I. PRIVACY POLICY AND DATA PROTECTION
In compliance with current legislation, M.F. WINFOR, SLU (hereinafter also referred to as the Website) undertakes to adopt the necessary technical and organizational measures according to the level of security appropriate to the risk of the data collected.
Laws Incorporated into this Privacy Policy
This privacy policy is adapted to the current Spanish and European regulations on personal data protection on the internet. Specifically, it complies with the following regulations:
- Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR).
- Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights (LOPD-GDD).
- Royal Decree 1720/2007, of December 21, approving the Regulations implementing Organic Law 15/1999, of December 13, on the Protection of Personal Data (RDLOPD).
- Law 34/2002, of July 11, on Information Society Services and Electronic Commerce (LSSI-CE).
Identity of the Data Controller
The data controller of the personal data collected in Consulting Services is: M.F. WINFOR, SLU, with Tax ID (NIF): B60812609 and registered in the Barcelona Mercantile Registry with the following registration details: volume 28,022, folio 59, sheet B127852, entry 1, whose representative is Miquel Illa Oliveras (hereinafter, Data Controller).
Contact details:
- Address: Avinguda Sant Antoni Mª Claret, 6, 08760 Martorell, Barcelona
- Phone: +34 607 574 431
- Email: info@winfor.eu
Personal Data Records
In compliance with the GDPR and LOPD-GDD, we inform you that the personal data collected by Consulting Services through the forms on its pages will be incorporated and processed in our files in order to facilitate, expedite and fulfill the commitments established between Consulting Services and the User, or to maintain the relationship established through the forms completed by the User, or to respond to requests or inquiries.
Likewise, in accordance with the GDPR, unless the exception provided in Article 30.5 applies, a record of processing activities is maintained specifying the purposes, processing activities, and other circumstances established by the GDPR.
Principles Applicable to the Processing of Personal Data
The processing of the User’s personal data shall be subject to the following principles:
- Lawfulness, fairness, and transparency: user consent will always be required after fully transparent information about the purposes.
- Purpose limitation: data will be collected for specific, explicit, and legitimate purposes.
- Data minimization: only strictly necessary data will be collected.
- Accuracy: data must be accurate and kept up to date.
- Storage limitation: data will be kept only for as long as necessary.
- Integrity and confidentiality: data will be processed securely.
- Accountability: the Data Controller is responsible for compliance.
Categories of Personal Data
Only identification data is processed. No special categories of personal data (Article 9 GDPR) are processed.
Legal Basis for Processing
The legal basis is the User’s consent. Consulting Services undertakes to obtain explicit and verifiable consent.
The User may withdraw consent at any time. Withdrawal will not generally affect use of the Website.
Purpose of Processing
Personal data is collected to:
- Facilitate and manage the relationship between the Website and the User
- Respond to requests or inquiries
Data may also be used for commercial, personalization, statistical, and marketing purposes to improve content, quality, and navigation.
Data Retention Period
Personal data will be retained for the minimum time necessary and, in any case, for a maximum of 12 months, or until the User requests deletion.
Data Recipients
User data will be shared with:
- Google Analytics – Google Ireland Ltd.
If international transfers occur, the User will be informed accordingly.
Minors’ Data
Only users over 14 years old may consent. For users under 14, parental or guardian consent is required.
Data Security and Confidentiality
Consulting Services adopts appropriate technical and organizational measures to ensure data security and prevent unauthorized access, loss, or alteration.
The Website uses SSL encryption to ensure secure transmission.
However, absolute security cannot be guaranteed. In case of a data breach posing high risk, the User will be notified without undue delay.
All data will be treated as confidential.
User Rights
The User may exercise the following rights:
- Right of access
- Right to rectification
- Right to erasure (“right to be forgotten”)
- Right to restriction of processing
- Right to data portability
- Right to object
- Right not to be subject to automated decisions
To exercise these rights, the User must send a written request with the reference “GDPR-www.winfor.es”, including identification and details of the request, to:
- Postal address: Avda. Sant Antoni M. Claret, 6 – 08760 Martorell – Barcelona
- Email: info@winfor.eu
Third-Party Links
The Website may include links to third-party websites, which have their own privacy policies and are responsible for their own practices.
Complaints to Supervisory Authority
If the User believes their data is being improperly processed, they may file a complaint with the relevant supervisory authority. In Spain, this is the Spanish Data Protection Agency (AEPD).
II. ACCEPTANCE AND CHANGES TO THIS PRIVACY POLICY
The User must read and accept this Privacy Policy for the processing of their data. Use of the Website implies acceptance.
Consulting Services reserves the right to modify this policy. Changes will not be explicitly notified, so Users are advised to review it periodically.
This policy has been updated in accordance with GDPR and Organic Law 3/2018.
INFORMATION SECURITY POLICY
At Goed Comunicació, SL (Winfor), we are committed to maintaining the highest standards of security and privacy in information management.
Our full Information Security Policy can be consulted at:
LINK TO INFORMATION SECURITY POLICY PDF
Security Certification
Our company holds certification in information security management systems. You can verify its validity via the official SGS directory:
Verify SGS Certification
Security Commitment
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, protecting confidentiality, integrity, and availability of information.
This policy is periodically reviewed and updated to ensure its effectiveness and compliance.