Privacy Policy


September 2021


MARÍA RIERADEVALL TARRÉS undertakes to protect the privacy of the users that access this website and/or any of its services. The use of the website and/or any of the services offered by MARÍA RIERADEVALL TARRÉS shall imply acceptance by the user of the provisions contained in this Privacy Policy and that their personal data may be processed according to that stipulated herein. Please note that although there may be links from our website to other websites or social networks, this Privacy Policy does not apply to the websites of other companies or organizations to which the website is redirected. MARÍA RIERADEVALL TARRÉS does not control the content of third-party websites, nor do they accept any responsibility for the content or privacy policies of these websites.


Basic information about data processing (Regulation (EU) 2016/679 and Organic Law 3/2018)


Tax ID: 43679964C

Address: Gran Via de Jaume I, 33 Entresuelo 17001 Girona


Purpose of processing Offer and manage our computer services.
Legitimation In general, the legitimacy for the processing of the data is the consent obtained from the data subject or in the execution of the service contract.
Recipients The data will not be communicated to third parties, unless required by law or necessary to fulfill the purpose of the treatment.
Rights of persons Data subjects have the right to exercise their rights of access, rectification, limitation of treatment, deletion, portability, and opposition, by sending their request to our address.
Data withholding period As long as the commercial relationship is maintained or during the years necessary to comply with legal obligations.
Claim Data subjects can contact the Spanish Data Protection Agency to present any claim that they may deem appropriate.
Additional information You may consult the additional and detailed information below in the “Privacy Questions”.


Questions about privacy

In compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016, (GDPR), and Organic Law 3/2018, of December 5, on Personal Data Protection and the Guarantee of Digital Rights (LOPDGDD), we offer you the following information about the processing of your personal data:


Who is the data controller?


Tax ID: 43679964C

Address: Gran Via de Jaume I, 33 Entresuelo 17001 Girona

Tel.: 972414253



For what purpose do we process your personal data?

  • We process the information provided to us to manage our computer services.
  • If we are contacted to make a query, we will process it to respond to the query.
  • If you give us your consent, we can also process your data to send you information about our activities, products, or services. 


How long do we hold onto your data?

  • The personal data provided will be kept as long as you are a user of our services or want to receive information, since you can object to the processing of your data for promotional purposes at any time, and then, during the periods established to comply with our legal obligations, which in the case of accounting and tax documentation for commercial purposes will be 6 years, in accordance with Art. 30 of the Code of Commerce, and for tax purposes it will be 4 years, in accordance with articles 66 to 70 of the General Tax Law.


What is the legitimacy for the processing of your data?

The legitimacy to process the data is in the execution of the service contract and in the consents you give us. Regarding information that is sent by minors under 14 years of age, it will be an essential requirement that it be done with the consent of the parent, guardian, or legal representative of the minor so that the personal data can be processed. If not, the legal representative of the minor will notify us as soon as they have knowledge.


To what recipients is your data communicated?

The data will not be communicated to third parties, unless required by law or necessary to fulfill the purpose of the processing.


What are your rights when you provide us data?

  • Anyone has the right to obtain confirmation about whether or not we are processing their personal data.
  • Data subjects have the right to access their personal data, as well as to request the rectification of inaccurate data or, where appropriate, request its deletion when, among other reasons, the data is no longer necessary for the purposes for which it was collected.
  • In certain circumstances, data subjects may request the limitation of the processing of their data, in this case we will only keep it for the exercise or defense of claims.
  • Also, in certain circumstances and for reasons related to their particular situation, data subjects may oppose the processing of their data. In this case, we will stop processing the data, except for compelling legitimate reasons or for the exercise or defense of possible claims.
  • Data subjects also have the right to data portability.
  • Any data subject will have the right not to be the subject of a decision based solely on automated processing, including profiling, which has legal effects on them in a similar way.
  • Finally, the data subjects have the right to file a claim with the competent Control Authority.


 How can you exercise your rights?

Sending a letter attaching a copy of a document that identifies you, to our physical or electronic address.


How have we obtained your data?

The personal data that we process comes from the data subject. The data subject guarantees that the personal data provided is true and they are responsible for communicating any modification of the same. The data indicated with an asterisk will be mandatory in order to provide the requested service.


What data do we process?

The categories of data that we can process in the provision of our services are:

  • Identifying data
  • Postal or electronic addresses
  • Data of legal representatives of legal persons


The data is limited, since we only process the data necessary for the provision of our services and the management of our activity.


Do we carry out international data transfers?

In the provision of our services, we use auxiliary companies that process data on our own outside the European Union. These international data transfers are covered by the standard data protection contractual clauses adopted by the European Commission, in accordance with the examination procedure referred to in article 93, section 2 of the GDPR.


Do we use cookies?

We use cookies while browsing our website with the user’s consent.

The user can set up their browser to be notified of the use of cookies and to prevent their use. Please visit our cookie policy.


 What security measures do we apply?

We apply the security measures established in article 32 of the GDPR, therefore, we have adopted the necessary security measures to guarantee a level of security appropriate to the risk of the data processing that we carry out, with mechanisms that allow us to guarantee confidentiality, integrity, permanent availability, and resilience of the processing systems and services.


Some of these measures include:

  • Information on the personal data processing policies.
  • Creation of occasional backups.
  • Data access control.
  • Regular verification, evaluation, and assessment processes.


How do we process third-party data?

When in providing our services, we have to process personal data for which other entities are responsible, we will do so as data processors, in accordance with the provisions of article 28 of the GDPR. These processing of personal data will be regulated in the corresponding data processing contract.