Information in compliance with personal data protection legislation

In Spain and the rest of Europe, there are data protection regulations in place designed to protect your personal data that, as a company, we need to be compliant with.

That is why it’s important to us that you clearly understand what we do with the data we request.

We will be transparent and ensure you have control over your data, using plain language and clear options that will allow you to decide what we are allowed to do with your personal data.

If anything is unclear after reading this information, please don’t hesitate to contact us. Thank you for your cooperation.

  • Who are we?
    • Company name: S.C. PHOTO & FILM SLU
    • Our tax identification code/tax ID: B72752868
    • Our primary activity:
  • Our address: C/ MECÁNICO, Nº7, C.P. 35214, TELDE (Las Palmas)
    • Our telephone number: +34 ‭928 946 457‬ // +34 653 681 122
    • Our email address: info@shootcanarias.com
    • Our website: www.shootcanarias.com
    • For your peace of mind and security, we are inscribed in the following Spanish Public Registry/Commercial and Trade Registry:

We are available should you need us. Please don’t hesitate to contact us.

  • Why do we use your data?

Generally, your personal data will be used to maintain a relationship with us in order to deliver our services to you.

Your data may also be used for other purposes, such as sending you marketing communications or promoting our services.

  • We do you need to use your data?

Your personal data is required for us to maintain a relationship with us in order to deliver our services to you. We will provide a series of tick-boxes that will allow you to make a clear and simple decision on how you want us to use your data.

  • Who will we share the data you provide with?

Generally, only our members of staff who have been duly authorized may access the data that you have provided.

Equally, we may pass your personal data on to other entities where this is required in order to provide our services to you. For instance, we will need to share your data with our bank if you pay for our services by credit card or bank transfer.

We will also need to pass your data on to public or private entities when we are obliged to do so by law. For example, Spanish tax law requires us to provide the tax authorities with information on financial transactions that exceed a certain amount.

Nevertheless, if we otherwise need to disclose your personal data to other entities, we will ask your permission beforehand, providing you with clear options that will allow you to make a decision.

  • How do we protect your data?

We protect your data using effective security measures in proportion to the risks involved in using your data.

We have adopted a Data Protection Policy, and we carry out checks and annual audits to verify that your personal data is secure at all times.

  • Will we transmit your data to other countries?

Many countries across the world offer secure protection for your data, while others not so much. The European Union, for example, is a secure environment for your data. Our policy is not to send your personal data to any country that does not offer secure protection for your data.

In the event that we need to send your data to a country that is not as secure as Spain, in order to deliver our services to you, we will always ask your permission beforehand and apply effective security measures to reduce the risk of sending your personal data to another country.

  • How long do we retain your data for?

We will store your data for the duration of our customer relationship, in compliance with the legislation. Once the statutory retention period has lapsed, we will then destroy your data in a secure and environmentally-friendly manner.

  • What are your rights when it comes to data protection?

You may contact us at any time to find out what personal data we hold about you, to have it rectified where it is incorrect and to have it erased once our customer relationship comes to an end, provided that it is lawful to do so.

You are also entitled to have your data transferred to other entities in certain situations, under your right to data portability.

If you wish to exercise any of these rights, please send us a written request, accompanied by a copy of your ID, so that we can confirm your identity.

We have specific forms that you can use to exercise these rights, which we would be happy to help you fill in.

For more information about your data protection rights, please visit the Spanish Data Protection Agency website at www.agpd.es.

  • Can you withdraw your consent if you change your mind later?

Yes, you can withdraw your consent at any time if you change your mind about how your data may be used.

For example, if you were previously interested in receiving marketing communications about our products or services, but you no longer wish to receive these, you can let us know by using the consent withdrawal form available from us.

  • How can you submit a complaint if you feel your rights have not been honored?

If you are not satisfied with how we have handled your request, you may submit a complaint to the Spanish Data Protection Agency, the Agencia Española de Protección de Datos. The agency can be contacted as follows:

Agencia Española de Protección de Datos C/ Jorge Juan, 6

28001 Madrid Spain

  • Telephone:

+34 901 100 099

+34 91 266 35 17

You can submit a complaint to the Spanish Data Protection Agency free of charge and you do not need the assistance of a solicitor or lawyer.

  • Do we build profiles about you?

Our policy is not to build any profiles about the users of our services.

However, there may be situations when we need to develop information profiles about you in order to provide a service, commercial or otherwise. An example would be where we use your purchase or service history to offer products or services tailored to your tastes or needs.

In such cases, we will apply effective security measures to protect your data at all times against unauthorized persons intending to use it for their own benefit.

  • Do you use your data for other purposes?

Our policy is not to use your data for any purposes other than those that we have explained. However, if we need to use your data for another purpose, we will always ask your permission beforehand, providing you with clear options that will allow you to make a decision.


OUR COMMITMENT TO THE PROTECTION OF PERSONAL DATA: “INFORMED PERSONS AND PROTECTED DATA”

The Management / Governing Body of S.C. PHOTO & FILM, S.L.U. (from now on, the data controller), assumes the maximum responsibility and commitment with the establishment, implementation and maintenance of this Data Protection Policy, guaranteeing the continuous improvement of the data controller with the aim of achieving excellence in relation to the compliance with Regulation (EU) 2016/679 of the European Parliament and the Council, of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free circulation of these data and repealing Directive 95/46/EC (General Data Protection Regulation) (OJEU L 119/1, 04.05.2016), and of the Spanish regulations on the protection of personal data (Organic Law, specific sectoral legislation and its implementing rules)

The Data Protection Policy of S.C. PHOTO & FILM, S.L.U. is based on the principle of proactive responsibility, according to which the data controller is responsible for compliance with the regulatory and jurisprudential framework that governs said Policy, and is able to demonstrate this to the competent control authorities.

In this regard, the data controller shall follow the following principles which should serve as a guide and framework for all his staff in the processing of personal data:

  1. Design of Data protection: the data controller shall, both when determining the means of processing and at the time of the processing itself, implement appropriate technical and organisational measures, such as pseudonymisation, designed to apply effectively data protection principles such as data minimisation and to integrate the necessary guarantees into the processing.
  1. Default data protection: the controller shall implement appropriate technical and organisational measures to ensure that, by default, personal data are processed only if they are necessary for each specific purpose of the processing.
  1. Data protection during information life: measures ensuring the protection of personal data shall be applicable throughout the entire life cycle of the information.
  1. Legality, loyalty and transparency: personal data will be treated in a lawful, loyal and transparent manner in relation to the interested party. 
  1. Purpose limitation: personal data shall be collected for specified, explicit and legitimate purposes and shall not be further processed in a way incompatible with those purposes.
  1. Minimisation of data: personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
  1. Accuracy: personal data must be accurate and, where necessary, kept up to date; all reasonable steps must be taken to ensure that personal data which are inaccurate in relation to the purposes for which they are processed are deleted or rectified without delay.
  1. Limitation of storage time: personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes of the processing of the personal data.
  1. Integrity and confidentiality: personal data shall be processed in a way that ensures appropriate security of personal data, including protection against unauthorised or unlawful processing and accidental loss, destruction or damage, through the implementation of appropriate technical or organisational measures. 
  1. Information and training: one of the keys to guaranteeing the protection of personal data is the training and information provided to the personnel involved in the processing of such data. During the life cycle of the information, all personnel with access to the data will be properly trained and informed about their obligations in relation to compliance with data protection regulations.

The Data Protection Policy of S.C. PHOTO & FILM, S.L.U. is communicated to all personnel of the data controller and made available to all interested parties.

Consequently, this Data Protection Policy involves all the personnel of the data controller, who must know and assume it, considering it as their own, each member being responsible for applying it and verifying the data protection rules applicable to their activity, as well as identifying and providing the improvement possibilities that they consider appropriate in order to achieve excellence in relation to its compliance.

This Policy will be reviewed by the Management / Governing Body of S.C. PHOTO & FILM, S.L.U. as many times as deemed necessary, in order to comply, at all times, with the provisions in force regarding personal data protection.