Privacy Policy
01. Content and Acceptance
This Personal Data Processing document aims to inform users about how personal data obtained through the Website is collected, processed, and protected, so that users can freely and voluntarily determine whether they wish to provide their personal data.
Access to and use of the Website imply the User’s full acceptance of this Personal Data Processing document and their obligation to fully comply with the stated terms and conditions. Therefore, the User must carefully read this document each time they intend to use the Website, as it may undergo modifications.
This Personal Data Processing document will be valid for the personal data provided or obtained by the Company.
02. Identity of the Data Controller and Personal Data Processing
In compliance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons regarding the processing of personal data and the free movement of such data (GDPR), as well as Organic Law 3/2018 of December 5, on Personal Data Protection and the Guarantee of Digital Rights, Users are informed that the data collected through the Website and/or any data collection forms on the Website will be incorporated into the personal data files owned by LINK & PLAY S.L., with CIF B19499318, and registered office at Vía de las Dos Castillas No. 33, Pozuelo de Alarcón, CP 28224 (Madrid), for the purpose of managing the User’s navigation through the Website, where applicable, as well as for the purposes specified in each of the forms included on the Website.
The Company guarantees the confidentiality of the provided personal data and compliance with all applicable regulations.
To ensure that the provided information is always up to date and free of errors, the User must promptly notify any modifications or corrections to their personal data.
Additionally, by clicking the “Submit” button (or its equivalent) in the forms, the User declares that the information and data provided therein are accurate and truthful.
The Company informs Users that it is responsible for all data processing carried out on this Website unless otherwise specified.
Through this Privacy Policy, the Company informs Website Users about what data is collected, how it is used, and the Users’ options regarding such data, including how to access and update it.
The User expressly and fully accepts the conditions outlined in this Privacy Policy for using the Company’s Website and any services incorporated into it.
03. Data Protection Officer (DPO)
The Data Protection Officer (DPO) is responsible for ensuring compliance with data protection regulations applicable to the Company and, consequently, this Website.
Users can contact the designated DPO using the following contact details: contacto@linkandplay.es
04. Legal Basis for Data Processing
The legal basis for processing personal data is the User’s consent. The Company commits to obtaining the User’s explicit and verifiable consent for processing their personal data for one or more specific purposes.
When a User fills out any forms requesting personal data under the GDPR, they must give unequivocal and explicit consent, which is revocable and non-retroactive.
The User has the right to withdraw their consent at any time. Withdrawing consent will be as easy as giving it. As a general rule, withdrawal of consent will not condition the use of the Website.
If the User needs to provide data through forms to make inquiries, request information, or for other purposes related to the Website’s content, they will be informed if any data is mandatory because it is essential for the proper processing of their request.
05. Data Collection and Duty to Inform
This document aims to establish and regulate the rules of use as well as the safeguarding of data on the Website www.linkandplay.es (hereinafter, the “Website”), referring to all pages and content owned by the Company (hereinafter, “the Company”) accessible through the domain www.linkandplay.es.
The Company, as the Website owner, informs Users that it is responsible for the data processing carried out on this Website unless otherwise specified.
The Company complies with current personal data protection laws, respecting Users’ privacy and ensuring the security and confidentiality of personal data in accordance with applicable legal provisions, including Regulation (EU) 2016/679 and Organic Law 3/2018.
Users are informed that their personal data will only be collected for processing when they are appropriate, relevant, and not excessive in relation to the specific, explicit, and legitimate purposes for which they are obtained.
The User is solely responsible for providing false, inaccurate, incomplete, or outdated information.
The Company is not responsible for processing personal data from third-party websites accessed through links contained on our Website.
Users guarantee that the personal data provided is true, accurate, complete, and up to date and agree to notify any changes or modifications. If personal data of third parties is provided, the User is responsible for having informed and obtained the consent of those third parties before sharing their data.
If any loss or damage is caused to the Website, its data controller, or third parties due to incorrect, inaccurate, incomplete, or outdated information provided through the Website’s forms—especially in the Registration section—the User will bear sole responsibility for the consequences.
06. Principles Applicable to Personal Data Processing
The processing of the User’s personal data will be subject to the following principles established in Article 5 of the GDPR and related regulations:
a) Lawfulness, fairness, and transparency: The User’s consent will be required, with prior, completely transparent information about the purposes of data collection.
b) Purpose limitation: Data will only be collected for specified, explicit, and legitimate purposes.
c) Data minimization: Only data strictly necessary for processing will be collected.
d) Accuracy: Personal data must be accurate and kept up to date.
e) Storage limitation: Personal data will be retained only as long as necessary for its intended purpose, subject to legitimate legal interests.
f) Integrity and confidentiality: Data will be processed securely and confidentially.
07. Categories of Personal Data
The Company may collect personal data from Users and others interacting with it. These may vary based on technological capabilities or the nature of the relationship.
The categories of data processed by the Company through this Website are only identifying and administrative data. Special categories of personal data, as defined in Article 9 of the GDPR, are not processed.
08. Purposes of Data Processing
9. Personal Data of Minors
The Company will always pay special attention to processing data related to minors, ensuring their effective protection in all cases. The processing of minors’ data will always comply with the provisions established in Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 (GDPR) and Organic Law 3/2018, of December 5, on the Protection of Personal Data and Guarantee of Digital Rights.
For any interaction between minors and the Company, the minor’s age must be known. The Company reserves the right to request consent from parents, guardians, or legal representatives in its dealings with minors.
10. Confidentiality and Secrecy of Personal Data
All data collected in private communications between the Company and Users will be treated with absolute confidentiality. The Company commits to maintaining the confidentiality of personal data, safeguarding it, and adopting all necessary measures to prevent its alteration, loss, unauthorized processing, or access, in compliance with European data protection regulations, specifically Regulation (EU) 2016/679 and Organic Law 3/2018.
Additionally, any exchanged information of any kind, whether explicitly agreed to be confidential or relating to confidential matters, will also be protected. Viewing data over the Internet does not imply direct access to it unless the owner explicitly consents to it each time. The Company is not responsible for information leaks resulting from poor data management by the User.
The Company guarantees Users that it will uphold professional secrecy regarding their personal data and ensure its safekeeping. Users are advised to keep their identification and any reference numbers issued by the Company private. To maintain professional secrecy, Users should not disclose confidential information to third parties.
11. Integrity and Security of Personal Data
The Company commits to implementing necessary technical and organizational measures, according to the appropriate level of security relative to the risk of the collected data, ensuring personal data security and preventing accidental or unlawful destruction, loss, or alteration, as well as unauthorized access or communication of such data.
However, as the Company cannot guarantee complete invulnerability of the Internet or prevent unauthorized access by hackers or fraudulent actors, the data controller commits to notifying the User promptly of any security breach likely to pose a high risk to individuals’ rights and freedoms.
Under Article 4 of Regulation (EU) 2016/679, a personal data security breach is defined as any violation leading to the accidental or unlawful destruction, loss, alteration, unauthorized communication, or access to transmitted, stored, or otherwise processed personal data.
Personal data will be treated confidentially, and the data controller will ensure that its employees, partners, and any third party with access to the data respect this confidentiality.
The Company upholds applicable data protection laws, ensuring Users’ privacy and the security of personal data by adopting the necessary technical and organizational measures to prevent loss, misuse, alteration, unauthorized access, or theft of provided personal data, taking into account technological advancements, data nature, and associated risks.
12. Rights Derived from Personal Data Processing
Users may exercise the following rights before the data controller, as recognized under Regulation (EU) 2016/679:
a) Right of access: Users have the right to confirm whether the Company is processing their personal data and, if so, to access their specific data and obtain details on how it is being processed.
b) Right to rectification: Users can request the correction of inaccurate or incomplete personal data.
c) Right to erasure (“right to be forgotten”): Users may request the deletion of personal data when no longer necessary for its collected purpose, if consent is withdrawn and no other legal basis applies, if they object to the processing, if data has been unlawfully processed, or if legal obligations require deletion.
d) Right to restriction of processing: Users can request limited processing of their data under specific conditions, such as contesting data accuracy, unlawful processing, or pending claims.
e) Right to data portability: If processing is automated, Users can receive their data in a structured format and transmit it to another controller, if technically feasible.
f) Right to object: Users can object to the processing of their personal data.
g) Right not to be subject to automated decision-making, including profiling: Users have the right not to be subject to decisions based solely on automated processing, unless legally required.
Users can exercise their rights by contacting the Company’s Data Protection Officer (DPO) at the following address:
-
Postal Address: Vía de las Dos Castillas No. 15, Pozuelo de Alarcón, 28224 Madrid
-
Email: contacto@linkandplay.es
Requests must include:
-
User’s full name
-
National ID (DNI) or equivalent official document
-
A specific request detailing the information or action required
-
Mailing or email address for notifications
-
Date and signature
-
Any supporting documents relevant to the request
13. Data Hosting
For technical and service quality reasons, the website www.linkandplay.es is hosted on servers located within the European Union.
14. Data Availability
Internet data availability may be affected by multiple external factors beyond the Company’s control. The Company is not responsible for any damages caused by service interruptions due to external factors. Nevertheless, the Company will maintain the highest security standards to ensure data confidentiality, integrity, and availability.
15. Complaints to the Supervisory Authority
If Users believe that their personal data is being processed unlawfully, they have the right to seek legal protection and file a complaint with a supervisory authority in their country of habitual residence, workplace, or where the alleged violation occurred. In Spain, the relevant authority is the Spanish Data Protection Agency (Agencia Española de Protección de Datos): http://www.aepd.es.
16. Acceptance and Changes to this Privacy Policy
Users must read and agree to this Privacy Policy, consenting to the processing of their personal data under the specified terms, duration, and purposes. Using the website implies acceptance of this Privacy Policy.
The Company reserves the right to modify its Privacy Policy at its discretion or due to legislative, jurisprudential, or regulatory changes by the Spanish Data Protection Agency.
Any changes or updates will be explicitly communicated to Users on the website.
This Privacy Policy complies with Regulation (EU) 2016/679 and Organic Law 3/2018, ensuring the protection of individuals’ personal data and their digital rights.
