Privacy Policy (v1.0 - 2023/03/27)

In accordance with the provisions of the General Data Protection Regulation of the European UnionRegulation (EU) 2016 / 679–, and in relation to the activities of browsing the website of our TARHA online database <https://proyectotarha.org/tarha> –hereinafter, «TARHA»– by its visitors, we define below our privacy policy regarding the processing of the data collected from these visitors which might be incorporated to a file whose purpose we describe in this document, among other related issues.

Also, being TARHA hosted in the network infrastructure owned by the Internet Service Provider IONOS Cloud S.L.U. –hereinafter, «the Provider»–, the privacy policy of the latter should be applied as well.

In any case, visitors connection to TARHA shall always be made through either SSL or TLS encryption –recognizable by the presence of the expression https:// (not http://) heading the web address (URL) of TARHA entered in the address bar of the browser– which makes data being transferred in both directions between the computer device being used by the visitor and the computer system where TARHA is hosted very difficult to be read by a third party who intends to clandestinely intercept the contents of such transmission.

1. Identification of the File Controller

  • Name: Antonio Marcos López Alonso.
  • Address: Santa Cruz de Tenerife, Autonomous Community of the Canary Islands, Kingdom of Spain, European Union.
  • Contact: info@proyectotarha.org.

2. Collected data and the purpose of its processing

Without prejudice to the processing that the Provider may apply to the data collected from the visitors of TARHA according to his own privacy policy, TARHA's File Controller only collects data from the visitors subscribed to TARHA –hereinafter either «the Subscriber» or «the Subscribers»– being the purposes of such subscription:

  1. access to additional functions making TARHA use and browsing experience more convenient and practical./li>
  2. in the case of Subscribers with either full or partial management privileges on non-personal data stored in TARHA, access to the relevant management functions. Such management privileges are granted among the requesting Subscribers at the discretion of the File Controller.

Both Subscribers and visitors who start the subscription process, at the time of login TARHA or submitting the information necessary to subscribe, must pass a test consisting of ticking a box and, possibly, solving a challenge involving to copy a text or solving a simple mathematical problem. We use this test to reduce the risk of computer attacks on TARHA based on the creation of fake user accounts, theft of the identity of other Subscribers and other methods.

The data collected from the moment a visitor acquires the status of Subscriber –by his / her voluntary request to register a personal user account right after the act of consenting to the processing of his / her personal data in accordance to this privacy policy– taking into account that only the File Controller and the Subscriber have access to them with the exceptions that will be indicated.

Also, it is left at the discretion of the File Controller the deletion of any user account created in TARHA and all the personal or functional data linked to them without being obliged to either notify or justify the action before the affected Subscribers.

2.1. Common data to all Subscribers

  • Username: freely chosen by the Subscriber with no other limitation than achieving non-duplicity regarding those already registered in TARHA or other motivated by technical or security reasons. Subscribers with management privileges can only see usernames belonging to other Subscribers having such privileges.
  • Password: freely chosen by the Subscriber although the File Controller reserves the right to restrict its composition following security criteria, as imposing a minimum number of characters or forcing the use of non-alphanumeric characters, among others. The chosen password will be stored in TARHA in an encripted form so that nobody --not even the File Controller-- may know it by simply reading the relevant records in TARHA which can be accessed by the File Controller solely anyway.
  • E-mail address: registered in TARHA for:
    • the Subscriber to receive automatic messages regarding subscription confirmation or, in its case, voluntary change of data regarding subscription or personal profile –for instance, password changing--.
    • the Subscriber to receive personal or broadcast communications regarding subscription issues, TARHA online status, etc.
    • The email addresses of the Subscribers will never be used from TARHA to send them advertisement / marketing messages or any other sort of information away from TARHA purposes and objectives.
  • IP address subscription was made from: collected for statistical and security analysis, and in order to prevent and, where appropriate, diagnose malicious subscriptions or connections. Also to diagnose the lack of use of the accounts, which may lead to their deletion according to the minimum terms indicated in section 3.
  • Subscriber's last connection IP address: collected for the same purposes as those of the previous point.
  • Subscriber's last connection date and time: collected for the same purposes as those of the previous point.

2.2. Data specific to management-privileged Subscribers

Without prejudice to the provisions of the previous point for all Subscribers, those Subscribers who enjoy management privileges over all or some of the records that are part of TARHA's functions, and with the sole purpose of supervising and controlling the correction and quality of the management tasks themselves including creating new records or changing one or more of the existing ones, the following data will be automatically stored in the affected records:

  • Username: that of the Subscriber who either created the record or made the last change of it.
  • Date and time: of the creation or last change of the record.

3. Data retention time and user account expiration

Data collected from each Subscriber will be retained as long as his/her user account is alive and linked to that Subscriber. Those data will be automatically deleted as soon as the Subscriber --or the File Controller if that may be the case– makes the cancellation of his/her user account effective.

In order to favor the security of both TARHA and the Subscribers' data those newly created user accounts whose creation would be not confirmed by the respective Subscribers in no less than 24 hours from having signed-up as well as those accounts that have not been used –understood as login using the Subscriber's credentials-- in no less than 365 natural days counted from the date and time of the last login.

4. Rights regarding personal data processing

Subscribers may exercise before the File Controller the following rights regarding their personal data stored in TARHA, without prejudice to the fact that they may be exercised alternatively before the Spanish Data Protection Agency:

  • To know why their personal data are needed, what will happen to them and how long they will be retained.
  • Right to access their personal data.
  • Right to rectificate their personal data either completing, modifying or deleting them.
  • Right to erase their personal data, fully deleting them from TARHA.
  • Right to oppose the processing of their personal data.
  • RIght to transfer their personal data, requesting them to the File Controller.

Subscribers may exercise some of these rights from their own user accounts using the resources and tools at their disposal in the TARHA user interface, including the possibility of fully deleting their own user accounts without requesting the intervention of the File Controller.

5. Other

For any other question regarding this Privacy Policy, please contact the File Controller using the email address indicated in Section 1.