally, withdrawal of consent will not affect the use of the Website.

In cases where the User is required or may provide their data through forms to make inquiries, request information, or for reasons related to the content of the Website, they will be informed if filling out any of these forms is mandatory because they are essential for the proper execution of the operation.

The personal data collected and managed by Silver Asteroid is intended to facilitate, expedite, and fulfill the commitments established between the Website and the User, or to maintain the relationship established in the forms filled out by the User, or to respond to a request or inquiry. Additionally, the data may be used for commercial purposes such as personalization, operational and statistical purposes, and activities related to the corporate purpose of Silver Asteroid. This includes data extraction, storage, and marketing studies to tailor the Content offered to the User, as well as to improve the quality, functionality, and navigation of the Website. At the time personal data is obtained, the User will be informed about the specific purpose(s) of the processing to which the personal data will be destined; in other words, the use(s) that will be given to the collected information.

Personal data will only be retained for the minimum time necessary for the purposes of its processing and, in any case, for a period not exceeding: 24 months, or until the User requests their deletion. At the time personal data is collected, the User will be informed about the retention period for their personal data or, when that is not possible, the criteria used to determine this period.

The User’s personal data will not be shared with third parties. However, at the time personal data is collected, the User will be informed about the recipients or categories of recipients of the personal data.

In accordance with Article 8 of the GDPR and Article 7 of Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights, only individuals over 14 years of age can lawfully consent to the processing of their personal data by Silver Asteroid. If the individual is under 14 years old, consent from their parents or guardians will be required for the processing, and it will only be considered lawful to the extent that such consent is provided by them.

Silver Asteroid is committed to adopting the necessary technical and organizational measures, according to the appropriate level of security based on the risk of the collected data, to ensure the security of personal data and prevent its destruction, loss, or alteration, whether accidental or unlawful, and unauthorized access to or disclosure of this data. The Website has an SSL certificate (Secure Socket Layer), which ensures that personal data is transmitted securely and confidentially, as the transmission of data between the server and the User, and vice versa, is fully encrypted.

However, because Silver Asteroid cannot guarantee the invulnerability of the internet or the total absence of hackers or others who may fraudulently access personal data, the Data Controller undertakes to promptly notify the User if there is a breach of the security of personal data that is likely to result in a high risk to the rights and freedoms of individuals. In accordance with Article 4 of the GDPR, a personal data breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed.

Personal data will be treated as confidential by the Data Controller, who undertakes to inform and ensure, through a legal or contractual obligation, that confidentiality is respected by its employees, associates, and anyone to whom it makes the information accessible.

The User has the following rights recognized under the GDPR and Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights, which they can exercise against Silver Asteroid, the Data Controller:

• Right of access: It is the User’s right to obtain confirmation from Silver Asteroid whether their personal data is being processed or not, and if so, to obtain information about their specific personal data and the processing that Silver Asteroid has carried out or is carrying out. This includes, among other things, information about the origin of such data and the recipients of the communications made or planned with this data.
• Right of rectification: It is the User’s right to request the correction of their personal data that is inaccurate or incomplete, considering the purposes of the processing.
• Right to erasure (“right to be forgotten”): It is the User’s right, provided that current legislation does not establish otherwise, to obtain the erasure of their personal data when the data is no longer necessary for the purposes for which it was collected or processed; the User has withdrawn their consent and there is no other legal basis for the processing; the User objects to the processing and there are no overriding legitimate grounds for the processing; the personal data has been unlawfully processed; the personal data must be erased to comply with a legal obligation; or the personal data has been collected in relation to the offer of information society services to a child under 14 years of age. In addition to deleting the data, the data controller, taking into account available technology and the cost of implementation, must take reasonable steps to inform other data controllers processing the personal data that the data subject has requested the erasure by these controllers of any links to, or copy or replication of, those personal data.
• Right to Restriction of Processing: It is the User’s right to restrict the processing of their personal data. The User has the right to obtain restriction of processing when challenging the accuracy of their personal data; when the processing is unlawful; when the Data Controller no longer needs the personal data, but the User needs it for legal claims; and when the User has objected to the processing.
• Right to Data Portability: If the processing is carried out by automated means, the User has the right to receive their personal data from the Data Controller in a structured, commonly used, and machine-readable format, and to transmit those data to another Data Controller. Where technically feasible, the Data Controller will transmit the data directly to the other Data Controller upon request.
• Right to Object: This is the User’s right to oppose the processing of their personal data or to request the cessation of such processing by Silver Asteroid.
• Right Not to be Subject to Automated Decision-Making, Including Profiling: This is the User’s right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them, unless otherwise provided by applicable law.

Así pues, el Usuario podrá ejercitar sus derechos mediante comunicación escrita dirigida al Responsable del tratamiento con la referencia “RGPD-https://silverasteroid.com/”, especificando:

• Nombre, apellidos del Usuario y copia del DNI. En los casos en que se admita la representación, será también necesaria la identificación por el mismo medio de la persona que representa al Usuario, así como el documento acreditativo de la representación. La fotocopia del DNI podrá ser sustituida, por cualquier otro medio válido en derecho que acredite la identidad.
• Petición con los motivos específicos de la solicitud o información a la que se quiere acceder.
• Domicilio a efecto de notificaciones.
• Fecha y firma del solicitante.
• Todo documento que acredite la petición que formula.

Esta solicitud y todo otro documento adjunto podrá enviarse a la siguiente dirección y/o correo electrónico:

Dirección postal: Calle Pamplona, 92 – 1 1, Barcelona, 08018, Barcelona

Correo electrónico: pablo@silverasteroid.com

El Sitio Web puede incluir hipervínculos o enlaces que permiten acceder a páginas web de terceros distintos de Silver Asteroid, y que por tanto no son operados por Silver Asteroid. Los titulares de dichos sitios web dispondrán de sus propias políticas de protección de datos, siendo ellos mismos, en cada caso, responsables de sus propios ficheros y de sus propias prácticas de privacidad.

En caso de que el Usuario considere que existe un problema o infracción de la normativa vigente en la forma en la que se están tratando sus datos personales, tendrá derecho a la tutela judicial efectiva y a presentar una reclamación ante una autoridad de control, en particular, en el Estado en el que tenga su residencia habitual, lugar de trabajo o lugar de la supuesta infracción. En el caso de España, la autoridad de control es la Agencia Española de Protección de Datos (http://www.agpd.es).