In this regard, the Data Controller guarantees compliance with current legislation on personal data protection, reflected in Organic Law 15/1999, of December 13, on Protection of Personal Data (LOPD), and Royal Decree 1720/2007, of December 21, known as the Regulation implementing the LOPD. It also complies with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons (GDPR).
Principles applied in data processing
In the processing of your personal data, the Data Controller will apply the following principles that comply with the requirements of the new European data protection regulation:
- Principle of legality, loyalty, and transparency: The Data Controller will always require consent for the processing of your personal data, which may be for one or several specific purposes about which you will be previously informed with absolute transparency.
- Data minimization principle: The Data Controller will request only the data strictly necessary for the purpose or purposes that request them.
- Principle of limitation of the conservation period: The data will be kept for the strictly necessary time for the purpose or the purposes of the processing. The Data Controller will inform you of the corresponding conservation period according to the purpose. In the case of subscriptions, the Data Controller will periodically review the lists and delete those records inactive for a considerable time.
- Principle of integrity and confidentiality: Your data will be processed in such a way that their security, confidentiality, and integrity are guaranteed. You should know that the Data Controller takes the necessary precautions to prevent unauthorized access or improper use of its users’ data by third parties.
Collection of personal data
To browse North Tokyo, you do not need to provide any personal data.
The cases in which you do provide your personal data are the following: When contacting through the contact forms or sending an email.
The Data Controller informs you that you have the right to:
- Request access to stored data.
- Request a rectification or cancellation.
- Request the limitation of its processing.
- Oppose the processing.
- Request the portability of your data.
The exercise of these rights is personal and therefore must be exercised directly by the interested party, requesting it directly from the Data Controller, which means that any customer, subscriber or collaborator who has provided their data at any time can contact the Data Controller and ask for information about the data it has stored and how it has obtained them, request the rectification of them, request the portability of their personal data, oppose the processing, limit their use or request the cancellation of these data in the Data Controller’s files.
To exercise your rights of access, rectification, cancellation, portability, and opposition you have to send an email to firstname.lastname@example.org along with valid proof in law such as a photocopy of the D.N.I. or equivalent.
You have the right to effective judicial protection and to file a complaint with the supervisory authority, in this case, the Spanish Data Protection Agency, if you consider that the processing of personal data concerning you infringes the Regulation.
Purpose of personal data processing
The personal data and the purpose of the processing by the Data Controller are different depending on the information capture system:
- Contact forms: The Data Controller requests personal data among which may be: First and last name, email address, phone number, and the address of your website in order to respond to your queries. For example, the Data Controller uses that data to respond to your messages, doubts, complaints, comments or concerns that you may have relating to the information included on the website, the services provided through the website, the processing of your personal data, issues relating to the legal texts included on the website, as well as any other queries you may have that are not subject to the website conditions or the contracting.
There are other purposes for which the Data Controller processes your personal data:
- To ensure compliance with the conditions contained in the Legal Notice and in the applicable law. This may include the development of tools and algorithms that help this website ensure the confidentiality of the personal data it collects.
- To support and improve the services offered by this website.
- To manage social networks. The Data Controller has a presence on social networks. If you become a follower on the Data Controller’s social networks, the processing of personal data will be governed by this section, as well as by those conditions of use, privacy policies and access regulations that belong to the appropriate social network in each case and which you have previously accepted.
You can consult the privacy policies of the main social networks on these links:
The Data Controller will process your personal data for the purpose of correctly managing its presence on the social network, informing you of its activities, products or services, as well as for any other purpose that the regulations of social networks allow.
Under no circumstances will the Data Controller use the profiles of followers on social networks to send advertising individually.
To protect your personal data, the Data Controller takes all reasonable precautions and follows industry best practices to prevent their loss, misuse, unauthorized access, disclosure, alteration, or destruction.
Content from other websites
The pages on this website may include embedded content (e.g., videos, images, articles, etc.). Embedded content from other websites behaves exactly the same as if you had visited the other website.
Legitimization for data processing
The legal basis for the processing of your data is: consent.
Categories of personal data
The categories of personal data that the Data Controller processes are:
- Identifying data.
Retention of personal data
The personal data that you provide to the Data Controller will be retained until you request their deletion.
Recipients of personal data
Google Analytics is a web analytics service provided by Google, Inc., a Delaware company whose main office is at 1600 Amphitheatre Parkway, Mountain View (California), CA 94043, United States (“Google”). You will find more information at: https://analytics.google.com
Google Analytics uses «cookies», which are text files located on your computer, to help the Data Controller analyze the use that users make of the website. The information generated by the cookie about the use of the website (including your IP address) will be directly transmitted and archived by Google on servers in the United States.
You can also see a list of the types of cookies that Google and its partners use and all the information related to their use of advertising cookies.
When browsing North Tokyo, non-identifying data may be collected, which may include the IP address, geolocation, a record of how services and sites are used, browsing habits, and other data that cannot be used to identify you.
The website uses the following third-party analysis services:
- Google Analytics
The Data Controller uses the information obtained to obtain statistical data, analyze trends, manage the site, study browsing patterns, and to collect demographic information.
Accuracy and truthfulness of personal data
You commit to ensure that the data provided to the Data Controller are correct, complete, accurate, and current, as well as to keep them duly updated.
As a User of the website, you are solely responsible for the truthfulness and correctness of the data that you submit to the site, thereby exonerating the Data Controller of any responsibility in this regard.
Acceptance and Consent
To exercise your rights of access, rectification, cancellation, portability, and opposition you have to send an email to email@example.com along with valid legal proof such as a photocopy of your D.N.I. or equivalent.
The exercise of your rights does not include any data that the Data Controller is obliged to keep for administrative, legal or security purposes.
These policies will be in effect until they are modified by others duly published.