PRIVACY POLICY

User Information

Who is the data controller of your personal data?

The "MENTAL POINT" program is offered by Marcia Mainetti (hereinafter, "MENTAL POINT"), located at Floridablanca 102, 2-1, 08015 Barcelona (Spain). MENTAL POINT is the CONTROLLER of the USER's personal data and informs you that these data will be processed in accordance with the provisions of Regulation (EU) 2016/679, of April 27 (GDPR), and Organic Law 3/2018, of December 5 (LOPDGDD).

For what purpose do we process your personal data?

To maintain a business relationship with the user. The operations planned to carry out the processing are:

  • Managing the purchase of the service and user registration/cancellation.

  • Providing the contracted services, including the transfer of data to providers to supply the contracted services, and the outsourcing of personal coach services.

  • Compliance with any legal obligation to supply information to the competent administration.

  • Exchange of information with business partners for the fulfillment of supervision, registration, and centralized management of IT resources obligations.

  • Conducting market research and statistical analysis.

  • Processing orders, requests, responding to queries, or any type of request made by the USER through any of the contact forms made available on the CONTROLLER's website.

  • With USER consent: Sending commercial advertising communications by email, fax, SMS, MMS, social networks, or any other electronic or physical means, present or future, that makes commercial communications possible. These communications will be made by the CONTROLLER and will be related to their products and services, or those of their collaborators or suppliers with whom a promotion agreement has been reached. In this case, third parties will never have access to personal data.

Why are we allowed to process your personal data?

Because the processing is legitimized by Article 6 of the GDPR as follows:

  • Contract execution: all processing related to the provision of the contracted service.

  • With USER consent: sending commercial communications.

  • By LEGITIMATE INTEREST of the CONTROLLER: conducting market research, statistical analysis, etc., and processing orders, requests, etc., at the request of the USER.

How long will we keep your personal data?

We will keep personal data for the time necessary to fulfill the purposes for which they were collected. Once the contractual relationship has ended, we will not keep your data for more than 90 days to process its deletion, unless a longer retention period is required due to legal obligations.

To whom do we provide your personal data?

We communicate personal data to other recipients whenever necessary for the fulfillment of our contractual obligations.

Likewise, we may communicate data to our business partners for the fulfillment of obligations regarding supervision, registration, and centralized management of IT resources.

With all of them, the CONTROLLER has signed the confidentiality and data processor agreements required by current regulations.

What are your rights?

The rights assisting the USER are:

  • Right to withdraw consent at any time.

  • Right of access, rectification, portability, and deletion of their data, and of limitation or opposition to its processing.

  • Right to file a complaint with the supervisory authority (www.aepd.es) if they consider that the processing does not comply with current regulations.

Contact details to exercise your rights:

Marcia Mainetti, located at Floridablanca 102, 2-1, 08015 Barcelona (Spain). E-mail: mar@thementalpoint.com

Mandatory or optional nature of the information provided by the user

USERS, by marking the corresponding boxes and entering data in the fields marked with an asterisk (*) in the contact form or presented in download forms, expressly and freely and unequivocally accept that their data is necessary to meet their request by the provider, the inclusion of data in the remaining fields being voluntary. The USER guarantees that the personal data provided to the CONTROLLER are truthful and is responsible for communicating any modification thereof. The CONTROLLER informs that all data requested through the website are mandatory, as they are necessary for the provision of an optimal service to the USER. In the event that not all data is provided, it is not guaranteed that the information and services provided will be completely adjusted to their needs.

Processing of Health Data

Within the framework of the mental training and nutrition services provided, the CONTROLLER may collect and process sensitive personal data, such as information related to health status, eating habits, physical condition, body parameters, or other data necessary for the personalization of the contracted services.

The processing of this special category of data is carried out solely with the prior, free, express, and informed consent of the holder.

Sensitive data will be used exclusively for purposes linked to the provision, monitoring, and improvement of the services offered, and will be treated under strict conditions of confidentiality and security, applying appropriate technical and organizational measures to prevent unauthorized access, use, or disclosure.

The data subject may exercise their rights of access, rectification, update, or deletion at any time, in accordance with the procedures detailed in this policy.

Security Measures

That in accordance with the provisions of current regulations on personal data protection, the CONTROLLER is complying with all provisions of the GDPR and LOPDGDD regulations for the processing of personal data under their responsibility, and manifestly with the principles described in Article 5 of the GDPR, by which they are treated in a lawful, fair, and transparent manner in relation to the data subject and adequate, relevant, and limited to what is necessary in relation to the purposes for which they are treated.

The CONTROLLER guarantees that they have implemented appropriate technical and organizational policies to apply the security measures established by the GDPR and the LOPDGDD in order to protect the rights and freedoms of the USERS and has communicated the appropriate information so that they can exercise them.

For more information about privacy guarantees, you can contact the CONTROLLER through Marcia Mainetti, located at Floridablanca 102, 2-1, 08015 Barcelona (Spain). E-mail: mar@thementalpoint.com