PRIVACY POLICY

I. PRIVACY POLICY AND DATA PROTECTION

In accordance with current legislation, Diez Studio (hereinafter also referred to as the “Website”) is committed to adopting the necessary technical and organisational measures according to the security level appropriate to the risk of the data collected.

Laws included in this privacy policy

This privacy policy is adapted to the current Spanish and European regulations on the protection of personal data on the internet. Specifically, it complies with the following rules:

  • Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR).
  • Organic Law 3/2018 of 5 December, on the Protection of Personal Data and the guarantee of digital rights (LOPD-GDD).
  • Royal Decree 1720/2007 of 21 December, which approves the Regulation for the development of Organic Law 15/1999 of 13 December, on the Protection of Personal Data (RDLOPD).
  • Law 34/2002 of 11 July, on Information Society Services and Electronic Commerce (LSSI-CE).

Identity of the personal data controller

The data controller for the personal data collected at Diez Studio is: Alberto Diez Fernandez, holder of NIF: 71943771R and registered in: with the following registration details: , whose representative is: Diez Studio (hereinafter referred to as the “Data Controller”). The contact details are as follows:

Address: Calle Antonio Maura, 5 1ºD 34001 Palencia
Email: alberto@diez.studio

Personal Data Registry

In compliance with the provisions of the GDPR and LOPD-GDD, we inform you that the personal data collected by Diez Studio through forms on its pages will be incorporated and processed in our files to facilitate, streamline and fulfil the commitments established between Diez Studio and the User or to maintain the relationship established in the forms completed by the User, or to address a request or inquiry from the User. Also, in accordance with the provisions of the GDPR and LOPD-GDD, unless the exception under article 30.5 of the GDPR applies, a record of processing activities is maintained, specifying, according to its purposes, the processing activities carried out and other circumstances established in the GDPR.

Principles applicable to the processing of personal data

The processing of the User’s personal data will be subject to the following principles set out in article 5 of the GDPR and articles 4 and onwards of Organic Law 3/2018 of 5 December, on the Protection of Personal Data and the Guarantee of Digital Rights:

  • Lawfulness, fairness, and transparency: The User’s consent will always be required with complete transparency regarding the purposes for which personal data is collected.
  • Purpose limitation: Personal data will be collected for specified, legitimate, and explicit purposes.
  • Data minimisation: Only the personal data strictly necessary for the purposes of the processing will be collected.
  • Accuracy: Personal data must be accurate and kept up to date.
  • Storage limitation: Personal data will be kept in a form that allows identification of the User for no longer than is necessary for the purposes of processing.
  • Integrity and confidentiality: Personal data will be processed in a manner that ensures security and confidentiality.
  • Accountability: The Data Controller will ensure that the above principles are followed.

Categories of personal data

The categories of data processed at Diez Studio are limited to identifying data. In no case are special categories of personal data processed as defined in article 9 of the GDPR.

Legal basis for the processing of personal data

The legal basis for the processing of personal data is consent. Diez Studio commits to obtaining the User’s explicit and verifiable consent for the processing of their personal data for one or more specific purposes.

The User has the right to withdraw their consent at any time. Withdrawing consent will be as easy as giving it. As a general rule, the withdrawal of consent will not affect the use of the Website.

When the User is required to provide data through forms to make inquiries, request information, or for purposes related to the Website content, they will be informed if any of the fields are mandatory as they are necessary for the correct processing of the operation.

Purposes for the processing of personal data

Personal data is collected and managed by Diez Studio to facilitate, streamline, and fulfil the commitments established between the Website and the User or to maintain the relationship established in the forms filled out by the User, or to address a request or inquiry.

Additionally, the data may be used for commercial purposes such as personalisation, operations, and statistical analysis, as well as for marketing studies, in order to adapt the Content offered to the User and improve the quality, operation, and navigation of the Website.

At the time of data collection, the User will be informed about the specific purposes for which their personal data will be processed.

Retention periods of personal data

Personal data will only be retained for the minimum time necessary for the purposes of the processing and, in any case, for the following period: , or until the User requests its deletion.

At the time of data collection, the User will be informed about the retention period for their personal data or, when not possible, the criteria used to determine this period.

Recipients of personal data

The User’s personal data will not be shared with third parties.

In any case, when personal data is collected, the User will be informed about the recipients or categories of recipients of the personal data.

Personal data of minors

In accordance with articles 8 of the GDPR and 7 of Organic Law 3/2018 of 5 December, on the Protection of Personal Data and the Guarantee of Digital Rights, only those over 14 years old can give consent for the lawful processing of their personal data by Diez Studio. In the case of a minor under 14 years old, parental or guardian consent is required, and such consent will only be considered lawful if authorised by the parents or guardians.

Confidentiality and security of personal data

Diez Studio is committed to adopting the necessary technical and organisational measures, in accordance with the security level appropriate to the risk of the data collected, to ensure the security of personal data and prevent accidental or unlawful destruction, loss, alteration, unauthorised communication or access to such data.

The Website is equipped with an SSL (Secure Socket Layer) certificate, ensuring that personal data is transmitted securely and confidentially, as the transmission of data between the server and the User is fully encrypted.

However, since Diez Studio cannot guarantee the invulnerability of the internet or the complete absence of hackers or others who may fraudulently access personal data, the Data Controller is committed to notifying the User without undue delay when a personal data breach occurs that is likely to result in a high risk to the rights and freedoms of individuals. A personal data breach is understood as any breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access to personal data.

Personal data will be treated as confidential by the Data Controller, who commits to informing and ensuring, by legal or contractual obligation, that this confidentiality is respected by employees, associates, and anyone to whom the information is made accessible.

Rights arising from the processing of personal data

The User has the following rights over their data and may exercise them before the Data Controller:

  • Right of access: The User has the right to obtain confirmation as to whether Diez Studio is processing their personal data and, if so, to obtain information on the specific personal data and processing activities carried out.
  • Right to rectification: The User has the right to have their inaccurate or incomplete personal data corrected.
  • Right to erasure (“right to be forgotten”): The User has the right to request the deletion of their personal data when it is no longer necessary for the purposes for which it was collected or processed, or if they withdraw their consent and there is no other legal basis for processing.
  • Right to restrict processing: The User has the right to limit the processing of their personal data in specific circumstances.
  • Right to data portability: The User has the right to receive their personal data in a structured, commonly used, and machine-readable format and to transmit it to another data controller, if technically possible.
  • Right to object: The User has the right to object to the processing of their personal data or to request its cessation by Diez Studio.
  • Right not to be subject to automated decisions: The User has the right not to be subject to decisions based solely on automated processing, including profiling, unless the law provides otherwise.

The User may exercise their rights by sending a written request to the Data Controller with the reference “GDPR-https://diez.studio/“, specifying:

  • User’s name and surname, and a copy of their ID.
  • Request with the specific reason or information they wish to access.
  • Address for notifications.
  • Date and signature of the requester.
  • Any document proving the request made.

This request and any other attached document can be sent to the following postal address and/or email:

Postal Address: Calle Antonio Maura, 5 1ºD
Email: alberto@diez.studio

Links to third-party websites

The Website may include hyperlinks or links to third-party websites that are not operated by Diez Studio. The owners of such websites have their own privacy policies, and they are responsible for their own files and privacy practices.

Complaints to the supervisory authority

If the User believes there is a problem or breach of applicable law in the way their personal data is being processed, they have the right to seek judicial protection and to file a complaint with a supervisory authority, particularly in the country of their habitual residence, workplace, or place of the alleged infringement. In Spain, the supervisory authority is the Spanish Data Protection Agency (http://www.agpd.es).

II. ACCEPTANCE AND CHANGES TO THIS PRIVACY POLICY

The User must have read and agreed to the conditions on the protection of personal data contained in this Privacy Policy, and must consent to the processing of their personal data for the Data Controller to proceed as outlined, within the specified timeframes and purposes. Use of the Website will imply acceptance of this Privacy Policy.

Diez Studio reserves the right to modify its Privacy Policy at its discretion, or due to a legislative, jurisprudential, or doctrinal change by the Spanish Data Protection Agency. Changes or updates to this Privacy Policy will not be explicitly communicated to the User. It is recommended that the User periodically consult this page to stay informed of the latest changes or updates.

This Privacy Policy was updated to comply with Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016, on the protection of individuals with regard to the processing of personal data and the free movement of such data (GDPR) and Organic Law 3/2018 of 5 December on the Protection of Personal Data and the Guarantee of Digital Rights.

© 2025 diez.studio® Interior Design
Legal notice · Privacy · Cookies