Privacy Policy

This section contains all information relating to the management of your personal data and our data processing policy.

Your privacy is very important to us. This privacy statement explains what personal data we collect from our users and how we use them. We encourage you to read these terms carefully before you submit any personal data to this website.

In the case of children under the age of thirteen, parental or guardian consent is required for the processing of their personal data.

Under no circumstances will data relating to the professional or financial situation, or the privacy of other family members be collected from minors without their consent.

If you are under thirteen years of age and have accessed this website without notifying your parents, you should not register as a user or send any information.

This website respects and takes care of the personal data of its users. As a user, you should know that your rights are guaranteed.

We have made every effort to create a safe and trustworthy space and that is why we want to share our principles regarding your privacy:

  • We never ask for personal information unless it is absolutely necessary to provide you with the services you require.

  • We never share personal information about our users with anyone, except to comply with the law or with your express permission.

  • We never use your personal data for any purpose other than that expressed in this Privacy Policy.

Please note that this Privacy Policy may change due to legislative or self-regulatory requirements, so users are advised to check it regularly. It will be applicable in the event that users decide to fill in any contact form where personal data is collected.

Who is responsible for processing personal data?


  • Domiciled in Puerto de Marín, s/n – 36900 – Marín (PONTEVEDRA)

  • Tax ID (NIF) number: B36219541

  • Registered in the Mercantile Registry of PONTEVEDRA under Volume 1508, Book 1508, Folio 131, Section 8, Sheet No. PO 12704, Entry 7 (11/08/17).

  • Contact e-mail address: info@rosadelosvientos.es

For the purposes of the provisions of the Data Protection legislation, the personal data you send us through the forms on the website will be processed as “Website users and subscribers” data.

For the processing of our users’ data, we implement all the technical and organisational security measures established in the current legislation.

Basic data protection information

Main purposes of the processing:

  • To manage the contracting of products and/or services.
  • To send commercial communications.
  • To resolve queries raised through the website.

Main legitimate bases:

  • Execution of the contract.
  • Legitimate interest.
  • Compliance with legal obligations.

Main recipients:

  • Law enforcement authorities.
  • Service providers.
  • No international data transfers are envisaged.


  • Among others, right of access, rectification, erasure, objection and portability of data, right to object to processing at any time, on grounds relating to your particular situation, if the processing is based on legitimate interest.


  • Provided by the owner.
  • Obtained from browsing behaviour.

Principles we will apply to your personal information

When processing your personal data, we will apply the following principles that comply with the requirements of the new European Data Protection Regulation:

  • Principle of lawfulness, fairness and transparency: we will always require your consent to the processing of your personal data for one or more specific purposes, which we will inform you about in advance with full transparency.
  • Principle of data minimisation: we will only request data that are strictly necessary for the purposes for which we require them. The minimum possible.
  • Principle of limitation of the retention period: the data will be kept for no longer than necessary for the purposes of processing, depending on the purpose, we will inform you of the corresponding retention period, in the case of subscriptions, we will regularly review our lists and delete those records that have been inactive for a considerable period of time.
  • Principle of integrity and confidentiality: your data will be processed in such a way as to ensure that the personal data are properly secured, and confidentiality is guaranteed. You should be aware that we take all necessary precautions to prevent unauthorised access or misuse of our users’ data by third parties.

How do we obtain these data?

The personal data we process on our website may come from:

  • Contact form
  • Via e-mail address

What are your rights when you provide us with your data?

Any person has the right to obtain confirmation as to whether or not we are processing personal data concerning them on our website.

Data subjects have the right to:

  • Request access to the data concerning them
  • Request their rectification or erasure
  • Request the limitation of their processing
  • Object to the processing
  • Request the portability of data

Data subjects may access their personal data, as well as request the rectification of inaccurate data or, where appropriate, request their erasure when, among other reasons, the data are no longer necessary for the purposes for which they were collected. Under certain circumstances, data subjects may request that we limit the processing of their data, in which case we will only retain the data for the purpose of exercising or defending claims.

Under certain circumstances and for reasons related to their particular situation, data subjects may object to the processing of their data. In that case, we will stop processing the data, except for compelling legitimate reasons, or for exercising or defending possible claims. As a data subject, you have a right to receive concerning you that you have provided to us in a structured, commonly used and machine-readable format and to transfer it to another data controller when:

  • The processing is based on consent.
  • The data have been provided by the data subject.
  • The processing is carried out by automated means.

In exercising your right to data portability, you have the right to have personal data transferred directly from controller to controller where technically feasible.

Data subjects will also have the right to effective legal protection and to file a complaint with the supervisory authority, in this case, the Spanish Data Protection Agency, if they consider that the processing of personal data concerning them is in breach of the Regulation.

For what purpose will we process your personal data?

When a user connects to this website to send an e-mail to the owner, they are providing personal information for which the owner of the website is responsible. This information may include personal data such as your IP address, name, physical address, e-mail address, telephone number and other information. By providing this information, you consent to your information being collected, used, managed and stored by this website only as described in the Legal Notice and this Privacy Policy.

On this website there are different systems for capturing personal information, and we process the information provided by data subjects for the following purposes for each capture system (forms):

Contact form

We request your name, e-mail address, telephone number, company and country, as well as data relating to the characteristics of the service you request from us in order to respond to the requirements of the users of this website. For example, we may use this data to respond to your request and answer any queries, complaints, comments or concerns you may have regarding the information included on the website, the services provided through it, the processing of your personal data, questions relating to the legal texts included on the website, as well as any other queries you may have that are not subject to the terms and conditions of contracting.

We inform you that the data you provide us with in this form will be received by e-mail and will be located on the servers of our e-mail provider. Our e-mail server is within the EU, currently under the EU security agreement.

There are other purposes for which we process your personal data:

  • To guarantee compliance with the terms and conditions of use and the applicable law. This may include the development of tools and algorithms that help this website to guarantee the confidentiality of the personal data it contains.
  • To support and improve the services offered by this website.
  • Other non-identifying data are also collected, which are obtained through the use of cookies that are downloaded to the user’s computer when browsing this website, which we detail in the Cookies Policy.
  • To manage social networks. The processing of the data of the persons or companies that become followers on the social networks of the company’s official pages will be governed by this section. It will also be governed by the conditions of use, privacy policies and access regulations belonging to the social network in each case and previously accepted by the user of this website. Your data will be processed for the purposes of correctly managing your presence on the social network, informing you of the activities, products or services of our website. As well as for any other purpose that the regulations of the social networks allow. Under no circumstances will we use the profiles of followers on social networks to send individual advertising.

In accordance with the provisions of the European General Data Protection Regulation (GDPR) 2016/679, the Owner of the website will be responsible for processing the data corresponding to Users of the website and subscribers.

We do not, and will not in the future, sell, rent or lease personally identifiable data to third parties without prior consent. However, in some cases we may collaborate with other professionals. In these cases, users will be asked for their consent, informing them of the identity of the collaborator and the purpose of the collaboration. This will always be carried out with the strictest security standards in place.

Legitimation for the processing of your data

The legal basis for the processing of your data is consent.

In order to contact or make comments on this website, your consent to this privacy policy is required.

The prospective or commercial offer of products and services is based on the consent you are asked to give. The withdrawal of this consent does not in any case determine the execution of the subscription contract.

Category of data

The categories of data processed are identification data.

Specially protected categories of data are not processed.

For how long will we keep your data?

The personal data provided will be kept until the data subject requests its deletion or until it is removed from the database or e-mail server due to inactivity.

To which recipients will your data be disclosed?

Many of the tools we use to manage your data are contracted by third parties.

In order to provide services strictly necessary for the development of the activity, the Owner of the website shares data with the following providers under their corresponding privacy conditions:

  • Website hosting and e-mail: Our hosting provider is Arsys Internet S.L.U. C/ Madre de Dios nº 21, 26004, Logroño (La Rioja) Spain. +34 941 620 100. Tax ID (NIF): B-85294916. E-mail: info@arsys.es. It processes data for the purpose of providing us with hosting services.

Data secrecy and security

This website is committed to the use and processing of users’ personal data, respecting their confidentiality and using them in accordance with their purpose, as well as complying with its obligation to store them and taking all measures to prevent their alteration, loss, unauthorised processing or access, in accordance with the provisions of the current data protection legislation.

This website includes an SSL certificate. This is a security protocol that makes your data travel in an integral and secure way, in other words, the transmission of data between a server and a website user, and in feedback, is fully coded or encrypted.

The Owner of the website cannot guarantee the absolute impregnability of the Internet network and therefore the violation of data through fraudulent access by third parties.

With regard to the confidentiality of processing, the Owner of the website will ensure that any person who is authorised by this website to process the customer’s data (including its staff, collaborators and service providers) will be under an appropriate obligation of confidentiality (whether this is a contractual or legal duty).

Upon becoming aware of any security incident, the Owner of the website will notify the customer without undue delay and provide timely information relating to the security incident as soon as it becomes known or when reasonably requested by the customer.

Accuracy and veracity of the data

As a user, you are solely responsible for the veracity and accuracy of the data you submit to this website, exonerating the Owner of it from any liability in this regard.

Users guarantee and are responsible, in any case, for the accuracy, validity and authenticity of the personal data provided, and undertake to keep them duly updated. The user agrees to provide complete and correct information in the contact or subscription form.

Acceptance and consent

The user declares to have been informed of the conditions on the protection of personal data, accepting and consenting to the processing thereof by the Owner of the website in the manner and for the purposes indicated in this Privacy Policy.


The consent given, both for the processing and for the transfer of the data of data subjects, may be revoked at any time by communicating it to the Owner of the website under the terms established in this Policy for the exercising of ARCO rights. This revocation will in no case be retroactive.

Changes to the Privacy Policy

The Owner of the website reserves the right to change this Privacy Policy to adapt it to new legislation or case law, as well as to industry practices. In such cases, the Owner of the website will announce the changes made on this page reasonably in advance of their implementation.

Commercial e-mails

In accordance with the Spanish Law on Information Society Services and Electronic Commerce (abbreviated as LSSICE), this website does not engage in SPAM practices, and therefore does not send commercial e-mails that have not been previously requested or authorised by the user. Consequently, in each of the forms on the website, users have the option of giving their express consent to receive the newsletter, regardless of the commercial information requested on a one-time basis.

In accordance with the provisions of Spanish Law 34/2002, on Information Society Services and Electronic Commerce, this website undertakes not to send communications of a commercial nature without duly identifying them.

Date of latest update: 03/10/2022

Skip to content