Privacy  Policy

​

Respecting the provisions of current legislation, Neuroeducación Consciente (hereinafter, also the Website) undertakes to adopt the necessary technical and organizational measures, in accordance with the appropriate level of security to the risk of the data collected.

​

Laws that incorporate this privacy policy

​

This privacy policy is adapted to current Spanish and European regulations on the protection of personal data on the Internet. Specifically, it complies with the following regulations:

• Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR).

• Organic Law 3/2018 of 5 December on the Protection of Personal Data and guarantee of digital rights (LOPD-GDD).

• Royal Decree 1720/2007 of 21 December, approving the Regulation implementing Organic Law 15/1999 of 13 December on the Protection of Personal Data (RDLOPD).

• Law 34/2002 of 11 July on Information Society Services and Electronic Commerce (LSSI-CE).

​

​

Identity of the data controller

​

The controller of personal data collected on Neuroeducación Consciente is: Rosa Mª Portillo Martínez. She transparently determines her responsibility in fulfilling the obligations imposed by the GDPR. In accordance with Article 26 of the GDPR, the essential aspects of this agreement will be made available to the User at the following link: www.neuroeducacionconsciente/acuerdo.

Contact details:

• Rosa María Portillo Martínez

• Contact email: rosa.portillo@neuroeducacionconsciente.com

​

Register of personal data

​

In compliance with the provisions of the GDPR and the LOPD-GDD, we inform you that the personal data collected by Neuroeducación Consciente through the forms provided on its pages will be incorporated into and processed in our files in order to facilitate, streamline, and fulfill the commitments established between Neuroeducación Consciente and the User, or to maintain the relationship established in the forms completed, or to respond to a request or inquiry.

Furthermore, in accordance with the provisions of the GDPR and the LOPD-GDD, unless the exception provided for in Article 30.5 of the GDPR applies, a record of processing activities is maintained which specifies, according to its purposes, the processing activities carried out and other circumstances established in the GDPR.

​

Principles applicable to the processing of personal data

​

The processing of the User’s personal data will be subject to the following principles set out in Article 5 of the GDPR and Article 4 et seq. of Organic Law 3/2018, of 5 December:

• Principle of lawfulness, fairness and transparency: User consent will be required at all times, following full transparency on the purposes for which personal data are collected.

• Principle of purpose limitation: personal data will be collected for specific, explicit, and legitimate purposes.

• Principle of data minimization: personal data collected will be only that which is strictly necessary for the purposes for which they are processed.

• Principle of accuracy: personal data must be accurate and always kept up to date.

• Principle of storage limitation: personal data will be kept only for the time necessary for the purposes of their processing.

• Principle of integrity and confidentiality: personal data will be processed in a manner that ensures security and confidentiality.

• Principle of proactive responsibility: the data controller will be responsible for ensuring compliance with the above principles.

​

Categories of personal data

​

The categories of data processed on Neuroeducación Consciente are identification data only. No special categories of personal data are processed within the meaning of Article 9 of the GDPR.

​

Legal basis for processing personal data

​

The legal basis for processing personal data is consent. Neuroeducación Consciente undertakes to obtain the express and verifiable consent of the User for the processing of their personal data for one or more specific purposes.

The User has the right to withdraw consent at any time. Withdrawal of consent will be as easy as granting it, and as a general rule, it will not condition the use of the Website.

​

Purposes of processing personal data

​

Personal data will only be used to process purchases available on the Website and to keep clients informed about activities, training, or materials developed by Neuroeducación Consciente. The Website may collect personal information such as: name, contact information (such as email address), and demographic information.

The Website uses this information to provide the best possible service, particularly to keep track of users (where applicable), and to improve our products and services. Emails may be sent periodically through the Website with special offers, new products, and other advertising information deemed relevant or beneficial. These emails will be sent to the address provided and may be cancelled at any time.

Neuroeducación Consciente is strongly committed to keeping your information secure and uses advanced systems, updated regularly, to prevent unauthorized access.

​

Retention period for personal data

​

Personal data will only be retained for the minimum time necessary for the purposes of processing, and in any case for no longer than 1 month, or until the User requests its deletion.

​

Recipients of personal data

​

The User’s personal data will not be shared with third parties. Where data is collected, the User will be informed of the recipients or categories of recipients of the personal data.

Personal data of minors

In compliance with Articles 8 of the GDPR and 7 of Organic Law 3/2018, only those over the age of 14 may legally consent to the processing of their personal data by Neuroeducación Consciente. If the User is under 14 years of age, parental or guardian consent is required.

​

Cookies

​

The Website uses cookies to identify visited pages and frequency. This information is used solely for statistical analysis and is then permanently deleted. Users may delete cookies at any time.

Cookies enhance web service but do not provide access to the User’s computer or personal information unless provided voluntarily. Users can accept or reject cookies; however, most browsers accept them automatically. Rejection may limit access to certain services.

​

Confidentiality and security of personal data

​

Neuroeducación Consciente undertakes to adopt the necessary technical and organizational measures to guarantee the security of personal data and prevent their alteration, loss, unauthorized processing, or access. The Website has an SSL certificate to ensure secure transmission of data.

However, due to the nature of the Internet, Neuroeducación Consciente cannot guarantee absolute protection against unauthorized access. In case of a data breach likely to entail a high risk for the rights and freedoms of natural persons, the User will be notified without undue delay.

​

Rights arising from the processing of personal data

​

The User may exercise the following rights recognized in the GDPR and Organic Law 3/2018:

• Right of access

• Right of rectification

• Right of erasure (“right to be forgotten”)

• Right to restriction of processing

• Right to data portability

• Right to object

• Right not to be subject to automated decision-making, including profiling

To exercise these rights, Users must send a written request to the Data Controller with the reference “GDPR-www.neuroeducacionconsciente.com,” including:

1. Full name and copy of ID (DNI or equivalent).

2. Specific request and reasons.

3. Address for notifications.

4. Date and signature.

5. Any supporting documents.

Requests may be sent to the following email: rosa.portillo@neuroeducacionconsciente.com

​

Complaints to the supervisory authority

​

If the User believes their data protection rights have been violated, they are entitled to effective judicial protection and may file a complaint with the supervisory authority of their habitual residence, place of work, or place of the alleged infringement.

In Spain, the supervisory authority is the Spanish Data Protection Agency (Agencia Española de Protección de Datos – AEPD): http://www.agpd.es