SHINE MUSIC SCHOOL adheres to stringent standards and policies in the treatment of your personal data. To this end, we implement the requirements set out in the General Data Protection Regulation of the European Union (“GDPR”) as well as any other applicable legal provisions.
Therefore, SHINE MUSIC SCHOOL respects your privacy and that of your personal data. We strive to ensure that your personal data is protected by adopting technical and organizational security measures that meet current security standards.
Who is responsible for your data?
Owner: ESTUDIO SHINE SL (SHINE MUSIC SCHOOL)
Registered office: Carrer del Montseny, 3, local 1, Barcelona, 08012
Tax Identification Number (CIF): B65401473
Phone: +34 931 25 75 69
Data Protection Delegate or Security Manager: CONVERSIA
Delegate’s Email for Data Protection: firstname.lastname@example.org
Delegate’s Phone for Data Protection: 902877192
- PURPOSE OF DATA PROCESSING AND CATEGORIES OF DATA PROCESSED
For what purpose and how long will we process your personal data? SHINE MUSIC SCHOOL will process your data as a user, manually and/or automatically, for the following specific purposes:
-Maintenance of your user status,
-Management of the website users,
-Addressing inquiries made through the website,
-Billing management and communication with customers,
-Coordination of classes, concerts, combos, exams, as well as communication with teachers and school staff,
-Periodic sending of useful or interesting information or communications related to services, articles, activities, news, events organized by SHINE MUSIC SCHOOL, published in social media, as well as the periodic postal and/or electronic dispatch of advertising information unless otherwise indicated or the user objects or withdraws their consent,
-Compliance with legally established obligations, as well as verifying compliance with contractual obligations, including fraud prevention.
-Exams and marketing, in the case of recording of audio and images.
What categories of data do we process? Considering the aforementioned purposes, SHINE MUSIC SCHOOL processes the following categories of data: Identifying data: name, surname, company name, postal address, email address, postal code, phone, IBAN account number, credit card data.
The user guarantees that the data provided is true, accurate, complete, and up-to-date, being responsible for any direct or indirect damage or harm that could result from the breach of such an obligation.
If the user provides third-party data, they declare to have their consent and undertake to relay the information contained in this clause to them, exempting SHINE MUSIC SCHOOL from any responsibility in this regard. However, SHINE MUSIC SCHOOL may conduct verifications to ascertain this fact, adopting the necessary due diligence measures in accordance with data protection regulations.
When personal data is collected through the form, it will be necessary for you to provide, at least, those marked with an asterisk. If these necessary data are not provided, SHINE MUSIC SCHOOL will not be able to accept and manage the web service or inquiry made.
How long do we keep your data? SHINE MUSIC SCHOOL will retain users’ personal data only for the time necessary to achieve the purposes for which they were collected, as long as consents are not withdrawn. Subsequently, if necessary, the information will be blocked for the legally established periods. Data will also be retained as long as there is a relationship of interest between the concerned party and SHINE MUSIC SCHOOL, and for the legally or contractually prescribed periods for the exercise of any action or claim available to the concerned party or SHINE MUSIC SCHOOL.
For data provided concerning job application offers one wishes to join, they will be kept for one year from the last update date. After this period, if they have not been updated, the data will be deleted unless otherwise indicated.
What security measures do we implement to protect your data? From SHINE MUSIC SCHOOL’s commitment to personal data protection and user privacy, we will undertake necessary technical security measures to prevent its loss, manipulation, dissemination, or alteration.
SHINE MUSIC SCHOOL will process your Data in accordance with security requirements applicable to data processing pursuant to Art. 32 GDPR.
For this purpose, we have extensive technical and organizational protective measures that comply with internationally recognized computer standards and are regularly reviewed.
Thus, we ensure that your Data is adequately protected at all times against misuse or any other form of prohibited processing.
SHINE MUSIC SCHOOL adopts security levels required by the Data Protection Regulation approved by the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND COUNCIL of April 27, 2016, regarding the protection of individuals concerning the processing of personal data and the free movement of such data and repealing Directive 95/46/EC (GDPR). It has implemented appropriate technical and organizational measures to ensure a level of security commensurate with the risk arising from the processing of personal data, such as the destruction, loss, or accidental or unlawful alteration of personal data transmitted, stored, or otherwise processed, or unauthorized communication or access to such data, particularly likely to cause physical, material, or non-material damage and harm. However, security measures on the Internet are not impregnable and may be subject to breaches due to malicious actions of third parties.
SHINE MUSIC SCHOOL will block data when they are no longer necessary or relevant for the purpose for which they have been collected, in accordance with provisions in data protection legislation. However, it may continue to use the data for the purposes of sending commercial communications as indicated above as long as the user does not revoke the given consent.
In the data collection forms that SHINE MUSIC SCHOOL may establish at any given time, fields marked with an asterisk or “required” will be mandatory. Therefore, if the user does not provide the corresponding data, SHINE MUSIC SCHOOL may deny the respective service.
- USE OF IMAGE, VIDEO AND AUDIO
In accordance with Law 1/1982, of May 5, on the right to honor, personal and family privacy, and one’s own image, we request your consent to use the images, video and audio captured or provided, whether through photographic cameras, video, or other means, for MARKETING purposes.
These images may be used on various platforms and media related to the commercial activity of ESTUDIO SHINE SL, including but not limited to, websites, social networks, printed and digital publications, among others. The use of these images will always be for promotional, informational, or advertising purposes related to ESTUDIO SHINE SL, without this implying additional remuneration or compensation for the client.
I DO AUTHORIZE the processing and use of the images for MARKETING purposes.
- DATA COMMUNICATIONS
To whom will your data be communicated?
SHINE MUSIC SCHOOL will share your Data with third parties for the purposes specified in this Data Protection Information Note.
When communicating your Data, we will always take appropriate measures to ensure that your Data is treated, protected, and communicated in accordance with applicable legal obligations.
In general, your personal Data remains at the headquarters of SHINE MUSIC SCHOOL as much as possible.
In this regard, we also respect the principle of data minimization.
SHINE MUSIC SCHOOL may also share your Data with other third parties, such as external service providers or IT service providers, CRM, external consultants or collaborating partners for the purposes set out in this Policy or within the framework of any other legal information or reporting duty.
SHINE MUSIC SCHOOL will ensure that these third parties comply with their respective confidentiality obligations.
To ensure compliance with the requirements under data protection regulations, SHINE MUSIC SCHOOL will sign agreements with all those third parties with whom they share your Data.
Additionally, we inform you that certain data, within the framework of current regulations or the contractual relationship you may have with SHINE MUSIC SCHOOL, may be communicated to:
- Public administrations with competence in the sectors of activity of SHINE MUSIC SCHOOL, as established by current regulations.
- State Security Forces and Bodies and judicial authorities as provided for by law.
- Banks and financial entities in the case of charging for the services offered.
- LEGITIMIZATION IN TREATMENT
What is the legitimacy for processing your data?
Personal data means all information about an identified or identifiable physical person (“Data”).
You as a user give your consent for SHINE MUSIC SCHOOL to process the personal data you provide when submitting a form or sending an email, with these data being collected necessary for the maintenance and fulfillment of such relationship.
As indicated in this form available to the user, the purpose of the processing is the management of requests and inquiries made by you as a user contact, as well as the sending of commercial and advertising communications about the general activities of SHINE MUSIC SCHOOL, news of interest about SHINE MUSIC SCHOOL activities through social networks and web, press releases about SHINE MUSIC SCHOOL published in social media, administrative management, and training courses.
- YOUR RIGHTS AS AN INTERESTED PARTY AND YOUR RIGHT TO LODGE A COMPLAINT BEFORE THE CONTROL AUTHORITY
As a user/interested party affected by the processing, you can exercise certain rights in relation to us according to the RGDP and other applicable data protection regulations through our information or contact service whose details are indicated in section 9 of this document. The following section provides an explanation of the rights you have as an interested party under the RGDP.
7.1 Rights of users/interested parties
As an interested party, you specifically have the right to exercise the following rights under the RGDP against ESCUELA DE MÚSICA SHINE:
Right of access (art. 15 RGDP): At any time, you can request that we provide you with information about your Data that we have stored. This information refers, among other things, to the data categories we process, the purposes of processing, the source of the Data if we did not collect it directly from you, and the recipients to whom we may have communicated your Data, if applicable. You can receive a free copy of the Data that is the subject of the contract. If you wish to obtain additional copies, we reserve the right to charge you a fee for them.
Right to rectification (art. 16 RGDP): You can request the correction of your Data. We will take the appropriate measures to ensure that your Data, which we continuously store and process, is accurate, complete, current, and appropriate based on the most recent information you provide to us.
Right to erasure (art. 17 RGDP): You can request the deletion of your Data, as long as the applicable legal requirements are met. For instance, according to art. 17 RGDP this may be the case when:
The Data is no longer necessary for the purposes for which they were collected or processed.
You withdraw the consent upon which the processing is based, and there is no other legal ground for processing.
You object to the processing of your Data and there are no other legitimate grounds for processing, or you object to the processing for direct marketing purposes.
The Data has been unlawfully processed, unless the processing is necessary:
For the fulfillment of a legal obligation requiring the processing of your Data.
For the establishment, exercise, or defense of legal claims.
Right to restriction of processing (art. 18 RGDP): You can obtain the restriction of the processing of your Data if:
You contest the accuracy of the Data, for a period that allows us to verify the accuracy of the Data.
The processing is unlawful, and you oppose the erasure of your Data and request the restriction of its use instead.
We no longer need your Data, but you require them for the establishment, exercise, or defense of legal claims.
You have objected to the processing, pending the verification of whether our legitimate grounds override yours.
Right to data portability (art. 20 RGDP): Upon your request, we will transmit your Data to another data controller, as far as technically possible. However, you will only have this right if the processing is based on your consent. Instead of receiving a copy of your Data, you can also request that we transmit it directly to another data controller that you indicate to us.
7.2 Right to object (art. 21 RGDP):
You can object at any time, for reasons related to your particular situation, to the processing of your Data, if the processing is based on your consent or on our legitimate interest or that of a third party. In this case, we will no longer process your Data unless we demonstrate compelling legitimate grounds for the processing that override your interests or if we need your Data for the establishment, exercise, or defense of legal claims or suggestions.
7.3 Deadline for addressing the rights of interested parties
At ESCUELA DE MÚSICA SHINE, we always try to respond to your requests within 30 days. However, this period may be extended for reasons related to the specific right in question or the complexity of your request.
7.4 Restrictions on providing information when addressing the rights of interested parties
In certain situations, we may not be able to provide you with information about all your Data due to legal provisions or requirements. If we have to deny your request for information in this case, we will also explain the reasons for the refusal at the same time.
7.5 Complaint to the supervisory authority
ESCUELA DE MÚSICA SHINE takes your complaints and rights very seriously. However, if you believe that we have not fully addressed any complaint or issue regarding the protection of your data, you have the right to lodge a complaint with the Spanish Data Protection Agency.
- CHANGES TO THIS DATA PROTECTION INFORMATION NOTE
In the event that there are significant changes in the way we handle your Data, we will inform you of these modifications in a timely manner through this website or another means established with you.
- COOKIES POLICY
A cookie is a file that is downloaded to your computer when you access certain websites. Among other things, cookies allow a website to store and retrieve information about a user’s browsing habits or their device. Depending on the information they contain and how you use your device, they can be used to recognize the user.
The user’s browser stores cookies on the hard drive only during the current session, occupying a minimum memory space and not harming the computer. Cookies do not contain any specific personal information, and most of them are deleted from the hard drive at the end of the browser session (these are called session cookies).
Most browsers accept cookies as standard and, regardless of the cookies themselves, allow or prevent temporary or stored cookies in security settings.
Without your express consent—by activating cookies in your browser—this website will not link the stored data with your personal data provided at the time of registration or purchase.
The SHINE MUSIC SCHOOL website uses ‘cookies’ to allow and facilitate user interaction with the site and to enhance the site’s quality based on users’ browsing habits and styles. We also inform you that statistical services—whether our own or third-party—used by the SHINE MUSIC SCHOOL website may use ‘cookies’ to establish metrics and usage patterns of the site. Accessing, using, and generally browsing the SHINE MUSIC SCHOOL website necessarily implies the USER’s consent to the use of “cookies” by SHINE MUSIC SCHOOL and/or its service providers.
What types of cookies does this page or WEBSITE use?
Session Cookies: They keep the USER identified on the WEBSITE, allowing interaction with it.
Analysis Cookies: These are those that, whether processed by SHINE MUSIC SCHOOL or by third parties, allow us to quantify the number of users and thus carry out statistical measurement and analysis of the use users make of the offered service. This analysis of their navigation on our website aims to improve the products or services we offer.
Social Network Cookies: AddThis is a plugin that allows sharing our website content on various social networks.
Cookies allow the owner of the website or WEBSITE to store or retrieve specific information about various variables, such as the number of times the page has been visited by the USER, guarantee the USER’s session while browsing the website or WEBSITE, how they use their device, etc., all with the aim of recognizing them as a USER. It should be noted that blocking all cookies can disable certain services and features.
You can allow, block, or delete the cookies installed on your computer by configuring the options of the browser installed on your computer.
Most browsers indicate how to set up your browser not to accept cookies, to notify you each time you receive a new cookie, and to completely disable all cookies.
In general, browsers offer the following configuration options regarding the installation of cookies:
To reject all cookies, meaning no cookie from any website is installed on your device.
To notify you before the installation of a cookie occurs so you can decide whether to accept or reject the installation.
To only reject third-party cookies from the websites you visit, but not those used by the website you are browsing.
You can also disable or delete similar data used by browser extensions, such as “Flash Cookies,” by changing the settings of those extensions or visiting the manufacturer’s website.
You can allow, block, or delete the cookies installed on your computer by configuring the options of the browser installed on your computer:
Microsoft Internet Explorer or Microsoft Edge:
Additionally, you can also manage the cookie storage in your browser through tools like:
Your online choices: http://www.youronlinechoices.com/es/
- CONTACT US
Please send any request/inquiry to:
In accordance with the rights conferred by current data protection regulations, the client may exercise the relevant rights, directing their request to the postal address indicated above or to the email address email@example.com.