Privacy Policy
This legal text provides details on how we collect and process your personal data through your use of our website http://www.indianflavouralhaurin.com, including any data you may provide via the website when submitting information through the forms provided for that purpose.
By providing us with your data, please note that our services are not available to individuals who are not legally allowed to give consent. Therefore, when you submit a form, you confirm that you have the legal capacity to do so.
Below, we inform you about the data protection policy of Indian Alhaurín S.L.
Data Controller
Controller Contact Details:
Indian Alhaurín S.L.
Tax ID: B72516909
Address: Avd. Gerald Brenan, 66
29120 Alhaurín El Grande, Málaga (Spain)
Indian Alhaurín S.L. is the data controller (hereinafter “we”, “us” or “our”).
What Data Do We Collect?
The General Data Protection Regulation (GDPR) defines personal data as any information related to an identified or identifiable natural person. This does not include anonymous or aggregated data.
Personal data that may be collected directly from the user will be treated confidentially and included in processing activities owned by Indian Alhaurín S.L.
We may collect and process the following types of personal data through our website:
Identity Data: full name.
Contact Data: email address and telephone number.
We do not collect any special categories of personal data (such as those revealing ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or health, genetic or biometric data).
If we are legally required to collect personal data and you fail to provide it, we may not be able to enter into or perform the contract, and we will notify you accordingly.
How Do We Collect Your Data?
We may collect your personal data via the following means:
Direct interactions: Through the contact form on our website, via email, phone, or postal mail when you:
Request information about our services.
We reserve the right to reject or cancel any registration if we believe it does not meet our requirements or applicable laws and regulations. We will try to explain the reasons for our decision, but we may not always be able to do so.
Automated technologies or interactions: We may automatically collect technical data about your device, browsing actions, and usage patterns through cookies or similar technologies. For more information, please consult our Cookie Policy.
Third parties:
Google (outside the EU): analytical or search data.
Purpose and Legal Basis for Processing Your Data
We use your personal data for the following purposes and on the following legal bases:
To perform a contract with you.
When you have given your consent.
To comply with legal obligations.
For our legitimate interests or those of a third party.
You may withdraw your consent at any time by emailing us at [email protected], or by referring to the section on exercising your rights below.
How Long Will We Keep Your Data?
Your data will be retained for as long as necessary to fulfill the purposes for which it was collected, and to determine any potential liabilities arising from those purposes and the data processing.
Email/form subscribers: from the time you subscribe until you unsubscribe.
Minors
Indian Alhaurín S.L. does not authorize individuals under the age of 14 to submit personal data through the website (such as via contact forms or by email). By providing personal data through these means, you declare that you are over 14 years of age. We are not liable for non-compliance with this requirement.
If your child, who is under the age limit, has provided personal data to us, please contact us to request the exercise of their rights.
When our services are intended for minors under 14, we will implement mechanisms to obtain consent from their parents or legal guardians.
Exercising Your Data Protection Rights
You may exercise your rights by contacting us via our postal address or email [email protected], including a copy of your ID or similar document, to request:
Access to your personal data.
Rectification if data is inaccurate, or erasure (“right to be forgotten”).
Restriction of processing, in which case your data will be stored only for legal claims.
Objection to processing, unless legitimate grounds apply or the data is needed for legal defense.
Portability of your data to another service provider.
You may use templates provided by the Spanish Data Protection Agency (AEPD) to exercise your rights: [Link to AEPD templates].
You can also file a complaint with the AEPD if you believe we have mishandled your data.
We may request additional information to verify your identity before processing your request. This is a security measure to ensure your data is not disclosed to unauthorized parties.
We will respond to all valid requests within one month, although complex requests may require more time. We will notify you accordingly.
Data Sharing: Service Providers
We may need to share your data with third parties who provide services on our behalf, and with whom we have appropriate contracts to protect your rights. These include:
IT and system administration service providers.
Professional advisors such as lawyers, auditors, insurers, and consultants.
All data processors are required to treat your data confidentially and in compliance with the GDPR.
They are only allowed to process your data for specific purposes and according to our instructions. You may request a list of these service providers by emailing [email protected].
Data Security
We have implemented appropriate technical and organizational measures to prevent your data from being accidentally lost, used or accessed in an unauthorized way, altered, or disclosed.
Access to your personal data is limited to employees, agents, contractors, and third parties who need access for business purposes. They will only process your data under our instructions and are subject to a duty of confidentiality.
We have procedures in place to deal with any suspected data breach. If such an event occurs, we will notify you and the relevant supervisory authority as required by Articles 33 and 34 of the GDPR.
English 
Spanish