BTBW AGENCY - Sustainable Tourism Marketing

WE HELP YOU PROMOTE ONLINE EXCLUSIVE EXPERIENCES IN ECOTOURISM AND ADVENTURE

Privacy Policy

Version 10/17/2018

BTBW AGENCY is committed to protecting the privacy of users who access this website and/or any of its services. The use of the website and/or any of the services offered by BTBW AGENCY implies acceptance by the user of the provisions contained in this Privacy Policy and that your personal data are treated as stipulated in it. Please keep in mind that although there may be links from our website to other websites or social networks, this Privacy Policy does not apply to the websites of other companies or organizations to which the website is redirected. BTBW AGENCY does not control the content of the websites of third parties, nor accepts any responsibility for the content or privacy policies of these websites.

Basic information on data processing Regulation (EU) 2016/679
Responsible for the data treatment:Lucie Pellier, CEO, acting in representation of BTBW AGENCY
NIF: X5231060D
C / Tapers 34, 17244 Cassà de la Selva, Spain
Email: luciepellier@btbw.agency
Purpose of the treatment: Offer and manage our digital marketing services.
Legitimation • Consent obtained from the interested party • Execution of the service contract.

Recipients

The data will not be communicated to third parties unless required by law or necessary to comply with the purpose of treatment.

Users rights

Those interested have the right to exercise the rights of access, rectification, limitation of treatment, deletion, portability, and opposition, sending your request to our address.

Data retention period

While the commercial relationship is maintained or during the years necessary to comply with legal obligations.
Claim Those interested can contact the AEPD to present the claim they consider appropriate.
Additional information You can consult the additional and detailed information below in the “Questions about privacy”.

Questions about privacy

In compliance with Regulation (EU) 2016/679 of the European Parliament and the Council, of April 27, 2016, (RGPD), we offer you the following information on the processing of your personal data:

Who is responsible for the processing of your data?
Identity:Lucie Pellier, CEO, acting in representation of BTBW AGENCY
NIF: X5231060D
Address: C / Tapers 34, 17244 Cassà de la Selva
Tel: +34654933353
Email: lucie@luciepellier.com

For what purpose do we treat your personal data?
• We treat the information that is provided to us to manage our web and digital marketing services.
• In the event that you contact us through the contact form on our website, we will treat them to manage your inquiry.
• If you give us your consent we can also process your information to send you information about our activities, products or services.
• If you send us a résumé, we will process the data in order to manage the CV’s database for the selection of personnel.

How long will we keep your data?
• The personal data provided will be kept while you are a user of our services or want to receive information, and then, during the periods established to comply with our legal obligations.
• In the case of resumes, the data will be kept for one year.

What is the legitimacy for the processing of your data?
The legitimacy to deal with them is found in the execution of the services contract and in the consents that it gives us.
Regarding that information that is sent by children under 16, it will be an essential requirement that it be done with the consent of the parent, the guardian or the legal representative of the minor so that the personal data can be processed. If this is not the case, the minor’s legal representative will inform us as soon as he or she becomes aware of it.

To which recipients will your data be communicated?
The data will not be communicated to third parties unless required by law or necessary to comply with the purpose of treatment.
To send you information about our activities and/or services, we inform you that your data will be communicated to the company The Rocket Science Group, LLC, which provides the email service for marketing called MailChimp. They will also be communicated to GOOGLE, LLC, for the internal management of our activities. The Rocket Science Group, LLC, and GOOGLE, LLC, are located in the United States and certified in compliance with the “Privacy Shield” agreement, which protects the international transfer of personal data of citizens of the European Union with the United States.

What are your rights when you provide us with your data?
• Anyone has the right to obtain confirmation about whether or not we are treating their personal data.
• The interested parties have the right to access their personal data, as well as to request the correction of inaccurate data or, where appropriate, request its deletion when, among other reasons, the data is no longer necessary for the purposes for which it is they picked up
• In certain circumstances the interested parties may request the limitation of the processing of their data, in this case, we will only keep them for the exercise or defense of claims.
• Also, in certain circumstances and for reasons related to their particular situation, the interested parties may object to the processing of their data. In this case, we will stop processing the data, except for compelling legitimate reasons or for the exercise or defense of possible claims.
• Interested parties also have the right to the portability of their data.
• Finally, the interested parties have the right to file a claim with the competent Control Authority.

How can you exercise your rights?
Sending a letter enclosing a copy of a document that identifies you, to our physical address or the electronic one.

How have we obtained your data?
The personal data we are dealing with comes from the interested party. The interested party guarantees that the personal data provided is true and is responsible for communicating any modification of these. The data that is marked with an asterisk will be mandatory to be able to give the requested service.

What data do we deal with?
The categories of data that we can deal with in the provision of our services are:
• Identification data
• Postal or electronic addresses
In the case of the curricula, also:
• Personal characteristics
• Academics and professionals

The data is limited, given that we only treat the data necessary for the provision of our services and the management of our activity.

Do we use cookies?
We use cookies while browsing our website with the user’s consent.
The user can configure their browser to be notified of the use of cookies and to prevent their use. Please, visit our cookies policy.

What security measures do we apply?
We apply the security measures established in article 32 of the RGPD, therefore, we have adopted the security measures necessary to guarantee a level of security appropriate to the risk of the data processing we perform, with mechanisms that allow us to guarantee confidentiality, integrity, permanent availability and resilience of treatment systems and services.

Some of these measures are:
• Information on the data processing policies for personnel.
• Performing periodic backups.
• Control of access to data.
• Regular verification, evaluation and assessment processes.

How do we process the data on behalf of third parties?
When in the provision of our services we treat personal data of which our clients are responsible, we do so as the treatment managers, in accordance with what is established in article 28 RGPD and, therefore, in these treatments of the personal information:
a) We will treat personal data only following documented instructions of the person responsible, including in relation to the transfer of personal data to a third country or to an international organization, unless we are bound by the law of the Union or of the Member States to which let’s be subject In this case, we will inform the person responsible for this legal requirement prior to the treatment, unless this right prohibits it for important reasons of public interest.
b) We guarantee that the persons authorized to process personal data have committed to respecting their confidentiality.
c) We have adopted all the necessary security measures, in accordance with Article 32 of the RGPD, having implemented mechanisms to:
• Guarantee the confidentiality, integrity, availability and permanent resilience of the treatment systems and services.
• Restore the availability and access to personal data quickly, in case of a physical or technical incident.
• Verify, evaluate and assess, on a regular basis, the effectiveness of the technical and organizational measures implemented to guarantee the safety of the treatment.
• Pseudonymize and encrypt personal data, if applicable.
d) We will respect the conditions indicated in sections 2 and 4 of article 28 of the RGPD to resort to another one in charge of the treatment.
e) We will assist the person in charge, whenever possible, according to the nature of the treatment and through the appropriate technical and organizational measures, so that he/she can comply with the obligation to respond to requests that have the purpose of exercising the rights of the interested parties. established in chapter III of the RGPD.
f) We will help the person responsible to ensure compliance with the obligations regarding data security are established in articles 32 to 36 of the RGPD, taking into account the nature of the treatment and the information made available to us.
g) At the discretion of the person in charge, we will delete or return all personal data once the provision of the treatment services is finished and we will delete the existing copies unless the preservation of the personal data is required under Union Law or the law of the Union. Member states.
h) We will put at the disposition of the person in charge all the necessary information to demonstrate the fulfillment of the obligations established in the art. 28 of the RGPD, as well as to allow and contribute to the performance of audits, including inspections, by the person in charge or by another auditor authorized by this person in charge.

The type of data we will discuss will depend on the data that treatment managers want to deal with our services. In general terms, they can refer to:

• Identification data
• Postal or electronic addresses
• Commercial information

The category of interested parties will depend on the type of treatment contracted. In general terms, the categories of interested parties are:

• Customers
• Potential customers

For its part, the treatments that we can perform on behalf of those responsible for the treatment will depend on the service contracted. In general terms the treatments can be:

• Organization
• Display
• Query
• Use

The client guarantees to BTBW AGENCY, that the personal data have been obtained observing the legal requirements established in the regulations regarding the protection of personal data. BTBW AGENCY is not responsible for the breach by the client of the obligations derived from the RGPD and the rest of the regulations in force in the part corresponding to its activity that is related to the execution of the services contracted or with any other business relationship with BTBW AGENCY.