This Privacy Policy aims to inform you of how we collect, process, and protect the personal data provided through our website or blog (hereinafter, the Website), so that you may freely decide whether you wish us to process them.

1. Data Controller / Information Society Service Provider

Identity – Entity	MA BUSINESS, MEETINGS & EVENTS, S.L.
Tax ID (CIF/NIF)	B40614133
Postal Address	C/ Denia, 20-2, Postcode 46006, Valencia (Valencia), Spain
Telephone	601317134
Email	info@alfombraroja.se
Corporate Purpose	Business consultancy – export/import
Website	https://alfombraroja.se/
Registry Information	Valencia Commercial Registry, Volume 10727, Book 8007, Folio 51, Section 8, Sheet V 189596

2. Processing of Personal Data

The personal data that you have provided will be processed confidentially and incorporated into the corresponding processing activity owned by our organisation.

We request only the essential data required to deal with your request, issue invoices in the event of a purchase or contract, or maintain the relationship with you if you request it or when necessary to provide the services and/or process purchases on this website.

3. Purpose

Your personal data will be processed solely for the purpose of responding to your requests, whether you are a client, supplier, user of our website, or a job applicant.

We do not send advertising without the user’s prior consent.

4. Lawful Basis

Your data will be processed on the following legal bases:

• Your request for information, job application, and/or contracting of our services and/or purchase of our products.
• Your freely given, specific, informed, and unambiguous consent, since we inform you of this Privacy Policy which, once read and if in agreement, you may accept by ticking the boxes provided for that purpose.

You may withdraw your consent at any time.

If the user is under 14 years of age or legally incapacitated, consent must be obtained from parents, guardians, or their legal representative in order to process the user’s data. The user is solely responsible for the accuracy of the data submitted.

5. Security Measures

Our organisation has implemented all necessary technical and organisational measures to protect processed personal data, preventing loss, theft, or unauthorised use.

These measures are periodically verified as part of our compliance controls with applicable regulations.

6. Data Retention

Personal data provided will be retained for the time necessary to fulfil the purpose for which they were collected and to determine potential liabilities that may arise from said purpose.

In the case of job applications, data will be retained for a maximum of 1 year or until the applicant requests their deletion.

7. Rights of Data Subjects

You have the right to know whether our organisation is processing your personal data; therefore, you have the right to access your data, rectify inaccurate data, or request their erasure when they are no longer necessary.

You may also exercise your right to restriction or portability, if you deem it appropriate, by sending a written request via email to info@businessadapter.es, attaching a copy of your ID to verify your identity.

If you wish to submit any suggestion or query regarding the processing of your data, you may contact our data protection consultants:

BUSINESS ADAPTER, S.L.
Ronda Guglielmo Marconi, 11, 26, (Technological Park) 46980 Paterna (Valencia).
Tel. 96 131 88 04
Email: info@businessadapter.es
Website: https://www.businessadapter.es/

If the data subject exercising their rights is under 14 years of age or incapacitated, such rights may be exercised by their parents, guardians, or legal representative.

If you wish to lodge a complaint because you believe your rights have been violated, you may do so before the Spanish Data Protection Agency, C/ Jorge Juan, 6, 28001 Madrid, or via www.aepd.es.

8. Profiling

We do not create profiles using your personal data, but if we were to do so, you would be informed and your permission would be requested.

Likewise, you have the right to object to such processing at any time.

9. Data Transfers

Your personal data will not be transferred to other countries or to third parties except where there is a legal obligation.

In the event of purchasing products or contracting services, your data may be transferred to the entities necessary for delivering the purchased products or providing our services.

Our bank will have access to your data to manage payment of products or services, as well as any processors required for the execution of contracts and/or purchases.

In the event of transfers to other entities or countries, you will be informed and your prior consent will be requested.

Corporate Data Protection Commitment

Scope of Application

This Commitment is binding for all departments, employees of our organisation, and anyone acting on our behalf.

Purpose

We have established procedures for handling personal data in accordance with Spanish and European data protection regulations, ensuring the security and confidentiality of such data at all times.

Principles

Lawfulness, Fairness, Transparency, Data Minimisation, Accuracy, Storage Limitation, Integrity, Confidentiality, and Accountability.

Special Categories of Data

The processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data, health data, or data concerning sexual orientation is prohibited, except in legally authorised circumstances and with the prior consent of the data subject.

Rights of Data Subjects

Data subjects shall have the right to access their personal data, rectify inaccurate data, erase data when no longer necessary or when processing is undesired, restrict certain processing, obtain their data easily and in structured and commonly used formats, have their data used for profiling, and object to processing at any time.

Record of Processing Activities, Impact Assessment and Security Measures

Our organisation will keep a record of processing activities and will analyse the processing purposes, categories of data subjects and data, recipients, international transfers, retention periods, etc., in order to assess risks and implement necessary security measures to safeguard personal data under the principles of confidentiality and secrecy. Likewise, we have analysed the need to appoint a Data Protection Officer, establishing that, if required, the designated person shall possess sufficient knowledge and experience in accordance with current regulations.

Monitoring

We have engaged the services of an external consultancy to periodically carry out an audit assessing compliance with this commitment and with all legal obligations in this field.

Management
Updated on 21 March 2021