I PRIVACY AND DATA PROTECTION POLICY

In compliance with current legislation, Alessandra Selmi (hereinafter also referred to as the Website) undertakes to adopt the necessary technical and organizational measures, according to the appropriate level of security, to safeguard the collected data.

Legislation incorporated in this privacy policy

This privacy policy is adapted to current Spanish and European regulations regarding the protection of personal data on the Internet. Specifically, it complies with the following:

• Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR).
• Organic Law 3/2018, of December 5, on the Protection of Personal Data and the Guarantee of Digital Rights (LOPD-GDD).
• Royal Decree 1720/2007, of December 21, which approves the implementing regulations of Organic Law 15/1999, of December 13, on the Protection of Personal Data (RDLOPD).
• Law 34/2002, of July 11, on Information Society Services and Electronic Commerce (LSSI-CE).

Identity of the personal data controller

The controller of the personal data collected through Alessandra Selmi is: Alessandra Selmi, with NIF: ESZ0818307H(hereinafter, Data Controller). Contact details:

• Address: Calle del Alcalde Sainz de Baranda 43, Madrid
• Phone: +34 687 216 668
• Email: as@alessandraselmi.com

Personal data record

In compliance with the GDPR and the LOPD-GDD, we inform you that personal data collected through forms on the Alessandra Selmi website will be included and processed in our database in order to facilitate, expedite, and fulfill the commitments established between Alessandra Selmi and the user, or to maintain the relationship that may be established through the forms or to respond to a request or inquiry.

Additionally, unless the exception in Article 30.5 of the GDPR applies, a record of processing activities is maintained.

Principles applicable to the processing of personal data

The processing of user data will be governed by the following principles as outlined in Article 5 of the GDPR and Articles 4 and following of Organic Law 3/2018:

1. Lawfulness, fairness, and transparency: Consent must be obtained following full transparency about the purpose.
2. Purpose limitation: Data collected for specified, explicit, and legitimate purposes only.
3. Data minimization: Only data necessary for the purpose will be collected.
4. Accuracy: Data must be accurate and kept up to date.
5. Storage limitation: Data retained only for as long as necessary.
6. Integrity and confidentiality: Data handled securely and confidentially.
7. Accountability: The controller is responsible for ensuring compliance.

Categories of personal data

Alessandra Selmi processes only identifying data. No special categories of personal data are processed under Article 9 of the GDPR.

Note: There is an inconsistency in the original text where it both affirms and denies processing special categories. Clarification may be needed.

If special categories are processed, explicit consent will be required for one or more specific purposes.

Legal basis for processing

The legal basis is the user’s consent. Alessandra Selmi commits to obtaining verifiable and express consent for specific purposes.

Users may withdraw consent at any time without affecting use of the website.

Where data is collected via forms, users will be informed whether completion is mandatory for service provision.

Purpose of processing

Personal data is collected and managed to:

• Fulfill agreements with users,
• Maintain relationships from completed forms,
• Respond to inquiries,
• Carry out personalization, operations, statistics, and marketing studies to adapt the site’s content and improve quality and usability.

The purposes will be clearly stated when the data is collected.

Data retention period

Data will be retained only for the minimum time necessary, or until the user requests its deletion.

The user will be informed of the retention period or the criteria used to determine it.

Recipients of personal data

User data will not be shared with third parties.

If applicable, users will be informed about the recipients or categories of recipients at the time of data collection.

If data is transferred to a third country or international organization, the user will be informed of the destination and adequacy decision.

Children’s data

Only users over 14 can give valid consent. For children under 14, parental or guardian consent is required.

Data confidentiality and security

Alessandra Selmi will adopt technical and organizational measures according to the risk level to guarantee data security and prevent unauthorized access or loss.

The Website uses SSL encryption to ensure secure data transmission.

In case of a security breach likely to pose a high risk to users’ rights and freedoms, users will be promptly notified.

Data is treated as confidential and this obligation extends to employees, partners, and others with access.

User rights

Under the GDPR and Spanish data protection law, users may exercise the following rights:

• Access: Know if data is being processed and obtain details.
• Rectification: Correct inaccurate or incomplete data.
• Erasure (right to be forgotten): Delete data when it is no longer needed or unlawfully processed.
• Restriction: Limit processing under specific conditions.
• Portability: Transfer data to another controller.
• Objection: Oppose data processing.
• Automated decisions: Not be subject to decisions based solely on automated processing.

To exercise rights, users must send a written request to the Data Controller with the reference “GDPR – https://alessandraselmi.com/” including:

• Full name and ID (and proof of representation if applicable),
• Reason for request,
• Notification address,
• Date and signature,
• Supporting documents.

Requests can be sent to:

• Postal address: (as above)
• Email: as@alessandraselmi.com

Third-party websites

The Website may include links to third-party sites not operated by Alessandra Selmi. These parties have their own privacy policies and data handling practices.

Complaints to supervisory authorities

Users can file a complaint with a supervisory authority, especially in their country of residence, workplace, or the place of the alleged infringement. In Spain, the authority is the Spanish Data Protection Agency: https://www.aepd.es/

II ACCEPTANCE AND CHANGES TO THIS PRIVACY POLICY

By using the Website, the user confirms they have read and accepted this privacy policy, including the data processing terms.

Alessandra Selmi may modify this policy to comply with legal changes or based on her own judgment. Changes will not be explicitly communicated, so users are encouraged to review this page regularly.

This privacy policy has been updated to comply with Regulation (EU) 2016/679 and Organic Law 3/2018 on the Protection of Personal Data and Guarantee of Digital Rights.