How Wedinest collects, uses, protects and retains personal data, and how you can exercise your privacy rights.
Data controller
In compliance with the applicable regulations on information society services, please be informed that this website, accessible through the Wedinest domain, is owned by:
Owner: Alberto Belloso Martín
Contact email: hello@wedinest.com
Location: Barcelona, Spain
Commitment to data protection
Wedinest undertakes to process users' personal data in accordance with the applicable data protection regulations, including Regulation (EU) 2016/679 (General Data Protection Regulation or GDPR) and the applicable Spanish regulations.
Data processed
Wedinest may process personal data provided by users during the use of the platform, including identification and contact data, account access data and any other information necessary for the provision of the services offered.
Likewise, users may incorporate information related to the organisation and management of events, including, where applicable, information regarding dietary restrictions, allergies, intolerances or dietary preferences of attendees.
Users shall be responsible for ensuring that they have sufficient legitimacy to incorporate and use such information in accordance with applicable regulations.
Purposes of processing
Wedinest processes the personal data necessary to enable access to, use of and correct functioning of the platform, as well as to manage the relationship with users and provide the requested services.
Data may be used for account administration, the management of events and of the information incorporated by users, handling enquiries and incidents, service-related communication and protecting the security of the platform.
Likewise, Wedinest may process information in aggregated or anonymised form in order to analyse the use of the services, detect errors, improve the user experience and develop new features.
Data may also be processed when necessary to comply with legal obligations or to respond to validly issued requests from competent authorities.
Legal basis for processing
The processing of personal data carried out by Wedinest is based, as applicable, on:
- The performance of the contract or the provision of the services requested by the user.
- The user's consent where necessary.
- Compliance with applicable legal obligations.
- The legitimate interest in ensuring the security, maintenance, functioning and improvement of the platform.
Data incorporated by users
Users may incorporate into the platform personal data of guests, attendees, suppliers or other persons related to their events.
With respect to such data, the user acts as Data Controller and guarantees that they have an adequate legal basis for its processing in accordance with applicable regulations.
Wedinest acts as Data Processor, limiting itself to processing such data on behalf of the user and exclusively for the provision of the contracted services.
Recipients and service providers
Wedinest may rely on technology providers necessary for the provision, maintenance, security and improvement of the platform.
Such providers may access the data only to the extent necessary for the correct provision of their services and in accordance with applicable legal and contractual obligations.
Such providers may include hosting, database, storage, email, analytics, security, attack-protection and payment-processing services.
International transfers
When necessary for the provision of the service, certain providers may process personal data outside the European Economic Area.
In such cases, Wedinest will adopt the appropriate safeguards required by applicable regulations to protect users' personal data.
Security measures
Wedinest adopts reasonable technical and organisational measures intended to protect personal data against unauthorised access, loss, alteration, disclosure or accidental destruction.
However, no technological system can guarantee absolute security, so Wedinest cannot guarantee the total invulnerability of its systems.
Data retention
Personal data will be retained for as long as necessary for the provision of the services offered by Wedinest and while the user has active access to the platform in accordance with the conditions of the contracted service.
When a subscription ends or an account is cancelled, access to the platform may be blocked. Data may be retained for a maximum period of 90 days for operational and security reasons, compliance with legal obligations or defence against possible claims.
After that period, data may be permanently deleted or anonymised, unless there is a legal obligation requiring its retention for a longer period.
User rights
Users may exercise their rights of access, rectification, erasure, objection, restriction of processing and portability of their personal data by sending a communication to the contact email indicated in this Privacy Policy.
Likewise, users may request additional information about the processing of their personal data or about the exercise of their rights through the contact channels enabled by Wedinest.
If they consider that the processing of their personal data does not comply with applicable regulations, they may contact the Spanish Data Protection Agency (AEPD), without prejudice to any other authority that is competent under applicable regulations.
Modifications
Wedinest may modify this Privacy Policy to adapt it to regulatory, technical or functional changes. The current version will always be available on the website.