Privacy Policy

PRIVACY POLICY FOR THE WEBSITE

https://en.alquilerdebicicletas.shop/

I. PRIVACY AND DATA PROTECTION POLICY

In accordance with current legislation, Directorio de Bicicletas (hereinafter also referred to as the Website) is committed to adopting the technical and organisational measures necessary to ensure an appropriate level of security for the data collected.

Laws incorporated into this privacy policy

This privacy policy is adapted to the current Spanish and European legislation on the protection of personal data in the digital environment. Specifically, it respects the following legal provisions:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR).
  • Organic Law 3/2018, of 5 December, on the Protection of Personal Data and the Guarantee of Digital Rights (LOPD-GDD).
  • Royal Decree 1720/2007, of 21 December, approving the Development Regulation of Organic Law 15/1999, of 13 December, on the Protection of Personal Data (RDLOPD).
  • Law 34/2002, of 11 July, on Electronic Commerce and Services of the Information Society (LSSI-CE).

Identity of the data controller

The data controller for the personal data collected on Directorio de Bicicletas is: Danilo Noles, with NIF: X6494523J (hereinafter, the Data Controller). Contact details are as follows:

The data controller for the personal data collected on Directorio de Bicicletas is: , with NIF/CIF: , registered at: , with the following register details: , and represented by: (hereinafter, the Data Controller). Contact details are as follows:

Address: Calle Illes Canaries, Valencia, Spain

Telephone: Not available

Fax:

Email: info@sancipriano.es

Personal Data Register

In compliance with the GDPR and the LOPD-GDD, we inform you that the personal data collected by Directorio de Bicicletas through forms on its pages will be incorporated and processed in our database to facilitate, expedite, and comply with the commitments established between Directorio de Bicicletas and the User, or to maintain the relationship established through the forms completed, or to address a request or inquiry. Furthermore, in accordance with the GDPR and LOPD-GDD, unless an exception applies under Article 30.5 of the GDPR, a record of processing activities is maintained, specifying, according to its purposes, the processing activities carried out and other circumstances outlined in the GDPR.

Principles applicable to the processing of personal data

The processing of the User’s personal data will adhere to the following principles outlined in Article 5 of the GDPR and Articles 4 and following of Organic Law 3/2018, on the Protection of Personal Data and the Guarantee of Digital Rights:

  • **Lawfulness, fairness, and transparency**: The User’s explicit and fully transparent consent is required for the purpose of collecting personal data.
  • **Limitation of purpose**: Personal data will be collected for specific, explicit, and legitimate purposes.
  • **Data minimisation**: Only the strictly necessary data will be collected in relation to the purposes for which they are processed.
  • **Accuracy**: Personal data must be accurate and kept up to date.
  • **Storage limitation**: Personal data will only be retained for as long as necessary for the purposes for which they are processed.
  • **Integrity and confidentiality**: Personal data will be processed in a manner that ensures their security and confidentiality.
  • **Accountability**: The Data Controller is responsible for ensuring the above principles are followed.

Categories of personal data

The categories of data processed on Directorio de Bicicletas are solely identifying data. Special categories of personal data, as defined in Article 9 of the GDPR, are not processed.

The categories of data processed on Directorio de Bicicletas include both identifying data and special categories of personal data under Article 9 of the GDPR.

Special categories of personal data refer to those revealing ethnic or racial origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for unique identification, health-related data, or data concerning sexual orientation.

For the processing of special categories of personal data, explicit consent from the User is mandatory for one or more specific purposes.

Legal basis for processing personal data

The legal basis for processing personal data is consent. Directorio de Bicicletas is committed to obtaining the User’s explicit and verifiable consent for the processing of their personal data for one or more specific purposes.

The User has the right to withdraw consent at any time. Withdrawing consent is as easy as providing it. In general, withdrawing consent will not affect the use of the Website.

When the User provides data via forms to make inquiries, request information, or for content-related purposes, they will be informed if any fields are mandatory due to their necessity for the operation.

Purposes of processing personal data

Personal data are collected and managed by Directorio de Bicicletas to facilitate, expedite, and comply with commitments between the Website and the User or to maintain the relationship established through completed forms or to address requests or inquiries.

Data may also be used for commercial personalisation, operational, and statistical purposes, as well as for activities related to the Website’s objectives, including data extraction, storage, and marketing studies to tailor content to the User and improve the quality, functionality, and navigation of the Website.

At the time of data collection, the User will be informed of the specific purpose(s) for which the data will be processed.

Retention period for personal data

Personal data will only be retained for the minimum necessary period for their processing purposes and, in any case, for the following duration: permanently, or until the User requests deletion.

At the time of data collection, the User will be informed of the retention period or, if not possible, the criteria used to determine it.

Recipients of personal data

The User’s personal data will not be shared with third parties.

In any case, at the time of data collection, the User will be informed of the recipients or categories of recipients of the data.

The User’s personal data will be shared with the following recipients or categories of recipients:

Facebook (Meta Platforms)  
Company name: Facebook Spain, S.L.  
Company Identification Number (CIF): B85759330  
Registered office: Paseo de la Castellana, 35, 28046 Madrid, Spain  
Google Analytics  
Company name: Google Spain, S.L.  
CIF: B63272603  
Registered office: Plaza Pablo Ruiz Picasso, 1 (Torre Picasso), 28020 Madrid, Spain

If the Data Controller intends to transfer personal data to a third country or international organisation, the User will be informed of the country or organisation and the existence or absence of an adequacy decision by the Commission at the time of data collection.

Personal data of minors

In accordance with Articles 8 of the GDPR and 7 of Organic Law 3/2018, only individuals aged 14 or older may lawfully provide consent for the processing of their personal data by Directorio de Bicicletas. For individuals under 14, parental or guardian consent is required, and processing is lawful only if such consent is given.

Confidentiality and security of personal data

Directorio de Bicicletas is committed to adopting technical and organisational measures appropriate to the risk level of the data collected to ensure their security and prevent accidental or unlawful destruction, loss, alteration, or unauthorised disclosure or access.

The Website uses an SSL certificate (Secure Socket Layer), ensuring secure and confidential data transmission, as data exchanged between the server and the User is encrypted.

However, as the internet cannot be guaranteed to be entirely secure against hackers or unauthorised access, the Data Controller commits to informing the User without undue delay in the event of a data breach likely to pose a high risk to their rights and freedoms. Under the GDPR, a data breach refers to any unauthorised destruction, loss, alteration, or disclosure of personal data.

The Data Controller will treat personal data as confidential and ensure legal or contractual obligations are in place to maintain this confidentiality for employees, associates, and any third parties with access to the information.

Derivative rights from data processing

The User has the following rights under the GDPR and Organic Law 3/2018, which can be exercised against the Data Controller:

  • Right of access: The right to confirm whether Directorio de Bicicletas processes their data and, if so, to obtain information about the data and its processing.
  • Right of rectification: The right to correct inaccurate or incomplete data.
  • Right to erasure ("right to be forgotten"): The right to request deletion of data when no longer necessary, consent is withdrawn, or processing is unlawful.
  • Right to restrict processing: The right to limit processing under specific conditions, such as contesting data accuracy.
  • Right to data portability: The right to receive data in a structured, commonly used format and transfer it to another controller.
  • Right to object: The right to object to processing based on legitimate interests.
  • Right not to be subject to automated decision-making: The right to avoid decisions based solely on automated processing, including profiling.

To exercise these rights, the User must submit a written request to the Data Controller with the reference "GDPR-https://en.alquilerdebicicletas.shop/", including:

  • Name, surname, and a copy of the ID. If representation is allowed, proof of representation is also required.
  • Reason for the request or information sought.
  • Address for correspondence.
  • Date and signature.
  • Supporting documents.

This request and attachments can be sent to:

Postal address: Calle Illes Canaries, Valencia, Spain

Email: info@sancipriano.es

Links to third-party websites

The Website may include hyperlinks to third-party websites not operated by Directorio de Bicicletas. These sites have their own privacy policies and are responsible for their data practices.

Complaints to the supervisory authority

If the User believes their data is processed unlawfully, they may file a complaint with the relevant supervisory authority, such as the Spanish Data Protection Agency (https://www.aepd.es/).

II. ACCEPTANCE AND CHANGES TO THIS PRIVACY POLICY

Use of the Website implies acceptance of this Privacy Policy. Directorio de Bicicletas reserves the right to modify this policy at its discretion or due to legislative changes. Updates will not be explicitly notified, so users are advised to review this page periodically.

This Privacy Policy was updated to comply with Regulation (EU) 2016/679 and Organic Law 3/2018.

This document was created using a free online privacy policy template generator on 07/07/2025.

Go up