General information
This privacy policy aims to inform users of this website about the type, scope, and purpose of the collection and use of personal data by the operator of the website in.visitityourself.com (hereinafter: ViY). ViY takes your privacy very seriously and treats your personal data confidentially and in accordance with legal provisions, especially with the General Data Protection Regulation (hereinafter: GDPR), the EU regulation applicable in Spain and all other EU countries. To access the full text of the GDPR in Spanish: https://eur-lex.europa.eu/legal-content/ES/TXT/HTML/?uri=CELEX:32016R0679&from=ES
ViY has implemented appropriate technical measures to ensure the protection of your personal data with the highest possible security. However, the transmission of data over the Internet can have security gaps. Therefore, absolute protection cannot be guaranteed. Thus, users of our website are free to transmit their personal data to us through other means, such as by phone. Since new technologies and the constant development of this website may lead to changes in this privacy policy, we recommend that you revisit the privacy policy frequently. The definitions of the terms used can be found in Art. 4 GDPR.
Data controller
Eva Richvalszki,
c/Huertas 27, Portal 2, 3ºC
28160, Talamanca de Jarama, Madrid
España
If you have any questions about data protection at ViY, you can contact us at info@visitiyourself.com.
Types of processed data
Purpose of Processing:
We also process the following:
Applicable Legal Basis:
In accordance with Art. 13 GDPR, we inform you about the legal basis for our data processing. If the legal basis is not indicated in the data protection declaration, the following applies: The legal basis for obtaining consent is Art. 6 Para. 1 Lit. a and Art. 7 GDPR, the legal basis for processing for the purpose of fulfilling our services and implementing contractual measures and responding to inquiries is Art. 6 Para. 1 Lit. b GDPR, the legal basis for processing for the purpose of fulfilling our legal obligations is Art. 6 Para. 1 Lit. c GDPR, and the legal basis for processing for the purpose of safeguarding our legitimate interests is Art. 6 Para. 1 Lit. f GDPR. If the vital interests of the data subject or another natural person require the processing of personal data, Art. 6 Para. 1 Lit. d GDPR serves as the legal basis.
Cooperation with Contract Processors and Third Parties:
If we disclose or grant access to data to other individuals and companies (processors or third parties) in the course of our processing, this is only done on the following basis:
If we commission third parties to process data based on a so-called “data processing agreement,” this is done on the basis of Art. 28 GDPR.
Transfers to Third Countries:
If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or if this is done in the context of using third-party services or disclosing or transferring data to third parties, this only takes place if it is done to fulfill our (pre)contractual obligations, based on your consent, based on a legal obligation, or based on our legitimate interests. Subject to legal or contractual permissions, we will only process or transfer data to a third country if the special requirements of Art. 44 and following GDPR are met. This means that processing is carried out, for example, on the basis of special guarantees, such as the officially recognized establishment of a level of data protection equivalent to that of the EU (e.g., for the USA through the “Privacy Shield”) or compliance with officially recognized special contractual obligations (so-called “standard contractual clauses”).
User Rights:
Users’ rights regarding their personal data, such as the right of access, rectification, deletion, and portability, should be detailed.
Usage Data, Access Data, and Log Files:
ViY or our hosting provider collects data about website access due to their legitimate interest (see Art. 6 Para. 1 Lit. f GDPR) and stores it as “server log files” on the website server. The following data is recorded in this way:
Server log files do not allow conclusions to be drawn about the person concerned. They are needed for the following reasons:
Anonymous data from server log files is stored separately from all personal data for a maximum of 7 days and then deleted. If data has to be stored for evidence reasons, it is excluded from deletion until the incident is finally clarified.
Storage:
The hosting services used by ViY serve to provide the following services: infrastructure and platform services, computing capacity, storage space, and database services, security services, and technical maintenance services that we use for the operation of this online service. In doing so, we or our storage provider process inventory data, contact data, content data, contract data, usage data, meta data, and communication data of customers, stakeholders, and visitors of this online offer based on our legitimate interests in an efficient and secure provision of this online offer in accordance with Art. 6 Para. 1 Lit. f GDPR in conjunction with Art. 28 GDPR (conclusion of the processing contract).
Range Measurement and Cookies:
This website uses cookies to measure pseudonymous reach, which is transferred to the user’s browser from our server or a third party. Cookies are files stored on your end device. Your browser accesses these files. The use of cookies increases the usability and security of this website. For any inquiries about cookies, please refer to these links:
Common browsers offer the option not to allow cookies. Note that it is not guaranteed that you can access all functions of this website without restrictions if you make the appropriate settings to restrict the use of cookies.
Compilation and Processing of Personal Data
ViY will only collect, use, and disclose your personal data if the law permits it or if you give your consent for data collection. Personal data includes all information used to determine your identity and that can be traced back to you – for example, your name, email address, and phone number.
You can also visit this website without providing any personal information. However, to improve our online service, we store (without personal reference) your access data to this website. This access data includes, for example, the files and web pages you request, the type of browser you use, or your Internet service provider’s name. By anonymizing the data, it is not possible to draw conclusions about your person.
Contact
When contacting us (e.g., via a contact form or inquiry, email, phone, or social media), user data is processed to handle the contact inquiry in accordance with Article 6, Paragraph 1, Lit. b GDPR. User data may be stored in a customer relationship management system (“CRM system”) or a comparable system. We process the following personal data:
Personal data is collected voluntarily and only to the extent that you provide relevant information through the respective communication channel, in compliance with applicable data protection regulations. We will delete contact requests if they are no longer necessary. We review the necessity every two years. Legal archiving obligations also apply.
Google Analytics
Based on our legitimate interests in optimizing and analyzing our online service portfolio under Article 6, Paragraph 1, Lit. f GDPR, this website uses the “Google Analytics” service provided by Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). The service (Google Analytics) uses “cookies” – text files that are stored on your end device. The information collected by cookies is generally sent to a Google server in the USA and stored there.
Google LLC complies with European data protection law and is certified under the Privacy Shield Agreement: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
IP anonymization is used on this website. The IP address of users is shortened within the member states of the EU and the European Economic Area and in the other contracting states of the agreement. Only in individual cases is the full IP address initially transferred to a Google server in the USA and shortened there. Through this shortening, personal reference to your IP address is omitted. The user’s IP address transmitted by the browser is not combined with other data stored by Google.
Within the framework of the order data agreement, which we, as the operator of the website, have concluded with Google Inc., this company uses the information collected to create an evaluation of website usage and website activity and provides services related to Internet usage.
The data collected by Google on our behalf is used to evaluate the use of our online service by individual users, e.g., to create reports on website activity to improve our online service.
You have the option to prevent the storage of cookies on your device by adjusting your browser settings accordingly. It cannot be guaranteed that you will be able to access all functions of this website without restrictions if your browser does not allow cookies.
Additionally, you can use a browser plugin to prevent the information collected by cookies (including your IP address) from being sent to Google Inc. and used by Google Inc. The following link will take you to the appropriate plugin: https://tools.google.com/dlpage/gaoptout?hl=es
Alternatively, by clicking on this link (https://tools.google.com/dlpage/gaoptout?hl=es), you can prevent Google Analytics from collecting data about you on this website. Clicking on the link above downloads an “opt-out cookie.” Therefore, your browser must allow the storage of cookies for this purpose. If you regularly delete cookies, you will need to click the link again each time you visit this website.
Here you will find more information about Google Inc.’s use of data:
Google Re/Marketing Services
Based on our legitimate interests (i.e., interest in the analysis, optimization, and efficient operation of our online service under Article 6, Paragraph 1, Lit. f. GDPR), we use marketing and remarketing services (collectively “Google Marketing Services”) provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (“Google”). Google is certified under the Privacy Shield Agreement and therefore offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
Google Marketing Services allows us to better target ads for and on our website to show users only ads that potentially match their interests. For example, if a user is shown ads for products they have been interested in on other websites, this is called “remarketing.” For this purpose, when users access our website and other websites where Google Marketing Services are active, a code is run directly by Google, and so-called (re)marketing tags (graphics or invisible codes, also known as “web beacons”) are inserted into the website. With their help, an individual cookie, i.e., a small file, is stored on the user’s device (instead of cookies, comparable technologies can also be used). Cookies can be set by various domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com, or googleadservices.com. This file records the websites that the user has visited, the content they are interested in, and the offers they have clicked on, as well as technical information about the browser and operating system, referring websites, visit times, and other information about the use of the online offer. The user’s IP address is also recorded, so we inform within the scope of Google Analytics that the IP address is shortened within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is it transferred in full to a Google server in the USA and shortened there. The IP address is not merged with user data within other Google offerings. Google may also combine the information mentioned with information from other sources. If the user subsequently visits other websites, ads tailored to their interests may be displayed.
User data is processed pseudonymously within the framework of Google Marketing Services. This means that Google does not store and process, for example, the name or email address of the user, but processes the relevant data related to cookies within pseudonymous user profiles. This means that, from Google’s point of view, ads are not managed or displayed for a specifically identified person, but for the cookie holder, regardless of who this cookie holder is. This does not apply if the user has expressly allowed Google to process the data without this pseudonymization. The information collected by Google Marketing Services about users is transmitted to Google and stored on Google’s servers in the United States.
Among the Google Marketing Services we use is the online advertising program “Google AdWords.” In the case of Google AdWords, each AdWords customer receives a different “conversion cookie.” As a result, cookies cannot be tracked through the websites of AdWords customers. The information collected using the cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. Advertisers know the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive information that personally identifies users.
We may also include third-party ads based on Google’s “AdSense” marketing service. AdSense uses cookies to enable Google and its partner sites to place ads based on users’ visits to this site or other Internet sites. We may also use the “Google Tag Manager” to integrate and manage Google’s analytics and marketing services on our website.
For more information about how Google uses data for marketing purposes, please visit the summary page: https://www.google.com/policies/technologies/ads, and Google’s privacy policy is available at https://www.google.com/policies/privacy.
If you wish to opt-out of interest-based advertising through Google Marketing Services, you can do so using Google’s configuration and opt-out options: http://www.google.com/ads/preferences.
Integration of Third-Party Services and Content
Within our online offering on the basis of our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering within the meaning of Art. 6, Paragraph 1, Lit. f GDPR), we use content or services from third-party providers to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as “content”).
This always presupposes that the third-party providers of this content are aware of users’ IP addresses, as they would not be able to send the content to their browsers without the IP address. Therefore, the IP address is necessary for displaying this content. We make every effort to use only content whose respective providers use the IP address solely for delivering the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. “Pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. Pseudonymous information may also be stored in cookies on the user’s device and may contain technical information about the browser and operating system, referring websites, visit times, and other details about the use of our online offering, as well as be linked to such information from other sources.
Google Fonts
We integrate fonts (“Google Fonts”) from the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.
Google Maps
We integrate maps from the “Google Maps” service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The processed data may include, in particular, IP addresses and user location data, which, however, are not collected without their consent (usually within the framework of the settings of their mobile devices). The data may be processed in the USA. Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.
OpenStreetMap
We integrate maps from the “OpenStreetMap” service, which is offered on the basis of the Open Data Commons Open Database License (ODbL) by the OpenStreetMap Foundation (OSMF). Privacy Policy: https://wiki.openstreetmap.org/wiki/Privacy_Policy. In our understanding, OpenStreetMap uses user data exclusively for the purpose of displaying map functions and temporarily storing the selected settings. This data may include, in particular, IP addresses and user location data, which, however, will not be collected without their consent (usually within the framework of their mobile device settings). The data may be processed in the USA. For more information, see the OpenStreetMap privacy policy: https://wiki.openstreetmap.org/wiki/Privacy_Policy.
Within our online offering, functions and content from the Instagram service, offered by Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA, can be integrated. This may include, for example, content such as images, videos, or text and buttons that allow users to express their favorites in relation to content, the authors of the content, or subscribe to our articles. If users are members of the Instagram platform, Instagram can associate access to the above content and functions with the user’s profile. Instagram’s privacy policy: http://instagram.com/about/legal/privacy/.
Facebook Social Media Plugins
Due to our legitimate interest in the analysis, optimization, and functioning of our online offering (in the sense of Art. 6 Para. 1 Lit. f. GDPR), this website uses the Facebook Social Plugin, provided by Facebook Inc. (1 Hacker Way, Menlo Park, California 94025, USA). The integration can be recognized by the Facebook logo or the terms “Like” or “Share” in Facebook colors (blue and white). Information about all Facebook plugins can be found at the following link: https://developers.facebook.com/docs/plugins/
Facebook Inc. complies with European data protection law and is certified under the “Privacy Shield” agreement: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active
The plugin establishes a direct connection between your browser and Facebook’s servers. The website operator has no influence on the nature and extent of the data that the plugin transmits to Facebook Inc. You can find information about this here: https://www.facebook.com/help/186325668085084
The plugin informs Facebook Inc. that you as a user have visited this website. Your IP address may be saved. If you are logged into your Facebook account during your visit to this website, the aforementioned information will be linked to your account.
If you use the plugin’s functions – for example, sharing or “liking” a post – the corresponding information is also transmitted to Facebook Inc.
If you want to prevent Facebook Inc. from linking this information to your Facebook account, log out of Facebook before visiting this website and delete the stored cookies. Through your Facebook profile, you can make further settings for data processing for advertising purposes or refuse the use of your data for advertising purposes. You can access the settings here:
Facebook profile settings: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen
US page cookie deactivation: http://optout.aboutads.info/?c=2#!/
European page cookie deactivation: http://optout.networkadvertising.org/?c=1#!/
Details on what data, for what purpose, and to what extent Facebook collects, uses, and processes, as well as your rights and configuration options to protect your privacy, can be found in Facebook’s privacy policy. You can find it here: https://www.facebook.com/about/privacy/
Online Presence on Social Networks
We maintain online presences on social networks and platforms to communicate with customers, interested parties, and active users and inform them about our services. When accessing the respective networks and platforms, the terms and conditions and data processing guidelines of their respective operators apply.
Unless otherwise stated in our privacy policy, we process user data if they communicate with us within social networks and platforms, for example, by writing articles about our online presence or sending us messages.
Order Processing in the Online Store and Customer Account
We process our customers’ data in the context of the ordering process in our online store to enable them to select and order the chosen products and services, as well as their payment and delivery, or execution.
Processed data includes inventory data, communication data, contract data, and payment data. Those affected by the processing include our customers, interested parties, and other business partners. Processing is carried out for the purpose of providing contractual services within the operation of an online store, billing, delivery, and customer services. For this, we use session cookies for the storage of the shopping cart content.
Processing is based on Art. 6 Para. 1 Lit. b (execution of order processes) and c (legally required archiving) GDPR. The information marked as necessary is required for the establishment and fulfillment of the contract. We only disclose the data to third parties within the scope of delivery, payment, or within the framework of permissions and legal obligations with legal advisors and authorities. Data will only be processed in third countries if it is necessary for the fulfillment of the contract (e.g., if the customer requests delivery or payment).
In the context of registration and new accesses and use of our online services, we store the IP address and the time of the respective user action. Storage is based on our legitimate interests, as well as the user’s need to protect against misuse and other unauthorized use. This data will not be disclosed to third parties unless it is necessary to pursue our claims or there is a legal obligation to do so under Art. 6 Para. 1 Lit. c GDPR.
Online Payment Options
ViY has integrated components from Stripe on its websites. Stripe is an online payment service provider. Stripe allows users of our website to make payments by credit card or direct debit.
The European operating company of Stripe is Stripe Payments Europe, Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin.
If the user selects the credit card or direct debit as a payment option during the order process in our online store, the (payment) data entered will be transmitted to Stripe. By selecting this payment option, the data subject agrees to the transfer of the personal data necessary for the payment process.
Personal data transmitted to Stripe in encrypted form usually includes the first and last name and, depending on the selected payment method, the credit card number, expiration date, and security code or the user’s bank details, as well as other data necessary for the payment process.
Personal data transmitted by ViY to Stripe may be transferred by Stripe to credit reporting agencies. This transmission serves for identity and credit verification. Stripe may transfer personal data to affiliated companies and service providers or subcontractors if this is necessary for the fulfillment of contractual obligations or if the data must be processed on behalf of an order.
The data subject has the opportunity to revoke their consent to Stripe handling personal data at any time. The revocation does not affect personal data that must be processed, used, or transmitted for processing (contractual) payments.
The current privacy policy of Stripe can be found at https://stripe.com/privacy
Newsletter Subscription
ViY offers you a newsletter where we inform you about current events and offers. If you wish to subscribe to the newsletter, you must provide a valid email address. By subscribing to the newsletter, you agree to receive the newsletter and the procedures outlined below.
The newsletters are sent by ViY itself or through the email service provider “MailChimp,” a newsletter delivery platform from the U.S. provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. The data protection regulations of the email service provider can be viewed here: https://mailchimp.com/legal/privacy/. The Rocket Science Group LLC d/b/a MailChimp is certified under the “Privacy Shield” agreement and therefore complies with the European data protection level (https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active). The email service provider is used based on our legitimate interests according to Art. 6 Para. 1 Lit. f GDPR and a data processing agreement according to Art. 28 Para. 3 P. 1 GDPR. The email service provider may use recipient data in pseudonymous form, i.e., without attributing it to a user, to optimize or improve its own services, for example, to technically optimize the sending and presentation of newsletters or for statistical purposes. However, the email service provider does not use the data of the recipients of our newsletters to write to them itself or to transmit the data to third parties.
Success Measurement: Newsletters contain the so-called “web beacon,” a file the size of a pixel that is retrieved from our server when the newsletter is opened or, if we use an email service provider from your server. In the course of this retrieval, technical information such as browser and system information, as well as your IP address and the time of retrieval, is initially collected. This information is used for the technical improvement of services based on technical data or target groups and their reading behavior based on their retrieval locations (which can be determined by the IP address) or access times. Statistical surveys also include determining whether newsletters are opened, when they are opened, and which links are clicked. For technical reasons, this information can be assigned to the various recipients of newsletters. However, it is not our intention, nor that of the email service provider if used, to observe individual users. The evaluations serve us much more to understand the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
Revocation and Termination: You can revoke your consent to receive the newsletter at any time and thus cancel your subscription to the newsletter. After cancellation, your personal data will be deleted. Your consent to receive the newsletter expires at the same time. At the end of each newsletter, you will find the link for cancellation.
Dealing with Comments and Contributions
If you leave a contribution or comment on this website, your IP address will be saved. This is done based on our legitimate interests as defined in Art. 6 Para. 1 Lit. f GDPR and serves our security as the website operator: if your comment violates applicable laws, we may be prosecuted for it, so we have an interest in the identity of the author of the comment or contribution.
Deletion and Blocking of Personal Data
ViY processes and stores personal data only for the period of time necessary to achieve the purpose of storage or as required by European legislators and regulators or any other legislator to which we are subject. According to legal requirements in Spain, data is stored for 6 years in accordance with § 257 Para. 1 HGB and for 10 years according to § 147 Para. 1 AO. If the purpose of storage no longer applies or if a legally prescribed storage period expires, personal data will be blocked or deleted in accordance with Art. 17 and 18 of the Data Protection Act.
User Rights
Right of Confirmation
According to Art. 15 GDPR, you have the right to request free confirmation from ViY whether personal data about you is being processed or not. To exercise the right of confirmation, you can contact an employee of ViY at any time.
Right to Information
To the extent that we process personal data about you, you have the right, according to Art. 15 GDPR, to receive, upon request, free information about the personal data that ViY has stored about you. In addition, you have the right to request information about:
the purpose of processing the recipients to whom the personal data is disclosed the intended duration of the storage of personal data all available information about the origin of the data the existence of automated decision-making
Furthermore, the data subject has the right to be informed whether personal data has been transferred to a third country or to an international organization. In this case, the data subject has the right to obtain information about the appropriate safeguards relating to the transfer. To exercise the right of access, you can contact an employee of ViY at any time.
Right to Correction or Completion of Data
If we process personal data about you, you have the right, according to Art. 16 GDPR, to demand the correction of incorrect personal data concerning you and the completion of incomplete personal data. To exercise the right of rectification, you can contact an employee of ViY at any time.
Right to Deletion of Data
If we process personal data about you, you have the right to have your data deleted according to Art. 17 GDPR, provided that your request does not conflict with a legal obligation to retain data (e.g., data retention). Data stored by ViY will be deleted if it is no longer necessary for its intended purpose and there are no legal retention periods. If deletion cannot be carried out because the data is necessary for legally permissible purposes, data processing is restricted in accordance with Art. 18 GDPR. In this case, the data will be blocked and not processed for other purposes. To exercise the right of deletion, you can contact an employee of ViY at any time.
Right to Appeal to the Competent Supervisory Authority
If we process personal data about you and you suspect that your data has been processed unlawfully, you have the right to lodge a complaint with the competent supervisory authority in accordance with Art. 77 GDPR.
Right of Revocation
If we process personal data about you, you have the right to revoke your consent to the processing of personal data at any time in accordance with Art. 7, Para. 3 GDPR. To exercise the right to revoke consent given for the processing of personal data, you can contact an employee of ViY at any time.
Right to Object
Users of this website can exercise their right to object and object to the processing of their personal data in accordance with Art. 21 of the Data Protection Act at any time.
If you want to correct, block, delete, or obtain information about the personal data stored about you, or if you have any questions about the collection, processing, or use of your personal data, or if you want to revoke the consents granted, please contact the following email address: info@visitityourself.com.
