Privacy Policy

I. PRIVACY POLICY AND DATA PROTECTION
Respecting the provisions of current legislation, (hereinafter also Website) undertakes to adopt the necessary technical and organizational measures, according to the appropriate level of security for the risk of the data collected.

Laws incorporated in this privacy policy
This privacy policy is adapted to current Spanish and European regulations on the protection of personal data on the Internet. Specifically, it complies with the following rules:

• Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR).
• Organic Law 3/2018 of December 5, on the Protection of Personal Data and the guarantee of digital rights (LOPD-GDD).
• Royal Decree 1720/2007 of December 21, approving the Regulation implementing Organic Law 15/1999 of December 13, on the Protection of Personal Data (RDLOPD).
• Law 34/2002 of July 11, on Information Society Services and Electronic Commerce (LSSI-CE).

Identity of the personal data processing controller
The controller of the personal data collected on is: Zuzana Opavska, with NIF: X8637034M (hereinafter, Data Controller). Contact details:

• Address: As Lombas 25, 36843 – Pazos de Borben
• Phone: +34 886340002
• Email: info@zuzanaop.com

Personal Data Registry
In compliance with the provisions of the GDPR and the LOPD-GDD, we inform you that the personal data collected by , through the forms on its pages, will be incorporated and processed in our file in order to facilitate, expedite, and fulfill the commitments established between and the User or to maintain the relationship established in the forms filled out by the User, or to respond to a request or inquiry. Likewise, in accordance with the GDPR and the LOPD-GDD, unless the exception provided in article 30.5 of the GDPR applies, a record of processing activities is maintained specifying, according to its purposes, the processing activities carried out and the other circumstances established in the GDPR.

Principles applicable to the processing of personal data
The processing of the User’s personal data will be subject to the following principles set out in Article 5 of the GDPR and Articles 4 and subsequent of Organic Law 3/2018 of December 5:

• Principle of lawfulness, fairness, and transparency.
• Principle of purpose limitation.
• Principle of data minimization.
• Principle of accuracy.
• Principle of storage limitation.
• Principle of integrity and confidentiality.
• Principle of proactive responsibility.

Categories of personal data
The categories of data processed are only identifying data. No special categories of personal data are processed within the meaning of Article 9 of the GDPR.

Legal basis for processing personal data
The legal basis for the processing of personal data is consent. undertakes to obtain the User’s express and verifiable consent for the processing of their personal data for one or more specific purposes. The User may withdraw their consent at any time, with the same ease as it was given.

Purposes of the processing of personal data
The personal data is collected and managed by in order to facilitate, expedite, and fulfill the commitments established between the Website and the User, or to maintain the relationship established in the forms filled out by the User, or to respond to a request or inquiry. Data may also be used for commercial purposes, customization, operation, statistics, marketing studies, and to improve the quality, functionality, and navigation of the Website.

Retention periods for personal data
Personal data will only be retained for the minimum time necessary for the purposes of its processing, and in any case only for the following period: 12 months, or until the User requests its deletion.

Recipients of personal data
The User’s personal data will be shared with the following recipients or categories of recipients:

If the Data Controller intends to transfer personal data to a third country or international organization, the User will be informed at the time of collection.

Personal data of minors
In compliance with Articles 8 of the GDPR and 7 of Organic Law 3/2018, only those over 14 years of age may lawfully consent to the processing of their personal data by . If the User is under 14 years old, parental or guardian consent will be required.

Secrecy and security of personal data
undertakes to adopt the necessary technical and organizational measures to ensure the security of personal data and prevent destruction, loss, or unlawful alteration. The Website has an SSL certificate (Secure Socket Layer). However, since the invulnerability of the Internet cannot be guaranteed, the Data Controller undertakes to notify the User without undue delay of any data breach that entails a high risk.

User rights
The User may exercise the rights recognized in the GDPR and Organic Law 3/2018:

• Right of access
• Right of rectification
• Right of erasure (“right to be forgotten”)
• Right to restriction of processing
• Right to data portability
• Right to object
• Right not to be subject to automated decision-making, including profiling

Requests must be sent to:

• Address: As Lombas 25, 36843 – Pazos de Borben
• Email: info@zuzanaop.com

Links to third-party websites
The Website may include links to third-party websites, which have their own privacy policies.

Complaints to the supervisory authority
If the User considers that there is a problem in the way their data is being processed, they may lodge a complaint with the Spanish Data Protection Agency (https://www.aepd.es/).

II. ACCEPTANCE AND CHANGES IN THIS PRIVACY POLICY
It is necessary that the User has read and agrees with this Privacy Policy. The use of the Website implies acceptance. may modify this Privacy Policy based on legal, jurisprudential, or regulatory changes.

This Privacy Policy was last updated on 19/05/2025.