KEITH BADDELEY is fully committed to complying with the Spanish and European regulations on personal data protection and guarantees full compliance with the obligations under those regulations, including the implementation of the security measures set out in the General Data Protection Regulations (GDPR) (EU) 2016/679, of 27 April 2016, and in Spanish Organic Law 3/2018, of 5 December 2018, on the Protection of Personal Data and Guarantee of Digital Rights (known in Spanish as LOPD and GDD, hereinafter referred to as LOPD).
In accordance with these regulations, we hereby inform users that the use of our website may require them to provide certain personal information through contact forms or by sending emails, and that this information will be processed by KEITH BADDELEY, the Data Controller, whose details are:
- Business Name: Keith Baddeley Translations
- NIE: Y4992221Q
- Business Address: Paraje La Mujer 32, Finca Fortuna, 29788, Frigiliana (Málaga), Spain
- Postal Address: El Zoco de Nerja Box 22, 29780, Nerja (Málaga), Spain
- Phone: (+34) 675 993 887
- Email: email@example.com
Data Collection and Processing
Personal data is any information that relates to a person, e.g. name, email address, address, phone number, tax ID number, etc. Additionally, when a User visits our website, certain information is stored automatically for technical reasons, e.g. the IP address assigned by their Internet access provider.
KEITH BADDELEY, as Data Controller, has a duty to inform the Users of this website about the collection of personal data that may take place as a result of sending an email or completing the forms included on the website.
Only the specific data required to carry out the contracted service, or required to respond adequately to the request for information made by the User, will be collected. The data collected identifies the User and is kept to the reasonable minimum required to carry out the activity in question. In particular, no sensitive data is collected at any time. Under no circumstances will the data be used for any purpose other than that for which it was collected.
Purpose: To answer your request for information made through the contact form on this website.
Legitimate Grounds: The legitimate grounds for processing the personal data provided is the consent of the User, who may withdraw this consent at any time.
Data Transfer: The personal data is processed using servers managed by SiteGround, which is therefore considered the Data Processor.
Only persons over 14 years of age may provide personal data on this website. As required under the LOPD and GDD, in the case of minors under the age of 14, consent from their parents or guardians is a mandatory prerequisite for KEITH BADDELEY to process their personal data.
Furthermore, only persons over 18 years of age may use our services. In the case of minors under the age of 18, consent from their parents or guardians is a mandatory prerequisite for us to be able to provide the services offered, unless the minor is emancipated.
Users of KEITH BADDELEY’s website are hereby informed that all available security, technical and organisational measures have been taken to prevent the loss, misuse, alteration, unauthorised access and theft of data, and to guarantee the confidentiality, integrity and quality of the information contained therein, in accordance with the provisions of current data protection legislation. The personal data collected via the forms is processed only by KEITH BADDELEY’s staff or by designated Data Processors.
The KEITH BADDELEY website also uses SSL encryption, which allows the User to submit personal information securely via the contact forms on the website.
The User declares that all the information provided by them is true and correct and undertakes to keep it up to date. The User is solely responsible for the accuracy of his/her data and for any conflicts or disputes that may result from any inaccuracy relating to that data. It is important that the User inform KEITH BADDELEY of any changes to his/her personal data so that it can be kept up to date.
KEITH BADDELEY will not transfer or communicate the User’s data to any third party, except in the cases provided for by law or where the provision of a service involves the need for a contractual relationship with a Data Processor. The User therefore accepts that some of the personal data collected may be provided to these Data Processors (payment platforms, administrative agencies, intermediaries, etc.) when this is necessary for the effective performance of a service contracted or product purchased. The User also accepts that, in the case of providing services, these may be totally or partially subcontracted to other people or companies, which will be considered Data Processors and with which a corresponding confidentiality agreement has been signed or which adhere to the privacy policies set out on their respective websites. The User may refuse to transfer their data to the Data Processors, by written request, by any of the aforementioned means.
Furthermore, in those cases where it is necessary, Client data may be transferred to certain bodies in order to comply with a legal obligation, for example: Spanish Tax Agency, banks, Labour Inspectorate, etc.
Exercising User Rights
The LOPD and GDPR give data subjects the opportunity to exercise a number of rights in relation to the processing of their personal data. To do so, the User must provide documentation proving their identity (identity card or passport), sent by email to firstname.lastname@example.org or by written communication to the postal address provided in the Legal Notice. This communication must include the following information: User’s first and last name, the purpose of the request, postal address and supporting information.
Users must exercise these rights themselves. However, a person authorised to act as the User’s legal representative may exercise them, in which case documentation must be provided to prove such representation.
Users may request to exercise the following rights:
- Right to request access to their personal data.
- Right to request rectification (if incorrect) or deletion of their personal data.
- Right to request limitation of processing of their personal data, in which case the data will only be retained by KEITH BADDELEY for exercising or defending legal claims.
- Right to object to processing: KEITH BADDELEY will no longer process their data, unless for legitimate reasons or for exercising or defending any legal claim that may require further processing.
- Right to data portability: if Users want their data to be processed by another company, KEITH BADDELEY will ensure portability by providing their data in exportable format.
In the event that consent has been given for a specific purpose, the User has the right to withdraw this consent at any time, without affecting the lawfulness of the processing based on the consent given prior to its withdrawal.
We undertake to execute all these rights within the maximum legal period (1 month).
If any User considers that there is a problem with the way in which KEITH BADDELEY is handling their data, they can address their complaint to the Security Officer or to the relevant data protection authority, which in Spain is the Spanish Data Protection Agency (Spanish abbreviation: AEPD).
Personal data provided by Users who use the contact form or who send us an email requesting information will be processed for only as long as necessary to fulfil the request for information or until the consent given is withdrawn.
Personal data provided by Clients will be processed until the contractual relationship comes to an end. Personal data will be retained for the minimum period required as detailed below:
- 4 years: Spanish Labour Infringements and Penalties Law (obligations regarding worker affiliation, registration, cancellation of registration, contributions, salary payment, etc.); Article 66 and following of the Spanish General Tax Law (accounting records, etc.)
- 5 years: Article 1964 of the Spanish Civil Code (personal actions with no special time limit)
- 6 years: Article 30 of the Spanish Commercial Code (accounting records, invoices, etc.)
- 10 years: Article 25 of the Spanish Prevention of Money Laundering and Financing of Terrorism Law.
- No time limit: Disaggregated and anonymised data.
Furthermore, the data of Users who subscribe to our newsletter(s) will be kept indefinitely, until the consent given is revoked.
KEITH BADDELEY has a profile on some of the main social networks on the Internet (LinkedIn and Twitter) and is in all cases responsible for processing the data published by KEITH BADDELEY concerning its followers, fans, subscribers, commentators and other user profiles (hereinafter, followers).
Where not prohibited by law, the purpose of the data processing carried out by KEITH BADDELEY is to inform its followers about its activities and offers, by any means allowed by the social network, and to provide a personalised service for its Clients. The legitimate grounds for processing this data is the consent of the data subject, who may withdraw this consent at any time.
Under no circumstances will KEITH BADDELEY extract data from social networks unless the User has given their express consent to do so (e.g. for a competition).
International Data Transfers
KEITH BADDELEY uses the marketing email delivery services of Mailchimp, a company based in the United States. Standard contractual clauses approved by the European Commission have been signed with this company to ensure an adequate level of protection in the processing of your personal data, in accordance with the criteria established by the GDPR.
In all cases, information provided by Clients will be considered confidential and will not be used for purposes other than those described here. KEITH BADDELEY agrees not to disclose or reveal information about the User’s requirements, the reasons for the advice sought or the duration of the relationship with the User.
This privacy and data protection policy was prepared by ExpertosLOPD®, a data protection company, on 18 February 2022, and may be subject to change in line with any changes in regulations and case law. Data owners (Data Subjects) are responsible for reading the updated document in order to understand their rights and obligations in this regard at any given time.