PRIVACY POLICY

In accordance with Article 10 of Law 34/2002 of July 11 on Information Society Services and Electronic Commerce, we hereby inform you that LANDI STUDIO SL, with tax ID number B10975845 andregistered address atC/ MANDRI 62 – 08022 BARCELONA, isresponsible for the management and operation of the websites landi.es and landiacademy.com

If you would like to contact us, you can do so by mail at the address listed above or by emailat admin@landi.es

You can access our website directly or through any existing redirect, and this Privacy Policy applies in all cases.

PRIVACY POLICY

This Privacy Policy describes how we handle your personal data (e.g., the collection, use, disclosure, retention, and protection of your personal information) and provides information about your rights as a data subject.

LANDI STUDIO SL (hereinafter “THE CONTROLLER”) is responsible for the processing, as well as the collection, use, disclosure, retention, and protection of your personal data, in accordance with the General Data Protection Regulation, internal rules and policies, and any applicable national regulations.

In compliance with Organic Law 3/2018 of December 5 on the Protection of Personal Data and the Guarantee of Digital Rights (LOPDGDD), as well as the new General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, the DATA CONTROLLER hereby informs you that:

Identity and contact information of the Data Controller

Our identifying information:

LANDI STUDIO

You can contact us

By mail:62 Mandri Street – 08022 Barcelona

  • By email: admin@landi.es

By phone: 935 34 46 38

  • Categories of Personal DataWe process the following categories of personal data:

  • Identifying information– first and last name, ID number or equivalent

  • Administrative information – Company name, address, bank details, and contact persons

  • Contact information– email, phone number, and address.

  • Digital data– cookies, IP addresses, websites and social media, and other publicly available data on the Internet, etc.

  • Employment information – information about your own employees, resumes, education, work experience, and health.

  • Business data – suppliers and customers.

  • Other data required for processing – for more information on the categories of personal data we process in the course of our business activities, please refer to our Activity Log, under the section “Data Categories.”

How do we collect your data?

We collect information about you from the following sources:

  • When we communicate or interact with you by phone, email, or through other means of contact.

  • Through the Contact form on the website.

  • Through the Quote Request form on the website.

  • Through time-tracking tools.

  • When you visit our facilities.

  • When someone sends us a resume.

For more information about the various data collection methods used in the course of our business operations, please refer to our Activity Log.

How long do we keep your data?

The data will be retained for as long as a commercial, contractual, or professional relationship with the data subject exists, and thereafter for the number of years necessary to comply with the applicable legal obligations in each case. Notwithstanding the foregoing, the data will be retained for as long as necessary for processing purposes, unless the data subject requests its deletion.

With regard to employment-related or social security data, the documentation, records, or electronic media through which the relevant data has been transmitted to demonstrate compliance with obligations regarding enrollment, registration, deregistration, or changes—where applicable— occurred in relation to such matters, as well as contribution documents and receipts evidencing the payment of wages and the delegated payment of benefits, pursuant to Article 21 of Royal Legislative Decree 5/2000 of August 4, approving the consolidated text of the Law on Infractions and Sanctions in the Social Order, such records must be retained for 4 years.

With regard to accounting and tax documentation, for tax purposes, accounting books and other mandatory records required by applicable tax regulations (personal income tax, VAT, corporate income tax, etc.), as well as the supporting documents that substantiate the entries recorded in the books (including computer programs and files and any other supporting documents of tax significance), must be retained, for at least the period during which the tax authorities have the right to audit and investigate and, consequently, to assess tax liabilities, in accordance with Articles 66 through 70 of the General Tax Law, which is four years.

With regard to accounting and tax documentation, for commercial purposes, books, correspondence, documentation, and supporting documents pertaining to the business, duly organized starting from the most recent entry made in the books, except as otherwise provided by general or special provisions, this commercial obligation extends to both the required books (income, expenses, fixed assets, and provisions),as well as the documentation and supporting documents that substantiate the entries recorded in the books (invoices issued and received, receipts, corrective invoices, bank documents, etc.), in accordance with Article 30 of the Commercial Code, and shall be six years.

Data regarding the recording of employees' working hours must be retained for four years, as provided for in Royal Decree-Law 8/2019 of March 8 on urgent social protection measures to combat job insecurity in the working day.

For more information on data retention in the course of our business operations, please refer to our Activity Log, under the section titled “Retention Period.”

Who do we share your data with?

Depending on the purpose of the processing, your personal data may be disclosed to or processed by various categories of recipients:

  • External consultants or professionals (labor and tax consulting firms, occupational health insurance providers, occupational safety and health companies, etc.)

  • Government agencies (the General Treasury of the Social Security, the State Public Employment Service, the Ministry of Labor, the Ministry of Finance, and any entities or agencies that grant grants or subsidies of interest to the company, which will use them in the legitimate exercise of their authority)

In any case, we disclose your data only to the extent strictly necessary and in the manner required to fulfill the purposes described in this privacy policy, and only to entities with which we have entered into agreements that protect your rights and freedoms regarding your personal data; These entities and/or professionals, considered Data Processors, shall be governed by the provisions of Article 28 of the GDPR, and this entity ensures that they implement all necessary security measures in accordance with Article 32 of the GDPR.

For more information on the disclosure of data to third parties in the course of our business operations, please refer to our Activity Log, under the section “Category of Recipients.”

Where do we process your data?

In order to conduct our business and provide our services, we process your personal data in accordance with the terms set forth in this privacy policy within the European Union (EU).

For more information on where we process data in the course of our business operations, please refer to our Activity Log, under the “International Transfer” section.

For what purposes do we process your data?

Your data will be collected for processing operations related to the following purposes:

  • To receive contact information or other requests you have submitted through any of our communication channels.

  • Administrative tasks related to the provision of our services.

  • We will provide a quote upon request via our website.

  • Employee time tracking.

  • Add your resume to our job board.

For more information on the purposes of data processing in the course of our business operations, please refer to our Record of Processing Activities, under the section “Purposes of Processing.”

You may withdraw your consent at any time, free of charge, by exercising your rights. Please send your request in writing, accompanied by a valid form of identification, to our address at C/ Colón, 10, Door 13, 6th Floor – 46004 Valencia or by email at info@anapaulalandi.com. For more detailed information on exercising your rights, please consult our Activity Log, under the section “Exercise of Rights.”

Why are we allowed to process your data?

The use of your data under the conditions described above is permitted under European and Spanish data protection regulations in accordance with the following legal bases:

Art. 6 of the GDPR

  • The data subject has given consent to the processing of their personal data for one or more specific purposes

  • The processing is necessary for the performance of a contract to which the data subject is a party or for the implementation of pre-contractual measures at the data subject’s request

  • The processing is necessary for compliance with a legal obligation to which the data controller is subject

For more information on the legal basis for data processing in the course of our business activities, please refer to our Record of Processing Activities, under the section “Legal Basis for Processing.”

What are your rights?

Under data protection regulations, you have the right to exercise the following rights with the data controller: the right of access, the right to rectification, the right to object, the right to erasure (“right to be forgotten”), the right to restrict processing, the right to data portability, and the right not to be subject to automated individual decision-making.

Any interested party has the right to be provided, BEFORE their data is collected, with basic information in a concise summary format, at the very moment and through the same medium in which their personal data is collected; furthermore, they have the right to receive the remaining information through a medium that is more suitable for its presentation and understanding.

The information to be provided by category or level would be as follows:

Information: First Layer

  • The identity of the data controller.

  • What data will be processed.

  • For what purpose?

  • Where and how they were obtained.

  • The legal basis for the processing.

  • Whether they will be disclosed, transferred, or processed by third parties.

  • Reference to the procedure for exercising rights.

Information on the Second Layer

  • Contact information for the controller. Identity and contact information for the representative (if any). Contact information for the data protection officer (if any).

  • Detailed description of the purposes of the processing. Data retention periods or criteria. Automated decision-making, profiling, and the logic applied.

  • Details regarding the legal basis for processing, in cases involving a legal obligation, public interest, or legitimate interest. Whether or not providing data is mandatory, and the consequences of failing to do so.

  • Recipients or categories of recipients. Applicable adequacy decisions, safeguards, binding corporate rules, or specific situations.

  • How to exercise your rights to access, correct, delete, and transfer your data, as well as to restrict or object to its processing. 

  • Right to withdraw consent. 

  • Right to file a complaint with the Supervisory Authority.

(The following table outlines your rights.)

Right of access

To find out what personal data of yours is being processed, for what purpose it is being processed, where the data was obtained, and whether it will be disclosed or has been disclosed to anyone 

Right to rectification

To correct any inaccurate or incomplete information about yourself

Right of withdrawal

To delete your inaccurate or excessive data 

Right to object

To prevent your data from being processed, or to have its processing stopped, even if only in the cases provided for by law

Right to restrict processing

To request that the processing of your data be suspended in the cases provided for by law. 

Right to data portability 

To receive the data you have provided in a structured, commonly used electronic format so that you can transmit it to another data controller.

Right not to be subject to individualized decisions

To ensure that no decision is made about you that has legal effects or affects you based solely on the processing of your data. 

These rights are characterized by the following:

  • It is free to use.

  • You may exercise these rights directly or through a legal representative.

  • If the request is submitted electronically, the information will be provided electronically whenever possible, unless the data subject requests otherwise.

  • Before you exercise your rights, we need to verify your identity to protect your personal data from fraudulent attempts.

  • The request will be processed within one month.

If requests are manifestly unfounded or excessive (e.g., repetitive in nature), the controller may:

  • The data controller is required to inform you of the means by which you can exercise these rights. These means must be accessible, and this right cannot be denied simply because you choose a different method.

  • If the data controller does not act on the request, they must provide, within one month at the latest, an explanation of the reasons for their inaction and information regarding the possibility of filing a complaint with a supervisory authority.

If you wish to exercise any of the rights described above, you can contact us through our Internal Data Protection Officer:

  • By mail: 

LANDI STUDIO

Attn: Data Protection Officer

62 Mandri Street – 08022 Barcelona

Or by email at: [email]

Supervisory Authority

If you wish to file a complaint regarding the processing of your data by THE DATA CONTROLLER, please note that you may contact the Spanish Data Protection Agency, C/ Jorge Juan, 6, 28001 Madrid , http://www.agpd.es

Cookies

Cookies are files that are downloaded to your computer to collect standard web log information and data about your browsing habits. This information is used, for example, to track website visitor usage and compile statistical reports on website activity.

You can configure your browser to refuse cookies. However, some first-party cookies are necessary to allow website users to use our services.

For more information, please visit the website's Cookie Policy.

Minors

The User certifies that he or she is at least 14 years of age and therefore has the legal capacity to consent to the processing of his or her personal data, in accordance with the provisions of this Privacy Policy.

If you wish to use our services via the website and are 14 years old or younger, we will need consent from your legal guardian to store your data; if we do not have this consent, we may block or delete your account.

Activity Log

You can request an updated copy of our Activity Log by emailing us at admin@landi.es.

Security

THE DATA CONTROLLER implements organizational and technical measures to ensure the security of personal data and to prevent its alteration, loss, or unauthorized processing or access, taking into account the state of technology, the nature of the data stored, and the risks to which it is exposed.

Updates


We regularly review our privacy policy and may update it from time to time (primarily to comply with legal and data protection requirements).

Updated versions will be posted on our website. 

Applicable Law and Jurisdiction

The terms and conditions governing this website, as well as any relationships that may arise from it, are governed by and subject to Spanish law. Any dispute, litigation, or disagreement that may arise between the user and LANDI STUDIO SL regarding the use of this website shall be submitted to the courts and tribunals of Valencia, Spain.