Privacy Policy

This privacy policy applies to the processing of personal data of customers and/or users of https://www.norcan.es, hereinafter referred to as the WEBSITE, owned by the commercial company Norcan Real Estate, S.L., hereinafter referred to as the TREATMENT CONTROLLER.

‍

Applicable regulations

Our Privacy Policy has been designed in accordance with REGULATION (EU) 2016/679 of the EUROPEAN PARLIAMENT and of the COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter GDPR EU 2016/679, and as far as it does not contradict the aforementioned Regulation, by the provisions of the Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights, hereinafter LOPDGDD 3/2018.

By providing us with your data, the customer and/or user declares to have read and understood this Privacy Policy, giving their unequivocal and express consent to the processing of their personal data in accordance with the purposes and terms expressed herein.

Basic information on data protection


	BASIC INFORMATION ON DATA PROTECTION
	Responsible	Norcan Real Estate, S.L.
	Purpose	Respond to requests for information received, respond to queries, provide real estate services consultations, provide the real estate services requested, as well as send commercial communications about our commercial communications about our services by letter, telephone, email, SMS/MMS, WhatsApp, Telegram or by other equivalent means of electronic communication, as long as the interested party has consented to the interested party has consented to the processing of his/her personal data for this purpose.
	Legitimation	Execution of a contract to which the data subject is a party or for the implementation of pre-contractual at his or her request of pre-contractual measures. Legitimate interest of the data controller. Consent of the data subject. data subject.
	Addressees	No data will be transferred to third parties, unless legally required.
	Rights	You have the right to access, rectify and delete the data, as well as other rights, as indicated in the rights, as indicated in the additional information, which you can exercise by contacting the address of the data controller at info@norcan.es
	Additional information	You can consult the additional and detailed information about Data Protection in the attached clauses found at https://www.norcan.es/politica-de-privacidad

Additional information on data protection

The data controller is:

Identity: Norcan Real Estate, S.L.
TAX IDENTIFICATION NUMBER: B76169200
Address: Pasaje de Los Pescadores, 44 | Playa de Mogán, 35140 Mogán (Gran Canaria)
Phone number: (+34) 928 56 54 32
E-mail: info@norcan.es

Purposes and legal basis for processing

a) In general

The TREATMENT CONTROLLER processes the personal data provided by its customers and/or users for the following purposes:

Purpose: To respond to requests for information received, answer queries raised, provide the real estate services requested, carry out administrative, commercial, accounting and tax management, as well as send commercial communications about our services by letter, telephone, email, SMS/MMS, WhatsApp, Telegram or other equivalent means of electronic communication, provided that the interested party has consented to the processing of their personal data for this purpose.

Legal basis legitimizing this processing: Execution of a contract to which the data subject is a party or for the implementation at the request of the data subject of pre-contractual measures. Legitimate interest. The data subject's consent, which may be withdrawn at any time.

b) Electronic forms WEBSITE

The TREATMENT CONTROLLER processes the personal data provided by customers and/or users through the electronic forms for the collection of personal data on the WEBSITE for the purposes identified below:

In relation to the "Contact Form" and other queries (those that can be addressed through the e-mail accounts listed on the WEBSITE):

Purpose: To contact the interested party, respond to requests for information received and answer the queries raised, as well as send commercial communications about our services by letter, telephone, email, SMS/MMS, WhatsApp, Telegram or other equivalent means of electronic communication, provided that the interested party has consented to the processing of their personal data for this purpose.
Legal basis that legitimizes this treatment: The consent of the person concerned, which may be withdrawn at any time.

When the data requested in the electronic forms are necessary, the TREATMENT CONTROLLER will indicate such mandatory nature at the time of data collection from customers and / or users and not providing them will mean that the corresponding request cannot be met.

What kind of data do we process?

For the purposes set out in the previous section, the Customer's data is processed, which can be divided into the following sources and categories:

a) Data provided directly by the customer and/or user: data provided directly by the customer and/or user, either at the time of requesting the service through the completion of electronic forms for collecting personal data or in paper format enabled for this purpose as those provided throughout the contractual relationship through various means such as, for example, requests for information or complaints filed. The customer and / or user is responsible for its accuracy and updating.

b) Data obtained from sources other than the client and/or user: data obtained from sources other than the client and/or user, either with their consent or by any other legal authorization (legitimate interest, compliance with a legal obligation...).

c) Data derived from the development of the commercial relationship: data provided indirectly by the client and/or user derived from the provision of the contracted service and the maintenance of this activity. This category includes traffic data, navigation data through the public web page or access to the private area or others of a similar nature.

‍

Registration of processing activities

We inform you that the personal data obtained from the client and/or user as a result of the completion of the electronic forms existing on the WEBSITE are part of the Registry of Processing Activities (RAT) of the TREATMENT CONTROLLER, which will be updated periodically in accordance with the provisions of the RGPD EU 2016/679 and the LOPDGDD 3/2018.

Addressees‍

The personal data of the interested parties will be communicated to the recipients indicated below:

a) In general:

The TREATMENT CONTROLLER'S suppliers as processors, in the framework of the corresponding provision of services (lawyers, accounting, tax and labor advisors, consultants and IT service providers -web site hosting and e-mail service-).

The competent authorities and agencies, to the extent necessary to comply with legal obligations.

b) In relation to the "Contact Form" and other queries (those that can be addressed through the e-mail accounts that appear on the WEBSITE):

No data will be transferred to third parties, unless legally required.

‍

Transfers to third countries

Decision on the adequacy of the EU-US Data Privacy Framework.
There are no plans to transfer data to third countries without an adequate level of protection.

‍

Conservation periods

Personal data will be kept:

a) In general:

The data will be kept as long as you do not request its deletion, and, in any case, for the years necessary to comply with legal obligations.

b) In relation to the "Contact Form" and other queries (those that can be addressed through the e-mail accounts that appear on the WEBSITE):

Personal data will be kept until the end of the relationship between the TREATMENT CONTROLLER and the customer and/or user, unless the latter previously requests the deletion of such data, or until the data subject withdraws the consent given at any time, without affecting the lawfulness of the processing based on the consent prior to its withdrawal.

For this purpose, the data subject is reminded that he/she must inform the CONTROLLER OF THE PROCESSING as the recipient to whom he/she communicates personal data, of any rectification or deletion of the data of his/her representatives, authorized persons and other contact persons.

Once the relationship is terminated, to the extent that the personal data of the data subjects are relevant for the purposes of the TREATMENT CONTROLLER's liability towards customers and/or users, such data shall be kept, duly blocked, at the disposal of the judicial authorities or competent public administrations, for the enforcement of the liabilities arising from the processing for the statute of limitations period thereof.

‍

Rights of interested parties

Customers and/or users of the WEBSITE may exercise the following rights before the CONTROLLER OF THE PROCESSING, to the extent applicable: access to personal data, rectification, erasure (right to be forgotten), limitation of processing, data portability, opposition to processing and not to be subject to automated individual decisions and, when the processing is based on consent, the right to withdraw it at any time.

Customers and / or users may exercise these rights by written and signed request sent to the postal address of the TREATMENT CONTROLLER located in Pasaje de Los Pescadores, 44, Playa de Mogán, 35140 Mogán (Gran Canaria) or through the email address info@norcan.es, attaching, in both cases the interested party, a valid proof of identity in law, as a photocopy of ID / NIE or equivalent document, and clearly indicating the right to be exercised.

Clients and/or users will also have the right to file a complaint before the competent Control Authority (Spanish Data Protection Agency) if they observe that the processing does not comply with the regulations in force or if they consider that their rights have been violated with regard to the protection of their personal data, especially when they have not obtained satisfaction in the exercise of their rights, through the WEB page https://www.aepd.es.

These rights will be met by the TREATMENT CONTROLLER within 1 month, which may be extended to 2 months if the complexity of the request or the number of requests received so requires. All this without prejudice to the duty to retain certain data under the legal terms and until the possible liabilities arising from a possible treatment, or, where appropriate, a contractual relationship.

In addition to the above, and in relation to data protection regulations, Users who so request, have the possibility to organize the destination of their data after their death.

Sending commercial communications

In compliance with the provisions of the Second Final Provision of Law 9/2014, of May 9, on Telecommunications, which amends Law 34/2002, of July 11, on information society services and electronic commerce, commercial communications made by electronic means must be clearly identifiable as such, and the natural or legal person on behalf of whom they are made must also be clearly identifiable, without prejudice to the provisions of the regulations issued by the Autonomous Communities with exclusive powers on consumption.

The client and/or user, who provides his/her contact details to the CONTROLLER OF THE PROCESSING by clicking on the "SEND" button of the electronic forms for collecting personal data on the website and affirmatively check the two existing consent boxes, "I accept the processing of my data for the purposes indicated in the basic information on data protection" and "I consent to receive commercial communications of its services", you expressly authorize and give your express, free and unequivocal consent to the CONTROLLER OF PROCESSING to process your personal data for the purpose of sending you commercial communications about its services by letter, telephone, email, SMS/MMS, WhatsApp, Telegram or by other equivalent means of electronic communication.

The legal basis that legitimizes this treatment is the consent of the person concerned, which may be revoked at any time.

In compliance with the provisions of Articles 21 and 22 of Law 34/2002, of July 11, 2002, on information society services and electronic commerce, the user may oppose the processing of his/her data for promotional purposes and revoke the consent given to receive commercial communications via e-mail by simply notifying the PROVIDER of his/her will through a simple and free procedure, consisting of sending an e-mail to the e-mail address info@norcan.es, indicating "UNSEND" or "DO NOT SEND" in the subject line of the message.

The data provided will be kept for as long as the business relationship is maintained or for the years necessary to comply with legal obligations.

‍

Social Networking Policy

The TREATMENT CONTROLLER has profiles in the main social networks on the Internet.

‍

In this case it is considered responsible for the processing of data of its users, including followers, subscribers, fans, or simply people who make comments or queries through these channels.

‍

In this sense, the TREATMENT CONTROLLER could use this profile to inform its users of news that it considers appropriate for the purpose of the services offered, or perhaps it could also share information or current articles published by other users of social networks.

In no case will use personal information of users without their consent to have relationships other than those expected in the social network mentioned, requesting, where appropriate, the user's own consent.

‍

Accuracy of the data provided by the interested parties

The client and/or user is responsible for the information provided by filling in the electronic forms made available on the WEBSITE or by sending e-mails to the different accounts existing under the Internet domain norcan.es is true, being responsible for the accuracy of all data provided and will keep it updated to reflect a real situation, being responsible for false or inaccurate information provided and for the damages, inconveniences and problems that may cause to the TREATMENT CONTROLLER or third parties.

‍

Safety measures

The TREATMENT CONTROLLER guarantees that it has implemented on the WEBSITE the appropriate technical and organizational policies to apply the security measures established by the RGPD EU 2016/679 and the LOPDGDD 3/2018 in order to protect the rights and freedoms of customers and/or users and has communicated the appropriate information to them so that they can exercise them.

‍

The CONTROLLER OF THE PROCESSING in order to protect individual rights, especially in relation to automated processing and in order to be transparent with customers and/or users, has established a policy that covers all such processing, the purposes pursued by the latter, the legitimacy of such processing and also the tools available to the customer and/or user so that he/she can exercise his/her rights.

‍

The WEBSITE is created with the platform for cloud-based web development of the company Webflow, Inc. complemented with the Weglot plugin (language translation), the Elsfight pluquin to add Google reviews and the Google Maps plugin and has installed an SSL encryption certificate activated for the entire domain and the reCAPTCHA system to detect traffic from automated programs or bots allowing the user to securely send their personal data through the existing electronic forms for collecting personal data, designed with the native contact form of webflow.

‍

Webflow, Inc. is committed to the protection of personal data and complies with the provisions of REGULATION (EU) 2016/679 of the EUROPEAN PARLIAMENT and of the COUNCIL of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation).

Webflow, Inc. complies with the EU-U.S. Data Privacy Framework, which ensures the security and trustworthiness of international transfers of EU-U.S. personal data flows.

‍

The WEBSITE is hosted in the servers that Webflow, Inc. offers to the CONTROLLER OF THE PROCESSING, being the assigned IP address of European range.

All information will be kept and managed with due confidentiality, applying the necessary computer security measures to prevent access or misuse of your data, its manipulation, deterioration or loss.

‍

However, the customer and/or user must bear in mind that the security of computer systems is never absolute. When personal data is provided over the Internet, such information could be collected without your consent and processed by unauthorized third parties. The TREATMENT CONTROLLER disclaims any liability for the consequences of such acts may have for the User, if he/she voluntarily published the information.

‍

Acceptance and consent

The client and/or user declares to have been informed of the conditions on personal data protection, accepting and consenting to the automated processing of the same by the CONTROLLER OF THE PROCESSING in the manner and for the purposes indicated in this Privacy Policy. Certain services provided on the WEBSITE may contain special conditions with specific provisions on personal data protection.

Changes to this privacy policy

THE TREATMENT CONTROLLER reserves the right to modify this Privacy Policy to adapt it to new legislation, jurisprudence, interpretation of the Spanish Data Protection Agency, as well as industry practices.

In such cases, the TREATMENT CONTROLLER will announce on the websites the changes introduced reasonably in advance of their implementation.

This privacy policy may be supplemented by the Legal Notice, Cookies Policy and General Conditions of Contract, if any, are collected for certain products or services, if such access involves any specialty in the protection of personal data.