||Second Layer (Links)
|Data Controller||The data processed is strictly necessary, appropriate, and relevant for each purpose. LA MAFIA FRANCHISES, S.L. is responsible for the processing of personal data.||+ Info|
|Purpose||The purpose of the data processing carried out will be in accordance with the activities of the Departments of LA MAFIA FRANCHISES, S.L., mainly focusing on providing restaurant and home delivery services.||+ Info|
|Legitimacy||The processing of data is based on the assumptions set out in article 6 of the GDPR. In the case of LA MAFIA FRANCHISES, S.L., this processing is usually carried out when the interested party has given their consent for the processing of their personal data for one or more specific purposes.||+ Info|
|Data Retention||The personal data provided will be kept for the time necessary to fulfill the purpose for which it was collected and to determine the possible responsibilities that may arise from the purpose, as well as the legal retention periods that require its retention (e.g., tax obligations).||+ Info|
|Data Disclosure||“In general, personal data will not be disclosed to third parties, except by legal obligation:
Competent public administration
|Rights of Interested Parties||We acknowledge the right of our visitors and users to exercise their rights of access, rectification, erasure, and portability of their data, limitation and opposition to its processing, as well as not to be subject to decisions based solely on the automated processing of their data, where appropriate, before the Spanish Data Protection Agency.||+ Info|
- Data Controller: La Mafia Franchises, S.L.
- TAX ID: B85799955
- Address: Paseo la Constitución, 8 – BJ, 50008, Zaragoza
- Phone: 976 794 675
- Email: email@example.com
- DPO or Security Manager:
a) Provision of services to current and/or potential customers
Provide restaurant and home delivery services
Sending commercial information about our products and/or services
b) Suppliers and third parties
Outsourcing of services to third parties (companies, self-employed individuals, foundations, associations, etc.)
c) Human Resources
Management of employees
Personal files. Timekeeping. Incompatibilities. Training. Pension plans. Occupational risk prevention.
Issuance of employee payrolls, as well as all products derived from them. Management of union activity (if applicable)
d) Video surveillance
Ensuring the safety of people, property and facilities.
- GDPR: 1.a) the data subject has given consent to the processing of his or her personal data for one or more specific purposes;
- GDPR: 1.b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
- GDPR: 1.c) processing is necessary for compliance with a legal obligation to which the controller is subject;
- General Data Protection Regulation
- Organic Law 3/2018, of December 5, on the Protection of Personal Data and the Guarantee of Digital Rights
- Law 34/2002, of July 11, on Information Society Services and Electronic Commerce (Applicable in messaging, social networks, and online sales)
- “You have the right to withdraw your consent”
- Current and potential customers and users
- Professionals and collaborators
- Employees and potential candidates
- Individuals who pass through the Entity’s facilities
CATEGORIES OF PERSONAL DATA
Identifying information (name, surname, ID number, postal address, phone number, email address, website)
Other personal data (marital status, date and place of birth, age, gender, nationality, voice, image, signature, fingerprint, iris, etc.)
Banking information Commercial information
Sale of goods or services
CATEGORIES OF RECIPIENTS
The personal data of clients will be communicated to the following recipients:
- Public administrations (e.g. Tax Agency, Social Security)
- Judicial authorities “If applicable” (Courts)
- Financial entities (Banks)
- Collaborating entities
No international data transfers are planned.
DATA RETENTION PERIOD
The data will be kept for as long as necessary to fulfill the purpose for which it was collected and to determine any responsibilities that may arise from said purpose and the processing of the data.
In compliance with Article 32 of the GDPR, LA MAFIA FRANCHISES, S.L. will ensure the permanent confidentiality, integrity, availability and resilience of the processing systems and services. The level of security will be proportional to the risk in the processing of each type of personal data.
EXERCISING CONTROL RIGHTS OVER YOUR DATA
We recognize our visitors’ and users’ rights to access, rectify, delete and port their data, and to limit or oppose its processing, which they can exercise in the legally established manner at the addresses indicated above.
For more information on how to exercise your rights, the Spanish supervisory authority, the Spanish Data Protection Agency, provides you with the following link with its description and form to send us the request: Exercise rights
For any information or questions you need to resolve about the processing of your data by LA MAFIA FRANCHISES, S.L., you can contact us by the email provided: firstname.lastname@example.org
Complaint to the AEPD
If you feel, after contacting us, that your data rights are not being respected, you can file a complaint with the AEPD.