Privacy and Cookies Policy
June 1, 2018
Through this Privacy and Cookies Policy (hereinafter, the “Privacy and Cookies Policy”), the privacy and cookies policy of the website https://www.blaw.es/ (hereinafter, “the Platform”), owned by BLT LAW AND TAX, SL (BLAW, hereinafter), a Spanish commercial company registered in the Commercial Registry of Madrid in volume 22389, folio 4, section 8, sheet number 399831, entry 6. With registered and fiscal address located at Calle Montalbán, 3, 2nd right, 28014, Madrid, with tax identification code (CIF) B-84577246, and contact email for the purposes of this privacy and cookies policy at: info@blaw.es.
1 | USE, PURPOSE, AND APPLICABLE LEGAL REGIME
The Platform is a mechanism of interaction, communication, and support that BLAW makes available to Internet users to provide them with sufficient, legal, and appropriate information regarding its activities, products, and services related to its legitimate economic and business activities, which are governed by the applicable Spanish regulations and, with regard to:
• The provision of information society services, in a basic sense, by Law 34/2002, of July 11, on information society services and electronic commerce.
• The processing of personal data, by the current Spanish and European regulations on the protection of personal data of individuals. In particular, as of May 25, 2018, Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 (hereinafter, the “GDPR”), in accordance with the provisions of this regulation.
In any case, the user agrees to make appropriate and lawful use of the Platform as well as the contents, products, and services provided through it, in accordance with the applicable legislation at all times.
Likewise, the user of the Platform specifically agrees to the following:
• Ensure the authenticity, truthfulness, timeliness, and accuracy of all data communicated to BLAW, with such user being solely responsible otherwise.
• Use it exclusively for the purposes and functionalities provided for by BLAW, presenting such functionalities as they are by BLAW, and the user is prohibited from using the Platform for any other purpose or means.
• Make legal and legitimate use of the Platform, avoiding unauthorized, fraudulent, illegal, or illegitimate use of it and/or the contents and information provided through it, avoiding violating this policy and the applicable regulations, and damaging the legitimate rights and interests of BLAW or any other third party that may be affected as a result of such actions.
• Not cause damage to the systems or elements associated with the Platform, its providers, or third parties, or attempt to break the security or authentication measures of the same, carry out any action that causes disproportionate or unnecessary saturation in the infrastructure or communication environment related to the Platform, attacking it in any way. BLAW may take any preventive or corrective measures necessary to protect its interests in ensuring the proper functioning of the Web Platform and the specific functionalities provided in each case.
• Not introduce or spread computer viruses or malware through the Platform that may cause damage.
• Not attempt to access, use, and/or manipulate the data of BLAW or under its responsibility, or of third-party providers and other users.
• In particular, and for illustrative purposes only and not exhaustively, the user agrees not to transmit, disseminate, or make available to third parties information, data, content, messages that may constitute a violation of the rights of BLAW or third parties.
• Not to access without authorization or interact with a false identity, impersonating or not the identity of third parties, or using a profile or performing any other action that may cause confusion or lead to an error about the correct identification of the user in question.
2 | USERS
This privacy and cookies policy is addressed to users of the Platform regarding the processing of their personal data. In any case, it is emphasized that this Platform is aimed at users over 18 years of age, and its use by minors is prohibited. The information and personal data provided by users who intend to browse or register on the Platform must be:
• Sufficient, although adjusted, limited, and proportionate to the legitimate processing purposes informed by BLAW, with the utmost respect for the principles of purpose limitation and minimization of personal data (Articles 5.1 b) and c) of the GDPR).
• Accurate, up-to-date, and truthful, in order to verify the identity, capacity, and, where appropriate, representation of the user in question adequately, as well as to adjust, in each case, the data processing carried out to the specific needs and real situation of the users. All this in accordance with the principle of accuracy of personal data (5.1 section d) of the GDPR).
Users will be fully responsible for the correct use of their user accounts and the associated passwords. If the registered user believes that the security of their account and associated passwords may have been compromised, they must immediately contact BLAW through the contact details provided at the beginning of this Policy and report the situation or incident so that BLAW can take appropriate measures from the moment of communication made by the user. Any liability for damages associated with improper use and personal management of accounts and associated passwords will be the responsibility of the account holders, completely exempting BLAW as a result of the above.
3 | RIGHT TO INFORMATION
In compliance with the current personal data protection regulations and particularly with what is provided in Articles 12 to 14 of the GDPR, the following information is provided:
• That the data controller is BLT LAW AND TAX, SL, with registered and fiscal address located at Calle Montalbán,3, 2nd right, 28014, Madrid, and with tax identification code B-84577246 and website https://www.blaw.es/ and contact email: info@blaw.es.
That the personal data that users provide through the Platform will be processed for the specific purpose stipulated in this privacy and cookies policy and, where appropriate, in the different data forms available on the Platform. In this sense, the collection of data through the Platform is for the following processing purposes:
• Enable users to navigate it, allowing access to the information and content available on the Platform, including information about promotional or advertising campaigns aimed at hiring products and services, either from BLAW or from third-party companies related to BLAW. This access is understood without prejudice to the onerous nature of the specific content, services, and products offered through the Platform, which users can hire if they wish.
• Address specific requests and inquiries that users may make in this area.
• Take any applicable protection measures in accordance with current regulations, including the possible anonymization of their personal data by applying the appropriate techniques available for this purpose. Therefore, in this area, anonymization and pseudonymization treatments may also be carried out for the better protection of their personal data.
• Apply the relevant security measures, technical and/or organizational, on the personal data of users that are convenient in response to the risks always detected regarding their rights by BLAW, including the encryption of personal data and other measures that may involve certain treatments on user data through the Platform.
If you do not agree with such processing purposes, we urge you to leave our Platform immediately. Otherwise, for example, by accepting this policy, or simply by continuing to browse the Platform, with prior knowledge of the purpose of personal data processing, it will be understood that users accept and give their express consent to such processing, without prejudice to their right to revoke it at any time by contacting BLAW through the contact details provided in this policy.
- That the main legitimate basis for processing is, in principle, the user’s consent. Once the user has been informed of this policy, if they accept it or simply continue browsing the Platform, it will be understood that they give their unequivocal consent to the processing of their personal data for the specified purposes. Therefore, if a user does not agree with this policy or the informed processing purposes, as mentioned before, they are encouraged to discontinue browsing and immediately leave the Platform. In the case of specific requests or contracting by users of certain content, products, or services through the Platform, the main basis for processing will be related to the necessary application of pre-contractual measures at the request of the interested party, when applicable, or the execution of a contract if the user finally contracts the corresponding content, product, or service.
- That, as a general rule, the personal data of users collected through the Platform will not be transferred to third parties without prior notification to users. This notification will include specific details about the data to be transferred, the identity of the recipients or assignees of the data, their activities, and the specific processing purposes to which these recipients may allocate the data. Therefore, the personal data of users will not be transferred to any other third party unless the user provides consent or, in specific cases, there is another legal basis for the processing as outlined in Article 6 of the GDPR. For example, this may include the fulfillment of a legal obligation by BLAW (legal basis for processing).
- That, as a general rule, international transfers of your personal data are not anticipated. However, if such transfers become necessary, the required measures will be taken in accordance with the GDPR to ensure compliance with data protection regulations.
- In accordance with Article 30 of the Spanish Commercial Code, if the user is a client of BLAW, their personal data may be retained by BLAW for a period of six years after the termination of the relationship between the parties. If the user is not a client, their user data will be retained for the strictly necessary time to enable them to navigate, access, and enjoy the content, products, and services provided through the Platform that they may require or visit. This retention aligns with the provisions of this privacy and cookies policy and applicable legislation in each case.
- You may exercise your rights of access, rectification, erasure, limitation of processing, data portability, and objection by sending a written communication via email to info@blaw.es with the reference “Exercise of Rights,” and attaching a copy of your national identity document or equivalent identification document (passport, N.I.E….) to your request. If you do not consider that your personal rights have been duly addressed, you may file a complaint with the competent supervisory authority, in this case, the Spanish Data Protection Agency.
4 | CONSENT OF THE DATA SUBJECT
By accepting this policy, the user gives their unequivocal, free, and informed consent for the processing of their personal data for the purposes described in section 3 of this privacy and cookies policy. In the specific case of cookies, the provisions in section 7 of this same policy must be followed.
The user will have the ability to choose the processing and destination of their data, according to their specific interests and needs in each case. When the processing is based on the user’s consent, they have the right to withdraw it at any time, although such withdrawal will not affect the legality of the prior processing carried out by BLAW.
In any case, BLAW may prevent the use of the Platform and its associated services, content, and features if the user does not accept this policy or does not consent to the processing of their personal information in accordance with it.
The acceptance of this policy is independent of the possible acceptance of specific legal terms and conditions that may govern the specific contracting by users of services and products provided through the Platform.
5 | SECURITY
BLAW has adopted and implements the security levels required by applicable legislation regarding the personal data under its responsibility, based on the corresponding risk assessment. BLAW seeks to install and/or apply additional technical or organizational means and measures to enhance the overall security of personal data processing, systems, communication environment, and corporate organization. This is done to ensure proper protection against unauthorized or unlawful processing, as well as against its loss, destruction, or accidental damage (principle of integrity and confidentiality). However, the user should be aware that security measures on the Internet are not invulnerable and are subject to the current state of technology and its cost of implementation.
In this regard, BLAW will give special consideration to the criteria for application and security measures, as well as other security obligations associated with the GDPR, with particular attention to the provisions of Article 32 of the GDPR.
6 | DUTY OF SECRECY AND CONFIDENTIALITY
BLAW undertakes to comply with the duty of secrecy and confidentiality regarding the information and personal data provided by the users of the Platform, which is under its control and responsibility, in accordance with the applicable legislation and the risk approach that always corresponds.
7 | COOKIE POLICY
As established in Consideration 30 of the GDPR, individuals can be associated with online identifiers provided by their devices, applications, tools, and protocols, such as internet protocol addresses, session identifiers in the form of “cookies,” or other identifiers such as radio frequency identification tags. This can leave traces that, especially when combined with unique identifiers and other data received by servers, can be used to create profiles of individuals, and identify them. For this reason, BLAW has a cookie policy consistent with the applicable regulations.
7.1. Applicable Regulations
Article 22 of Law 34/2002, of July 11, on Information Society Services and Electronic Commerce (LSSICE), concerning the rights of recipients in electronic commercial communications, stipulates that service providers can only use data storage and retrieval devices on the terminal equipment of recipients when they have given their prior informed consent.
In this regard, clear and comprehensive information must be provided to these recipients and end-users regarding the use of such devices, particularly regarding the purposes of data processing, in accordance with data protection regulations. Therefore, when technically possible and effective, the recipient’s consent for data processing may be facilitated using appropriate browser or other application settings.
The above will not prevent the technical storage or access solely for the purpose of transmitting a communication over an electronic communications network or, to the extent strictly necessary, for the provision of an information society service explicitly requested by the recipient.
7.2. User Consent and Cookies: General Rule and Exception
In general, when the installation and/or use of cookies involve the processing of personal data, whether they are first-party or third-party cookies, session or persistent cookies, BLAW, as the data controller, will provide necessary information in this regard and obtain the prior informed consent of the user to install and/or use such cookies.
The only exceptions to such consent are those cookies that exclusively enable communication between the user’s device and the network, and strictly those used to provide a service requested by the user. For example, “technical cookies” (e.g., those necessary for navigation on the platform or application), “personalization or configuration cookies” (e.g., those that allow the page to recognize the user’s language, etc.), and “security cookies” (e.g., detecting repeated and incorrect attempts to connect to a site) would be exempt.
7.3. Are Cookies Used on the Platform? What Are They?
Cookies are used on the Platform, which are files or devices downloaded to the user’s terminal equipment (personal computer, smartphone, tablet, terminals, and mobile devices, etc.), regardless of their nature, with the main purpose of ensuring the proper functioning of the Platform (remembering the selected language and similar functions). Thus, in general, and without prejudice to what is stated below, cookies enable navigation on the Platform, as well as certain utilities and services provided therein. It is noted that disabling or blocking them may affect the user’s navigation or the proper and full use of the Platform.
7.4. What Cookies Do We Use on the Platform?
Cookies may be first-party or third-party. First-party cookies are sent or served to the user’s terminal equipment from the Platform (publisher) and are managed by it, while third-party cookies are sent or served to the user’s terminal equipment from other domains or devices not managed by the Platform (publisher) but by another entity that processes data obtained through cookies.
Furthermore, these cookies can be session or persistent. The former are designed to collect and store data while the user accesses the Platform, with the main purpose of storing information that is only of interest to retain for the provision of the service requested by the user on a single occasion. However, with the latter, data continues to be stored on the user’s terminal and can be accessed and processed for a period defined by the cookie’s controller.
Cookies can also be technical, allowing the user to navigate through the Platform and use different options or services provided through it, for example, controlling traffic and data communication, identifying the session, accessing restricted access parts, remembering elements that make up a contractual request, using security elements during navigation, storing content for video or sound dissemination, or sharing content through social networks.
They can also be for personalization, referring to those that allow the user to access the service with some predefined features based on certain criteria associated with their own terminal, for example, the type of browser through which they access the service, the regional setting from where they access the service, etc.
Similarly, they may have a statistical or informative purpose for the publisher about the specific use that users make of their Platform and the content or services provided through it.
Below is an informative summary table of the specific cookies that BLAW currently uses on the platform:
Cookie: GA1.1.1904911506.1511535049
Ownership: Google Analytics
Expiry: 2020-03-14T15:04:44.000Z
Purpose: Statistical reports on website traffic, total audience, and audience in a specific advertising campaign.
Cookie: Google Adsense
Ownership: Google Adsense
Purpose: Improve and manage the display of advertising to the user, preventing ads that have already been viewed.
Cookie: Google Adwords Remarketing (Google Inc)
Ownership: Google Adwords Remarketing (Google Inc)
Purpose: Display personalized ads based on user behavior or preferences and improve advertising campaigns.
Cookie: Google Adwords Remarketing (Google Inc)
Ownership: Google Adwords Remarketing (Google Inc)
Purpose: Customize advertising campaigns and display ads that fit user preferences.
7.5. Who Uses Cookies?
The information collected through cookies served on the Platform can be used both by its owner and by a third party providing a service to this owner.
7.6. Management and Configuration of Cookies
Based on the information provided in this policy, we offer guidance on how you can manage cookies used on the Platform through the various options provided by the most common browsers.
You can manage the use of cookies, including blocking them, which will depend on the browser installed on your computer. You can learn more about how to manage them by clicking on the following links:
Google Chrome | Mozilla Firefox | Microsoft Internet Explorer | Safari
8 | VALIDITY AND AMENDMENT OF THE PRIVACY AND COOKIE POLICY
This policy has been in effect since [day] of [month] of 2024. BLAW reserves the right to modify this policy to adapt it to future legislative, doctrinal, or jurisprudential developments that may apply, or for technical, operational, commercial, corporate, and business reasons, providing prior and reasonable notice to users of any changes when possible.
In any case, it is recommended that each time you access this Platform, you carefully read this policy, as any modification will be published through it. Additionally, BLAW may inform users personally and in advance of the projected changes to this policy before they take effect, whenever it is technically and reasonably possible, especially when these users are registered or considered clients of Cliente Soc.
9 | LEGAL CONTACT
Protecting your rights is important to BLAW, so if you have any questions or suggestions regarding this policy, please do not hesitate to contact us via email at: info@blaw.es
10 | JURISDICTION AND APPLICABLE LAW
In general, any dispute or conflict will be preferably submitted by the parties to their knowledge for the purpose of seeking a friendly and mutually agreed-upon solution. BLAW will use the legal contact channel (or data protection officer, if appointed) described in section 9 of this policy for these purposes. If a friendly solution is not possible, considering the criteria outlined in the GDPR for determining the jurisdiction of the lead or main authority in handling any conflict, dispute, or claim related to this privacy and cookie policy, at least at the administrative level, it is informed that such authority will be the Spanish Data Protection Agency (AEPD), and it should comply with the provisions of Article 56 of the GDPR. Regarding the right to effective judicial protection against BLAW in these cases, the provisions of Article 79.2 of the GDPR will also apply. The corresponding action must be taken before the Spanish Judges and Courts since BLAW is a company based in Spain. In any case, the applicable law will be Spanish law.