1. User Information

(__________) as Data Controller informs you that, in accordance with Regulation (EU) 2016/679 of April 27 (GDPR) and Organic Law 3/2018 of December 5 on the Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD), your personal data will be processed as described in this Privacy Policy.

This Privacy Policy explains how we collect your personal data, the reasons for its collection, how it is used, with whom it may be shared, how it is protected, and the options available to you regarding the processing of your personal data.

This Policy applies to the processing of personal data collected by the company for the provision of its services. By accepting the terms of this Policy, you consent to the processing of your personal data as described herein.

2. Company Details and Contact Information

Company name: (__________)

Trade name: VISIONMIRA

VAT number: (__________)

Address: (__________)

Email: vision.mira.org@gmail.com

3. Core Principles

We are committed to delivering our services with the highest standards of quality, which includes ensuring the secure and transparent handling of your personal data. Our data protection practices are based on the following principles:

Lawfulness: Personal data is collected only for specific, explicit, and legitimate purposes.
Data Minimization: We collect only the personal data that is strictly necessary and relevant for the intended purposes.
Purpose Limitation: Personal data is processed solely for the purposes stated and in accordance with your preferences.
Accuracy: We take reasonable steps to ensure that your personal data is accurate and kept up to date.
Data Security: We implement appropriate technical and organizational measures, proportionate to the risks involved, to prevent unauthorized access, disclosure, loss, destruction, alteration, or any unlawful processing of your data.
Access and Rectification: We provide mechanisms that allow you to access and correct your personal data whenever necessary.
Retention: Personal data is retained lawfully and only for the time required to fulfill the purposes for which it was collected.
International Transfers: Where personal data is transferred outside the EU/EEA, appropriate safeguards are applied to ensure adequate protection.
Third-Party Access: Personal data is shared with third parties only in compliance with applicable laws and with appropriate contractual guarantees.
Direct Marketing and Cookies: We comply with all applicable regulations concerning advertising communications and the use of cookies.

4. Collection and Processing of Personal Data

The categories of personal data that may be collected and processed include:

Identification data
Health-related data
Other personal data necessary for participation in specific activities

We also automatically collect information regarding your visit to our website, as described in our Cookie Policy.

Whenever we request your personal data, you will be clearly informed about what data is being collected and the purpose of its collection. In general, your personal data is collected and processed for the following purposes:

A. To determine your eligibility to participate in the activities we organize.
B. To provide information, services, products, and relevant updates related to our sector.
C. To send communications.
D. To personalize our services according to your individual circumstances.

5. Legal Basis for Processing

In accordance with applicable data protection regulations, your personal data may be processed when:

You have given your consent for one or more specific purposes (which you may withdraw at any time).
Processing is required to comply with a legal obligation.
Processing is based on a legitimate interest that does not override your privacy rights, such as sending commercial information when you subscribe to our newsletter or are a member.
Processing is necessary for the performance of a contract or for the provision of services requested by you.

6. Communication of Personal Data

Your data may be shared with companies related to (__________) that provide services as data processors. Personal data will not be transferred to other parties except where required by law.

7. Your Rights

Regarding the collection and processing of your personal data, you may contact us at any time to exercise the following rights:

Access your personal data and obtain the information specified in Article 15.1 of the GDPR.
Rectify inaccurate or incomplete personal data in accordance with Article 16 of the GDPR.
Request the deletion of your personal data in accordance with Article 17 of the GDPR.
Request the restriction of processing of your personal data in accordance with Article 18 of the GDPR.
Request data portability in accordance with Article 20 of the GDPR.
Object to the processing of your personal data in accordance with Article 21 of the GDPR.

If you have given consent for a specific purpose, you may withdraw it at any time without affecting the lawfulness of processing carried out prior to withdrawal.

You may exercise your rights by sending a duly justified and verified request to vision.mira.org@gmail.com.

You also have the right to lodge a complaint with the competent supervisory authority if you believe that the processing of your personal data does not comply with applicable regulations.

8. Legal Notice

The provisions of this Policy supplement, and do not replace, any other requirements established by applicable data protection laws, which shall prevail where applicable.

This Policy is subject to periodic review and may be modified by the Company at any time. When changes occur, you will be notified and asked to review the updated version and confirm your acceptance.

If you want, I can also help you make it more legally robust (Spanish/EU compliance style), simplify it into plain language, or standardize it with your previous Terms & Conditions text.