PRIVACY AND DATA PROTECTION
Contents
- Commitment to Data Protection and Privacy
- Definitions
- Entity responsible for the data processing
- Data Controller Contact Details
- Collection and Processing of Personal Data
- Categories of Personal Data Processed
- Legal Principles
- Legitimate Grounds
- Purpose of Processing
- Data Storage Periods
- Use of Cookies
- Communication of Data to Other Entities
- Data Recipients
- International Data Transfers
- Security Measures
- Exercise of Rights by Personal Data Subjects
- Complaints or Suggestions and Incident Reporting
- Incident Reporting
- Amendment of Privacy Policy
- Express Consent and Acceptance
- Data Protection Office
Commitment to Data Protection and Privacy
ANGRY METAL STUDIOS, S.L. (hereinafter, THE ANGRY METAL COMPANY) complies with all applicable EU and national legal rules in the area of data protection, privacy and information security.
THE ANGRY METAL COMPANY is implementing a Personal Data Protection System and an Information Security System in order to ensure regulatory compliance and demonstration of institutional responsibility for data protection and information security, implementing all necessary technical and organizational measures, both to comply with the general legal regime of the current Data Protection Law and to comply with the special legal regime of the General Data Protection Regulation applicable from 25 May 2018.
For any clarification or additional information or to exercise rights in this area, please contact THE ANGRY METAL COMPANY Data Protection Office by email at really@angrymetal.net
Definitions
«Personal data»
Personal data means information relating to an identified or identifiable natural person (‘data subject’); an identifiable person is a natural person who can be identified, directly or indirectly, in particular by reference to an identifier. Personal identifiers may be, for example, a name, an identification number, location data, identifiers by electronic means or one or more specific elements of the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
«Processing of Personal Data»
Processing means an operation or a set of operations carried out on personal data or on personal data sets by automated or non-automated means, such as collection, recording, organization, structuring, storage, adaptation or modification, retrieval, consultation, use, disclosure by transmission, dissemination or any other form of disclosure, comparison or interconnection, limitation, deletion or destruction.
«Cookies»
Cookies are small text files with information deemed relevant that the devices used for access (computers, mobile phones or portable mobile devices) download via the browser, when a website is visited by the Client or User.
Entity responsible for the data processing
ANGRY METAL STUDIOS, S.L., headquartered at Pola de Siero St. 2, 4B (33207) Gijón, Asturias, SPAIN, with corporate ID/Tax Number: B52526860 enrolled in the Commercial Registry Office of Asturias under Tome: 4124; Sheet: 1; Page: AS-47820 inscripción 1ª, hereinafter referred to as THE ANGRY METAL COMPANY, is the entity responsible for the websites https://angrymetal.net/ and for the computerized applications, hereinafter referred to as channels or applications, through which Users, Service Recipients or Clients have remote access to the services and products. which are presented, marketed or provided, at any time, through them.
The use of channels or applications by any User, Service Recipient or Client may entail the performance of personal data processing operations, whose protection, privacy and security by THE ANGRY METAL COMPANY, as the entity responsible for their processing, is in accordance with the terms of this Data Protection and Privacy Policy.
Data Controller Contact Details
For the purpose of contact with THE ANGRY METAL COMPANY Data Protection Office, please send an email to really@angrymetal.net describing the subject of the request and indicating an email address, a telephone contact number or a mailing address.
Collection and Processing of Personal Data
THE ANGRY METAL COMPANY processes the personal data strictly necessary to ensure the disclosure of information and the operation of its channels, according to the uses made by Users, Service Recipients or Clients, whether those provided by Users or Service Recipients for the purpose of registering requests or obtaining information, or those provided by Clients for the purposes of subscribing to those channels, or those resulting from the use of the services provided by THE ANGRY METAL COMPANY through them, such as access, consultation, instructions, transactions and other records relating to their use.
In particular, the use or activation of certain channel functionalities may involve the processing of a number of direct or indirect personal identifiers, such as name, address, contact details, device addresses or geographical location, provided that the express consent of the User, Service Recipient or User/Client for such use has been given.
In all cases, Users, Service Recipients or Clients will always be informed of the need to access such data for the use of the functionalities of the channels in question.
The personal data collected by THE ANGRY METAL COMPANY are processed electronically, in certain cases in an automated way, including file processing or profile definition and in the scope of pre-contractual, contractual or post-contractual relationship management with Users, Service Recipients or Clients, in accordance with current national and Community regulations
Categories of Personal Data Processed
The categories or types of personal data of Users, Service Recipients or Clients processed are: name, surname, date of birth, address, postcode, country, landline number, mobile number, e-mail, taxpayer number or identification document number (non-mandatory).
Legal Principles
All data processing operations comply with the fundamental legal principles in the area of data protection and privacy, in particular as regards their circulation, lawfulness, reliability, transparency, purpose, minimization, retention, accuracy, integrity and confidentiality, and THE ANGRY METAL COMPANY is prepared to demonstrate its responsibility to the data subject or any third party that has a legitimate interest in this matter.
Legitimate Grounds
All data processing operations are carried out by THE ANGRY METAL COMPANY on legitimate grounds, in particular, either because the data subject has given his/her consent to the processing of his/her personal data for one or more specific purposes, or because the processing is deemed necessary for the performance of a contract in which the data subject is a party, or for pre-contractual arrangements at the request of the data subject, or because the processing is necessary for compliance with a legal obligation to which the data controller is subject, or because the processing is necessary for the legitimate interests pursued by THE ANGRY METAL COMPANY or by third parties.
Purpose of Processing
All personal data processed within the channels of THE ANGRY METAL COMPANY are exclusively intended for the provision of information to Users, the management of the personal information of Service Recipients deemed necessary for the purpose of managing the relationship or communication, as well as the provision of the services contracted by Clients and, in general, the management of the pre-contractual, contractual or post-contractual relationship with Users or Clients.
The personal data collected may also be processed for statistical purposes, for information disclosure or promotional activities, and for commercial or marketing activities, in particular to promote actions to disseminate new functionalities or new products and services, by means of direct communication, either by correspondence, or by electronic mail, messages or telephone calls or any other electronic communications service.
Provided the prior information and the collection of the express authorization for the latter purposes are always assured, Users or Clients may at any time exercise their right of objection to the use of their personal data for other purposes that extrapolate the management of the contractual relationship, namely for marketing purposes, for sending information communications or for inclusion in lists or information services, and should, for this purpose, send a written request addressed to THE ANGRY METAL COMPANY Data Protection Office, in accordance with the procedures indicated below.
Data Storage Periods
Personal data will be stored only for the period necessary for the purposes that led to their collection or subsequent processing, and compliance with all applicable legal rules on archiving is ensured.
Use of Cookies
THE ANGRY METAL COMPANY may possibly use two broad categories of cookies: cookies in the field of online websites and cookies within the scope of direct electronic communication channels, and in either of the categories they may be disabled by Users or Clients.
THE ANGRY METAL COMPANY uses cookies on its websites in order to improve the performance and browsing experience of Users and Clients, increasing, on the one hand, the speed and efficiency of response and, on the other hand, eliminating the need to repeatedly enter the same information.
The use of cookies helps websites to recognize the devices of Users and Clients the next time they visit them, and in some cases it is also essential for their operation.
The cookies used by THE ANGRY METAL COMPANY in all its channels do not collect personal information that allows the identification of Users or Clients, and keep only generic information, namely the form or geographic location of access and the way in which they use the channels, among others. The cookies retain only information related to the preferences of Users and Clients, and no personal identifiers are recorded.
Users, Service Recipients and Clients may at any time, through the computer application that they use to navigate the Internet (‘browser’), make the decision to be notified about the receipt of cookies, as well as to block their entry to their system.
Depending on the intended purposes, THE ANGRY METAL COMPANY may, where appropriate, use three different types of cookies, according to the following specifications:
(i) essential cookies – some cookies are essential for accessing specific areas of on-line channels, allowing the browsing and use of applications, such as access to secure areas of the sites, through user registration – without these cookies, services which require this cannot be provided;
(ii) functionality cookies – functionality cookies allow user browsing preferences to be remembered, thereby avoiding the need to reconfigure and customize for each visit;
(iii) analytical cookies – these cookies are used to analyse how users use websites, highlighting articles or services that may be of interest to users, monitoring site performance, and identifying the most popular pages, the most effective means of linking pages, or to determine why some pages receive error messages – these cookies are only used for statistical analysis and creation, without ever gathering information of a personal nature.
Communication of Data to Other Entities
The disclosure of information or the provision of services by THE ANGRY METAL COMPANY to its Users or Clients through the channels may possibly involve the use of services of subcontracted third parties, including entities with head offices outside the European Union, to provide certain services, which may imply access by these entities to the personal data of Users or Clients.
In these circumstances and whenever necessary, THE ANGRY METAL COMPANY will only resort to subcontracted entities that present adequate guarantees of execution of adequate technical and organizational measures in a way that the processing meets the requirements of the applicable standards, such guarantees being formalized in a contract signed between THE ANGRY METAL COMPANY and each of these third parties.
Data Recipients
Except in the scope of compliance with legal obligations, in no case will there be any communication of the personal data of Users, Service Recipients or Clients to third parties that are not subcontracted entities or legitimate recipients, and also no other communication will be carried out for any purposes other than those mentioned above.
International Data Transfers
Any transfer of personal data to a third-party country or an international organization shall only be carried out within the framework of the fulfilment of legal or guaranteed obligations which is in conformity with the applicable Community and national legal rules in this regard.
Security Measures
Taking into account the most advanced techniques, the costs of application and the nature, scope, context and purposes of processing, as well as the risks, of probability and variable gravity, for Users or Clients, THE ANGRY METAL COMPANY and all entities that are its subcontractors shall apply the appropriate technical and organizational measures to ensure a level of security appropriate to the risk.
To that end, a number of security measures are adopted to protect personal data against unauthorized disclosure, loss, misuse, alteration, processing or access, as well as against any other form of illegal processing.
It is the sole responsibility of Users, Service Recipients or Clients to keep the access codes secret, not sharing them with third parties, and in the particular case of the computer applications used to access the channels, to maintain and keep the access devices in conditions of safety and follow the safety practices recommended by manufacturers and / or operators, in particular regarding the installation and updating of the necessary security applications, among others, antivirus applications.
In light of the need to subcontract services to third parties that may have access to the personal data of Users or Clients, THE ANGRY METAL COMPANY‘s subcontractors will be obliged to adopt security measures and protocols at the organization level and technical characteristics necessary to protect the confidentiality and security of personal data, as well as to prevent unauthorized access, loss or destruction of personal data.
Exercise of Rights by Personal Data Subjects
As personal data subjects, THE ANGRY METAL COMPANY Users and Clients may, at any time, exercise their data protection and privacy rights, in particular the rights of access, rectification, deletion, portability, limitation or objection to processing, under the terms and limitations set forth in the applicable standards.
Any request for the exercise of data protection and privacy rights must be addressed, in writing, by the data subject, to the Data Protection Office, according to the procedure and contact details described below.
Complaints or Suggestions and Incident Reporting
Users and Clients of THE ANGRY METAL COMPANY have the right to submit a complaint by submitting a complaint to the data protection control authorities.
THE ANGRY METAL COMPANY Users and Clients may also make suggestions through electronic mail sent to the Data Protection Office.
Incident Reporting
THE ANGRY METAL COMPANY has implemented an incident management system in the scope of data protection, privacy and information security.
Any User or Client who wishes to report the occurrence of any situation of violation of personal data that causes, accidentally or unlawfully, the unauthorized destruction, loss, alteration, disclosure or access to personal data transmitted, stored or otherwise processed, may contact the Data Protection Office or use the general contact details of THE ANGRY METAL COMPANY described above.
Amendment of Privacy Policy
In order to ensure its updating, development and continuous improvement, THE ANGRY METAL COMPANY may, at any time, make any changes considered appropriate or necessary to this Data Protection and Privacy Policy, and its publication is assured in the different channels to guarantee their transparency and information to Users and Clients.
Express Consent and Acceptance
The terms of the Data Protection and Privacy Policy are complementary to the terms and provisions regarding personal data provided in the General Conditions of Use of THE ANGRY METAL COMPANY channels.
The free, specific and informed disclosure of personal data by the data subject implies the knowledge and acceptance of the conditions contained in this Policy, considering that, by using the channels or by making their personal data available, Users, Service Recipients and Clients expressly authorize their processing, in accordance with the rules defined in each of the applicable channels or collection instruments.
Data Protection Office
For the exercise of any kind of data protection and privacy rights or for any subject related to data protection, privacy and information security issues, Users, Service Recipients and Clients of THE ANGRY METAL COMPANY may contact the Data Protection Office via e-mail really@angrymetal.net, describing the subject of the request and indicating an e-mail address, a telephone contact number or a mailing address for reply.
