Privacy Policy

In compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR) and Spanish Organic Law 3/2018, of 5 December, on the Protection of Personal Data and the Guarantee of Digital Rights (LOPDGDD), we hereby inform you about the processing of your personal data.

1. Data controller

• Owner: BLOOMING DUNES MARKETING – FZCO
• License No.: 64254
• Address: IFZA Business Park, Dubai Silicon Oasis, UAE
• Email: [email protected]
• Phone: +971 585 838 020

2. Personal data we process

Depending on the user's interaction with the website, we may process the following categories of data:

• Browsing data: IP address, browser type, operating system, pages visited, time spent and other technical data collected through cookies (subject to prior consent).
• Contact data: name, email address and any information the user voluntarily provides through contact or subscription forms.

3. Purposes of processing

Personal data is processed for the following purposes:

• Managing user navigation and ensuring the proper functioning of the website.
• Handling queries and requests sent through contact channels.
• Sending commercial communications and newsletters, only if the user has given their express consent.
• Producing usage statistics of the website in aggregated and anonymized form, or identifiably when the user has consented to analytical cookies.
• Complying with applicable legal obligations.

4. Legal basis for processing

The legal basis for processing your data depends on each purpose:

• Consent of the data subject (Art. 6.1.a GDPR): for sending commercial communications, newsletter subscription, and the use of analytical or marketing cookies.
• Legitimate interest of the controller (Art. 6.1.f GDPR): for the technical operation of the website and the prevention of fraud.
• Performance of a contract or pre-contractual measures (Art. 6.1.b GDPR): when the user requests information or contracts a service.
• Compliance with a legal obligation (Art. 6.1.c GDPR): when required by applicable law.

5. Retention period

Personal data will be retained for the time necessary to fulfil the purpose for which it was collected:

• Contact data and queries: retained for the duration of the relationship with the user and for the legally established period of limitation (maximum 5 years).
• Newsletter subscription data: until the user withdraws consent.
• Browsing data (cookies): according to the periods set out in the Cookie Policy.

6. Recipients of the data

Personal data may be communicated to:

• Technology service providers (hosting, email marketing, web analytics) acting as data processors under the contractual guarantees required by the GDPR.
• Public authorities and competent bodies when required by law.

Data will not be transferred to third parties for their own commercial purposes without the user's express consent.

7. International transfers

The data controller is based in the United Arab Emirates. To the extent that some service providers may be located outside the European Economic Area, international transfers of data will be carried out with the appropriate safeguards provided for in the GDPR:

• European Commission adequacy decisions.
• Standard contractual clauses approved by the European Commission.
• Other transfer mechanisms recognized by the GDPR.

You may request information about the specific safeguards applied by writing to [email protected].

8. User rights

Under the GDPR and the LOPDGDD, you have the right to:

• Access: know whether we process your data and obtain a copy of it.
• Rectification: request the correction of inaccurate or incomplete data.
• Erasure: request the deletion of your data when it is no longer needed for the purpose for which it was collected.
• Objection: object to the processing of your data for reasons related to your particular situation.
• Restriction: request the restriction of processing in the cases provided for by law.
• Portability: receive your data in a structured, commonly used and machine-readable format.
• Withdrawal of consent: withdraw consent at any time, without affecting the lawfulness of previous processing.

To exercise these rights, you may contact [email protected], stating your identity and the right you wish to exercise.

You are also informed of your right to lodge a complaint with the Spanish Data Protection Agency (www.aepd.es) if you believe that the processing of your data does not comply with current regulations.

9. Minors

This website is not aimed at children under 14 years of age. We do not knowingly collect personal data from minors of this age. If you become aware that a minor has provided personal data without the consent of their parents or guardians, please notify us at [email protected] so that we may proceed with its deletion.

10. Commercial communications

In accordance with the LSSI-CE, advertising or commercial communications will not be sent by email or other equivalent electronic means without the prior consent of the recipient, except in cases expressly provided for by law.

The user may at any time withdraw their consent to receive commercial communications using the unsubscribe link included in each communication or by writing to [email protected].

11. Security measures

The data controller has adopted the technical and organizational measures necessary to guarantee the security of personal data and prevent its alteration, loss, unauthorized processing or access, taking into account the state of the art, the nature of the data stored and the risks to which it is exposed.

12. Modifications

This privacy policy may be updated periodically to reflect changes in our data processing practices or in applicable legislation. We recommend that you review this page regularly. The date of last update is indicated at the beginning of the document.