ANDY Logo

Privacy policy and protection of personal datas

The Website/App Owner undertakes to take the necessary technical and organizational measures according to the level of security appropriate to the risk of the data collected.

Laws incorporating this privacy policy
This privacy policy is adapted to the current Andorran and European laws and regulations regarding the protection of personal data on the Internet. Specifically, it respects the following texts and provisions:
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (GDPR) Andorran Law 15/2003, of December 18, qualified as "of protection of the personal data".

Identity of the person responsible for the processing of personal data
The person responsible for processing the personal data collected through the Website/App is the Andorran company "UPRIDER SL" (i.e. the Owner of the Website/App).

Address : CARRER SOLA DEL JAN 19, AD500, ANDORRA LA VELLA
E-mail : [email protected]

Personal Data Registry
In accordance with the provisions of the RGPD and the Andorran law on the protection of personal data, we inform you that the personal data collected by the Owner of the Website/App via the forms on the Website/App will be incorporated and will be processed in our files to be able to facilitate, streamline and comply with the commitments established between the Owner of the Website and the User or the maintenance of the relationship established in the forms that he fills out, or to respond to a request from the User. Likewise, in accordance with the provisions of the RGPD and the Andorran law, unless the exception provided for in Article 30.5 of the RGPD is applicable, a register of processing activities is kept that specifies, according to its purposes, the processing activities carried out and the other circumstances established in the RGPD Regulation.

Principles applicable to the processing of personal data
The processing of the User's personal data will be subject, depending on the User's place of residence, to the following principles set forth in Article 5 of the GDPR or to the principles set forth in the qualified Andorran Personal Data Protection Act:
Principle of legality, fairness and transparency: the User's consent will be required at all times, with fully transparent information on the purposes for which personal data are collected.
Purpose limitation principle: personal data will be collected for specific, explicit and legitimate purposes.
Principle of data minimization: the personal data collected will only be those strictly necessary for the purposes for which they are processed.
Accuracy principle: personal data must be accurate and up-to-date.
Principle of limitation of storage time: personal data will be stored only in such a way as to allow the identification of the User for the time necessary for the purposes of processing.
Principle of integrity and confidentiality: personal data will be treated in such a way as to guarantee their security and confidentiality.
Principle of proactive responsibility: the controller will be responsible for ensuring that the above principles are duly respected.

Categories of personal data
The categories of personal data processed on the Website/App are only identification data. Under no circumstances will special categories of personal data be processed within the meaning of Article 9 of the GDPR.

Legal basis for processing personal data
The legal basis for processing personal data is consent. The Website/App Owner undertakes to obtain the User's express and verifiable consent for the processing of his/her personal data for one or more specific purposes.
The User has the right to withdraw consent at any time. Withdrawing consent will be as easy as providing it. As a general rule, withdrawal of consent will not affect the use of the Website/App.
In cases where the User is required or able to provide data through forms to request information or for reasons related to the content of the Website, the User will be informed of the mandatory nature of providing such personal data.

Purposes of the processing for which the personal data are intended
Personal data are collected and managed by the Site Owner in order to facilitate, streamline and fulfill the commitments established between the Website/App and the User or to maintain the relationship established in the forms that the latter fills out or to respond to a request or query.
Likewise, the data may be used for commercial purposes of personalization, exploitation and statistics, and activities corresponding to the social objective of the Owner of the Website/App, as well as for extraction, data storage and marketing studies to adapt the Content and Services offered to the User, as well as to improve the quality, operation and navigation of the Website/App.
At the time the personal data is obtained, the User will be informed of the specific purpose(s) of the processing for which the personal data will be used; that is, the use(s) that will be given to the information collected.

Retention periods for personal data
Personal data will be kept only for the minimum time necessary for the purposes of processing and, in any case, until the User requests their deletion.
At the time of obtaining the personal data, the User will be informed of the duration of the retention of the personal data or, when this is not possible, of the criteria used to determine this duration.

Recipients of personal data
The User's personal data will not be shared with third parties.
In any case, at the time of obtaining the personal data, the User will be informed of the recipients or categories of recipients of the personal data.

Privacy and security of personal data
The Owner of the Website/App undertakes to take the necessary technical and organizational measures, according to the level of security appropriate to the risk of the data collected, to guarantee the security of the personal data and to prevent the accidental or unlawful destruction, loss or alteration of the personal data transmitted, stored or otherwise processed, or the unauthorized communication of or access to such data.
The Website has an SSL (Secure Socket Layer) certificate which guarantees that personal data is transmitted in a secure and confidential manner and is fully encrypted.
However, because the Owner of the Website/App cannot guarantee the total absence of hackers or other persons fraudulently accessing personal data, the Data Controller undertakes to notify the User, if necessary, without undue delay, of a breach of security of personal data that may pose a high risk to the rights and freedoms of natural persons. In accordance with the provisions of Article 4 of the GDPR, a breach of security of personal data is understood to be a breach of security that causes the accidental or unlawful destruction, loss or alteration of personal data transmitted, stored or processed, or the unauthorized disclosure or access to such data.
Personal data will be treated confidentially by the Data Controller, who undertakes to inform and guarantee by legal or contractual obligation that said confidentiality is respected by its employees, associates and any person who has access to the information.

Rights derived from the processing of personal data
The User, depending on his place of residence, may exercise the following rights before the Data Controller recognized in the RGPD or those set forth in the qualified Andorran Personal Data Protection Act:
Right of access: the User's right to obtain confirmation as to whether or not the Website/App Owner is processing his/her personal data and, if so, to obtain information on his/her specific personal data and the processing that the Website Owner has carried out or is carrying out, as well as, among other things, the information available on the origin of said data and the recipients of the communications carried out or envisaged
Right of rectification: right of the User to modify personal data that may be inaccurate or, given the purposes of the processing, incomplete.
Right of deletion: the User's right, unless otherwise provided for by current legislation, to obtain the deletion of his personal data when they are no longer necessary for the purposes for which they were collected or processed and in particular in the following cases: the User has withdrawn his consent to the processing; the User objects to the processing and there is no other legitimate reason to continue it; the personal data have been processed unlawfully; or the personal data must be deleted in accordance with a legal obligation. 
Right to the limitation of processing: right of the User to limit the processing of his/her personal data. The User has the right to obtain the limitation of processing in the following cases: when he/she disputes the accuracy of his/her personal data; the processing is unlawful; the controller no longer needs the personal data, but the User needs it to make claims; and when the User has objected to the processing.
Right to data portability: in the event that the processing is carried out by automated means, the User will have the right to receive from the Data Controller his personal data in a structured format, of common use and machine readable, and to transmit them to another person in charge of the processing. Whenever technically possible, the Data Processor will transfer the data directly to the other person in charge.
Right to object: the User's right not to have his/her personal data processed or to have his/her data processed by the Owner of the Website/App cease.
Right not to be subject to a decision based solely on automated processing, including profiling: the right of the User not to be subject to an individualized decision based solely on the automated processing of his/her personal data, including profiling, unless otherwise provided for by the applicable law.

Therefore, the User may exercise his/her rights by means of a written communication addressed to the Data Controller specifying:

⇒ Name and surname of the User and a photocopy of his/her identity card. In cases where legal representation is required, a photocopy of the identity card of the legal representative will also be required, as well as the document proving said representation. The photocopy of the identity card can be replaced by any other legal means that can prove the identity of the User.
⇒ Specific reasons for the request.
⇒ Address for notification purposes.
⇒ Date and signature of applicant.
⇒ Any document proving the request made.

This application and any other attached document can be sent to the company UPRIDER, SL at the following address and / or email:

Address: CARRER SOLA DEL JAN 19, AD500, ANDORRA LA VELLA
E-mail: [email protected]

Complaints to the supervisory authority
In the event that the User believes that there is a problem or violation of the laws and regulations in force in the processing of his/her personal data, he/she will have the right to effective judicial protection and the right to file a complaint with a supervisory authority in the State where he/she has his/her habitual residence, place of work or the place of the alleged violation. In the case of Andorra, the supervisory authority is the "Agència Andorrana de Protecció de Dades".

Acceptance and Changes to this Privacy Policy
It is necessary that the User has read and complies with the conditions for the protection of personal data contained in this Privacy Policy, as well as accepting the processing of his/her personal data so that the Data Controller can proceed to process them in the form, during the periods and for the purposes indicated. The use of the Website will imply the acceptance of this Privacy Policy.
The Owner of the Website reserves the right to modify its privacy policy in accordance with its own criteria or motivated by a legislative, jurisprudential or doctrinal change of the "Agència Andorrana de Protecció de Dades". Changes or updates to this Privacy Policy will be explicitly notified to the User.

COOKIE POLICY
Access to this website/app may involve the use of cookies. Cookies are small amounts of information stored in the browser used by each User -on the different devices he/she may use to browse- so that the server remembers certain information that will only be read by the server that implemented them. Cookies facilitate navigation, make it more user-friendly and do not damage the navigation device.
Information collected via cookies may include the date and time of visits to the Website/App, pages viewed, time spent on the Website/App, and sites visited immediately before and after. However, no cookie can contact the User's phone number or other personal contact information. No cookie can extract information from the User's hard drive or steal personal information. The only way User's private information becomes part of the cookie is if User personally gives that information to the server.
Cookies that identify an individual are considered personal data. Therefore, the privacy policy described above will apply to them. In this sense, the consent of the User will be required for their use. This consent will be communicated, on the basis of a genuine choice, given expressly before any treatment.

Own cookies
These are cookies that are sent to the user's computer or device and are managed exclusively by the Owner of the Website/App for the better functioning of the Website/App. The information collected is used to improve the quality of the Website/App and its Content and Service and the User's experience. These cookies allow the User to be recognized as a recurring visitor to the Web Site/App and to adapt the content to offer content in accordance with the User's preferences.

Disable, reject and delete cookies
The User may disable, refuse and delete cookies - in whole or in part - installed on his or her device via his or her browser settings (which include, for example, Chrome, Firefox, Safari, Explorer). In this sense, the procedures for refusing and deleting cookies may differ from one Internet browser to another. Therefore, the User must follow the instructions provided by the Internet browser he/she uses. In the event that the User refuses the use of cookies -in whole or in part-, he/she may continue to use the Website/App, but he/she may be limited in the use of certain features of the Website/App.

Changes in the cookie policy
The Website/App's cookie policy may change or be updated. For this reason, it is recommended that the User review this policy each time he/she accesses the Website/App in order to be properly informed of how and why we use cookies.

INTELLECTUAL AND INDUSTRIAL PROPERTY
The Owner of the Web Site/App is the owner of all the intellectual and industrial property rights made available on the Web Site/App and are protected by the Andorran legal system and the relevant international treaties. Thus, all the content of the Web Site/App and computer programs, software, interface graphics or other elements associated with the Content and/or Services made available on the Web Site and provided by the Web Site/App Owner belong exclusively to the Web Site/App Owner.
Except for the billing to the User for ordering the Service through the App, access to the Website/App stricto sensu is granted free of charge by the Owner of the Website/App to the User. The said license of use does not confer any right on the elements of the Web Site/App protected by an intellectual property right.
All rights reserved: the reproduction, distribution and public communication, including the method of making available, of all or part of the content made available on the Web Site/App for commercial purposes are expressly prohibited, in any medium and by any technical means, without the authorization of the Web Site/App Owner.
In the event that the User or a third party considers that a Service made available on the Web Site/App constitutes an infringement of its intellectual property rights, it must immediately inform the Web Site/App Owner.

APPLICABLE LAW AND JURISDICTION
The Owner of the Website/App reserves the right to initiate any civil or criminal action it deems necessary arising from misuse of the Website/App and/or the Services, or generated by the violation of these Terms.
Only the version written in Catalan will be considered authentic, the versions written in other languages are mere translations.
The relationship between the User and the Owner of the Website/App will be governed by Andorran law. In the event of any dispute concerning the interpretation and/or application of these Conditions, the parties shall submit their disputes to the exclusive jurisdiction of the Batllia of the Principality of Andorra.