Skip to main content

We present our Privacy Policy in two formats

infoNation | privacy policy

plain english

Note: You’re reading the plain English version, which is not legally binding. Click here for “the legalese, yawn-filled version” to read full chapter and verse for how we adopt a legal approach to ensure a formal legal position.
We don’t imagine you’re snuggled up with hours to kill so we’ll try to banish the jargon and make this as rapid and to the point as we can:

Who are we and what is this?

We’re infoNation. That’s the business name we work under.  Coleman & Pearse Limited is our legal business name. If you want complete line of sight on our legal status and company accounts to make sure we are for real just go here: https://beta.companieshouse.gov.uk/company/09681092/filing-history This is our privacy policy, and it describes how we collect, use, store, share, and protect your information if you choose to submit your data to us. This applies when you submit data to us.  This privacy policy is linked to another piece of riveting reading material – our terms of use.

Oh yeah? And what if I don’t agree to your terms?

That’s OK. We won’t ask you for any information unless you want to access parts of our website that require such info. If you don’t agree with this policy or our terms of use, please don’t give us your personal information. Simple.

What if I do agree?

If you choose to sign up to infoNation, you’re consenting to the collection, use, disclosure, and retention of your info as described in this policy and the terms of use.

OK, but what if you change the policy?

We might change this policy from time to time. We may ask you to accept the changes when you use infoNation services. Or, we may post notice of the changes on our website before they come into effect. We might even send you an email—all in good time. If you don’t agree to the new policy, you can choose to stop working with us, without the new terms applying to you.

Can I access, alter, cancel, or object to the processing of my personal data?

Yes. Please contact us to make this request.

What data do you collect from me?

First name, Last name, email address and possibly telephone numbers and some social network links if you choose to give us those.  If you work with us or have worked with us we may retain some biography data.

Other data we may occasionally have?

You might (here comes wishful thinking) provide us with a testimonial (a kind one, we hope)!

What if I wish to check the data you have about me?

That is absolutely fine! Please contact us and just ask!

Anything else we do we with data and we think you should know about?

– Usage data whenever you interact with our website.
– The device you use to access our services and related data, including the IP address and browser type. We may see your geographic location based on the IP address.
– If you come to our website from an external source (like a link from another website or in an email), we keep information about that source.
– We might collect data from third parties, but only if you give those parties permission to share it with us.
– We use third party tracking services that use cookies and page tags (aka web beacons or web bugs). We do this to collect aggregated and anonymised data about our website visitors. The data might include usage and user stats.

I’m just an infoNation website visitor or I may have been customer of one of your services.  I have never worked with or for infoNation. What data do you collect from me?

– Your responses if you choose to complete and submit any information to us. infoNation is then responsible for that data.  If your responses include personal data the stuff we mentioned before applies.

How we respect your email address?

– We record your email address if you give us permission to send you a quarterly infoNation email. You can opt out of getting our quarterly email at anytime. Just click here to make that decision.

Why do you need my data?

To do our job, in a nutshell. If you make a request or ask to be contacted, we use your account data to respond to that request. We use data to answer your questions, provide tips, and send you news. We may use statistical techniques that let us create user profiles and segment data. If you don’t want to get this information, whatever form it takes, please let us know by following the steps below. We won’t hold a grudge—you can always change your mind later on. We also use it to improve our website. We do statistical analysis on info we collect about engagement with our site (including usage data, device data, referral data, question and response data, and information from page tags) to better analyse user behavior and trends, understand how people use our services, and to monitor, troubleshoot, and improve our services. We might, for example, use it to decide new features to build in next.

Third party authorised access

If you connect your infoNation account with your social media account (or any other third party platform), we might collect data you make available via that account. Check the privacy settings of your social media accounts for more info on what they share with us.

Do you sell my data to third parties?

We will never do this. EVER!  Very occasionally we might share your information with our service providers, who follow our privacy policy and other technical measures. They’ve signed a contract to keep your info confidential, and to only use it to deliver their service. They must also follow EU privacy legislation.  We’re in the United Kingdom. If you’re not, then please be aware that your information might be moved, processed, and stored by our service providers in other EU countries and the United States. Privacy laws in those countries might not be as protective as those in your country. If you agree to these terms, you agree to this practice. Please don’t use our website if you’re not cool with these terms.

We don’t share your data with any third parties unless:

  1. You request a service and we need to collaborate with third parties to deliver that service.
  2. You give us permission.
  3. An authority obligates us to do so (the police, for example).
  4. The law asks us to do so.
We don’t use your data in any other way other than as laid out in this policy and the terms of use.

What happens if you sell infoNation to someone else?

If there are any changes to our business (including exciting-sounding things like a MERGER or CONSOLIDATION), you consent to us transferring your information to the new owner to continue providing our services. We’ll notify the applicable data protection agency if required by law.

I’ve seen the word “cookies” and there’s no chocolate involved. What’s that about?

A cookie is a small string of information that the website you visit sends to your computer for identification purposes. Cookies can be used to follow your activity through our service. That info helps us understand your preferences and give you a better experience. See our cookie policy if you’re still hungry for info on the types of cookies we use.

How do I delete my data or details from any of your systems?

Easy.  Just ask us, please fill in this simple form. If you do ask us all the data collected will be permanently deleted from our systems in a reasonable time period. You won’t be able to access any services that require an infoNation account. We’ll respond to any request as soon as possible, and we’ll always agree to the request unless it’s not technically doable, or if the law obligates us to keep that data.

Do you keep hold of old information?

Yes, as long as it’s necessary and relevant to what we do. We might keep information from  to comply with the law, fight fraud, collect any debts owed, resolve spats, troubleshoot problems, assist with any investigation, enforce our terms of use, and do anything else required by law. We’ll always handle your information in accordance to this privacy policy.

Anything else not answered?

Please contact us.

infoNation | Privacy Policy

legalese

YOUR PRIVACY IS IMPORTANT TO US

1. PARTIES

1.1. This Privacy Policy describes how (“Coleman & Pearse Limited”, trading as infoNation “we”, or “us”) collects, uses, stores, shares and protects your information in connection with services offered by Coleman & Pearse Limited as a data controller and/or processor including, but not limited to, services provided at or using the following domains and associated subdomains:
https://infonation.io/
https://www.swimwimbledon.co.uk/
www.colemanandpearse.com
www.swmamils.com
www.sw19mamils.com
Coleman & Pearse Limited.com (the “Site”); tools or applications including, but not limited to, mobile and other software applications related to the Site (the “Applications”); and images, text, playlists, metadata, and other material available through the Service (the “Content”) (collectively, the “Service”).
1.2. This Privacy Policy applies when you (“you”, “User” or “Respondent”)access, visit or use any portion of the Service. For the purposes of this Privacy Policy, a “User” is a person who submits data to Coleman & Pearse Limited online (data controller of Respondents data and data subject for your own data, as direct client of Coleman & Pearse Limited), and a “Respondent” is a person representing Coleman & Pearse Limited (data subject of user).
1.3. This Privacy Policy is part of, and is governed by, the terms and conditions set forth in the Coleman & Pearse Limited Terms of Use.

2. AGREEMENT TO TERMS OF PRIVACY POLICY

2.1. Any Service provided by Coleman & Pearse Limited is purely voluntary. You are not required to provide any personal information to us unless you choose to access features of the Service that require such information. If you do not agree with the terms of this policy or Coleman & Pearse Limited’s Terms of Use related to the Service, then please do not provide us with personal information, exit the Applications immediately, and refrain from using the Service.
2.2. Accordingly, by creating a Coleman & Pearse Limited Account (as defined in the Terms of Use), or by otherwise accessing, visiting or using the Service, you expressly consent to our collection, use, disclosure and retention of your information as described in this Privacy Policy and in the Coleman & Pearse Limited Terms of Use.

3. CHANGES TO THE PRIVACY POLICY

3.1. We may amend this Privacy Policy from time to time. You may be required to accept the amended Privacy Policy upon logging in to your Coleman & Pearse Limited Account in order to keep using the Service. Alternatively, we may post any material changes to this Privacy Policy on the Site with a notice advising of the changes in advance of the effective date of the changes. We may also notify you of material changes to this Privacy Policy, before the effective date of the changes, by sending an email or in another conspicuous manner reasonably designed to notify you. If you do not agree to the new Privacy Policy, you may terminate using the Service within the applicable thirty (30) day period and you will not be bound by the new terms. Otherwise, the new terms will take effect after thirty (30) days.

4. RIGHTS TO ACCESS, RECTIFICATION OR ERASURE, RESTRICTION AND OBJECTION, OF PROCESSING

4.1. You have the right to access, rectification, opposition, erasure (“right to be forgotten”), and right to restriction of processing of your personal data by directing any such requests to Coleman & Pearse Limited, registered at Companies house in England and Wales here. In order to make things easier for you, and without prejudice to the legal requirements Coleman & Pearse Limited must comply with under the laws, Coleman & Pearse Limited allows you to exercise the above-mentioned rights by contacting us through our website or by telephone.

5. PERSONAL INFORMATION ABOUT USERS AND RESPONDENTS

Coleman & Pearse Limited is used by Coleman & Pearse Limited “Users” and by Coleman & Pearse Limited “Respondents”. The information we receive from Users and Respondents and how we handle it differs, as set out below.
5.1. Coleman & Pearse Limited USERS
As a User, we collect information relating to you and your use of our Services from a variety of sources:
a) Registration information: information you provide to us when you register for any of our services, e.g. our newsletter.
b) Other data you want to share: We may collect your personal information or data if you submit it to us in other contexts. For example, if you provide us with a testimonial, or when running a contest with Coleman & Pearse Limited.
c) Information we collect about website visitors indirectly or passively when interacting with us
d) Usage data: Coleman & Pearse Limited collects usage data about our website users whenever they interact with our services, including information they have elected to make publicly available.
e) Device and application data: Coleman & Pearse Limited collects data from the device and application the website visitor uses to access our services, such as the IP address and browser type. We may also infer the geographic location based on the User IP address.
f) Referral data: if the website visitor arrives at a Coleman & Pearse Limited website from an external source (such as a link on another website or in an email), we record information about the source that referred the website visitor to us.
g) Information from third parties: Coleman & Pearse Limited may collect website visitor personal information or data from third parties if the website visitor gives permission to those third parties to share such information with others or the data is extracted from publicly accessible sources.
For example, Coleman & Pearse Limited may share minimal service data with a select third-party for data enrichment purposes, provided that User has given prior permission to those third parties to share such information with other parties (i.e. Coleman & Pearse Limited may share Users’ email addresses with a third party to obtain some information like company name etc) or it comes from publicly accessible sources like social media profiles. Enriching data allows us to analyse a deeper subset of data from which we may present personalized content. Prior to sharing data with any data enrichment vendor, Coleman & Pearse Limited signs the corresponding Data Protection Agreement with the vendor to ensure that the data is adequately protected, that it has been lawfully obtained by vendors enabling Coleman & Pearse Limited to use such data in connection with the Services, and to ensure vendors adopt adequate security controls.
h) Information from cookies and page tags: Coleman & Pearse Limited uses third party tracking services that employ cookies and page tags (also known as web beacons or web bugs) to collect aggregated and anonymized data about visitors to our websites. This data may include usage and website visitor statistics. You can obtain full information about our cookie policy
5.2 Coleman & Pearse Limited RESPONDENTS
As a Respondent, when you respond to Coleman & Pearse Limiteds hosted by Coleman & Pearse Limited, we collect, on behalf and upon instructions of Coleman & Pearse Limited’s Users, information relating to you and your use of our services from a variety of sources:
(i) Information we collect directly from the Respondent: Coleman & Pearse Limited responses
We collect and store the Coleman & Pearse Limiteds responses from Respondents. The Coleman & Pearse Limited User is responsible for that data and manages it. The Coleman & Pearse Limited User is usually the same person that invited the Respondent to take the Coleman & Pearse Limited and sometimes they have their own privacy policy.
When responding to a Coleman & Pearse Limited you may provide personal information or data. Please note that Coleman & Pearse Limited is not responsible for the content of that Coleman & Pearse Limited, so if you have any questions about a Coleman & Pearse Limited you are taking, please contact the Coleman & Pearse Limited User directly.
(ii) Information we collect about the Respondent from other sources on behalf of Coleman & Pearse Limited’s website visitors.
a) Usage data: on behalf of Coleman & Pearse Limited website visitors, Coleman & Pearse Limited collects usage data about Respondents whenever they interact with our services.
b) Device and application data: on behalf of Coleman & Pearse Limited website visitors, Coleman & Pearse Limited collects data from the device and application the Respondent uses to access our services, such as, among other, the IP address, browser type and operating system. We may also infer the geographic location based on the Respondent IP address.
c) Referral data: on behalf of Coleman & Pearse Limited website visitors, Coleman & Pearse Limited records information about the source that referred the Respondent to a Coleman & Pearse Limited (i.e. a link on a website or in an email).
d) Information from cookies and page tags: Coleman & Pearse Limited uses third party tracking services that employ cookies and page tags (also known as web beacons or web bugs) to collect aggregated and anonymized data about visitors to our websites. This data may include usage and website visitor statistics. You can obtain full information about our cookie policy as described in Section 7 below
e) Email address: Coleman & Pearse Limited records the email address if the website visitor provides it to us in order to send the Respondent a Coleman & Pearse Limited notification email.
(iii) Coleman & Pearse Limited’s obligations as data processor when processing Respondents’ data on behalf of website visitors.
When Coleman & Pearse Limited is processing Respondents’ Data on behalf of website visitors, the User who creates the Coleman & Pearse Limited is the Data Controller in relation with the data of Respondents using such Coleman & Pearse Limited, and Coleman & Pearse Limited is the Data Processor of such Respondents data (hereinafter, website visitor shall be referred to as the “Data Controller” and Coleman & Pearse Limited as the “Data Processor”).
For the processing of Respondents’ data on behalf of the Data Controller, the Data Processor undertakes to fulfil the following obligations:
a) To treat the personal data only to carry out the provision of the contracted Services, in accordance with the instructions given in writing, at any time, by the Data Controller (unless there is a legal rule that requires complementary processing, in such a case, the Data Processor will inform the Data Controller of that legal requirement prior to the processing, unless the Law prohibits it on public interest grounds).
b) To maintain the duty of secrecy with respect to the personal data to which the Data Processor has access, even after the termination of the contractual relationship, and to ensure that their employees have committed in writing to maintain the confidentiality of the personal data processed.
c) To ensure, taking into account the available technology, the costs of implementation, and the nature, scope, context and purposes of the processing, as well as the risks of varying probability and severity for the rights and freedoms of natural persons, that they will apply adequate technical and organizational measures to ensure a level of security appropriate to the risk, including, where appropriate, among other things:
-The pseudonymisation and encryption of personal data;
-The ability of ensuring the continued confidentiality, integrity, availability and resilience of the systems and services ;
-The ability of restoring the availability and access to personal data quickly in the event of a physical or technical incident;
-A process of regular verification, evaluation and assessment of the effectiveness of the technical and organizational measures in order to ensure the safety of the processing.
When evaluating the adequacy of the security level, special account shall be taken of the risks presented by the data processing, in particular as a consequence of the destruction, loss or accidental or unlawful alteration of the personal data transmitted, stored or otherwise processed, or the communication or unauthorized access to such data.
In the event that the implementation of specific and concrete security measures is needed, those measures will be added to this Agreement by means of an Annex.
d) To keep under their control and custody the personal data to which they have access in relation with the provision of the Service, and to not disclose them, neither transfer or otherwise communicate them, not even for their preservation, to persons unrelated with the provision of the Service covered by this Agreement.
However, the Data Controller may authorize, expressly and in writing, the Data Processor to use another data processor (hereinafter, the “Subcontractor”), whose identification data (full company name and fiscal identification number) and subcontracted services must be communicated to the Data Controller, prior to the provision of the service, at least with one (1) month in advance. The Data Processor will also inform the Data Controller of any change envisaged in the incorporation or substitution of the Subcontractors, giving thus to the Data Controller the opportunity to object such changes.
In case of making use of the power recognized in the previous paragraph, the Data Processor is obliged to transfer and communicate to the Subcontractor the whole obligations that for the Data Processor derive from this Agreement and, in particular, the provision of enough guarantees that he will apply appropriate technical and organizational measures, so that the processing complies with the applicable regulations.
In any case, access to the data made by natural persons who render their services to the Data Processor, acting within the organizational framework of the latter by virtue of a commercial and non-labour relationship, is authorized. In addition, access to the data is granted to companies and professionals that the Data Processor has hired in their internal organizational framework in order to provide general or maintenance services (computer services, consulting, audits, etc.), as long as such tasks have not been arranged by the Data Processor with the purpose of subcontracting with a third party all or part of the website services provided to the Data Controller.
e) To delete or return to the Data Controller, at their choice, all personal data to which they have had access in order to provide the website services. Likewise, the Data Processor undertakes to delete the existing copies, unless there is a legal rule that requires the preservation of the personal data. However, employees and other personnel working for the Data Processor are entitled to access website visitors and Respondents data as required to carry out their obligations under the terms of their contract.
f) To notify the Data Controller, without undue delay, of any personal data security breaches of which he is aware, giving support to the Data Controller in the notification to the Information Commissioner’s Office or other competent Control Authority and, if applicable, to the interested parties of the security breaches that occur, as well as to provide support, when necessary, in the carrying-out of privacy impact assessments and in the prior consultation to the Information Commissioner’s Office, where appropriate, as well as to assist the Data Controller so they can fulfil the obligation of responding the requests to exercise certain rights.
g) To bring, in writing, a record of all categories of processing activities performed on behalf of the Data Controller.
h) To cooperate with the Information Commissioner’s Office or with other Control Authority, at its request, in the fulfilment of its power.
i) To make available to the Data Controller the whole information necessary to demonstrate the fulfilment of the obligations established under this Agreement, as well as to allow and contribute to the performance of audits, including inspections, by the Data Controller or by a third party authorized by them.
If the Data Processor or any of his Subcontractors violates this Agreement or any regulation when determining the purposes and means of the processing, they shall be held responsible for such processing. Furthermore, if such Subcontractors are based in countries which do not have a legislation on data protection which is equivalent to EU legislation (“Third Countries”), Data Processor shall establish all safeguards required by the EU legislation in order to comply with all obligations arising from transfers of data to Third Countries, and shall promptly inform Data Controller about such safeguards if so requested.

6. PURPOSES AND LEGITIMATE BASIS OF THE USE AND SHARING INFORMATION

PURPOSES OF PROCESSING
6.1. We use the information we collect from you to perform the services requested in connection with the “Coleman & Pearse Limited website” selected for the purposes described in the Terms of Use.
6.2. We also use your information to review, investigate and analyse how to improve the services provided. We may also collect and analyse your data to monitor, maintain and improve our services and features.
6.3. We may internally perform statistical and other analysis on information we collect (technical and metadata) to analyse and measure user behavior and trends, to understand how people use our services, in order to. Improve and optimize our performance of such services, and to monitor, troubleshoot and improve our services, including to help us evaluate or devise new features.
6.4. We may use your information for internal purposes designed to keep our services secure and operational, such as testing purposes, troubleshooting, to prevent abusive activity (i.e. fraud, spam, phishing activities), and for service improvement, research and development purposes.
6.5. As described in the Terms of Use, if you connect your Coleman & Pearse Limited web with site services with a Social Media or third party platform, we may use the information that you make available through the applicable Social Media or third party platform and that the applicable Social Media or third party platform has made available to Coleman & Pearse Limited, in accordance with the privacy or other settings that are applicable to your Social Media or third party platform account.
6.6. We’ll be sending you Coleman & Pearse Limited product intro, tips and inspirational use cases and user stories by any means, including email and similar means of electronic communication like personalised advertisements as part of providing relevant content helpful to use our services effectively. In order to customize such information and commercial communications as much as possible, Coleman & Pearse Limited may use statistical techniques that allow the creation of user profiles and data segmentation.
6.7. We do not sell your Coleman & Pearse Limited data to third parties without your permission. We share your information with our service providers who help us to provide our services to you, in which case those third parties are required to comply with our privacy policy and any other adequate technical and organizational measures. We contractually bind these service providers by the corresponding Data Processing Agreements to keep your information confidential and to use it only for the purpose of providing their services and pursuant to the applicable privacy legislation in the United Kingdom and the European Union.
Coleman & Pearse Limited is based in the United Kingdom and complies with the GDPR framework as set forth by the EU regarding the collection, use, and retention of personal data from EU member countries. We also adhere to UK data protections laws. If you are located outside the EU and choose to use the website or provide your information to us, please note that your information may be transferred, processed and stored by our service providers in other non-EU countries. Privacy laws of the European Union and third countries may not be as protective as those in your jurisdiction. Your agreement to the terms of this Privacy Policy followed by your submission of information in connection with the website represents your agreement to this practice. If you do not want your information transferred to or processed or stored in the EU, you should not use the website.  
6.8. Your data is not disclosed to any third party except (i) for providing the services you requested and for which Coleman & Pearse Limited collaborates with third parties, (ii) when we have your permission, (iii) when it is required by a competent authority in the exercise of its duties (for example in order to investigate, prevent or take action regarding illegal activities) or (iv) as otherwise required by law.
6.9 We do not use your Coleman & Pearse Limited data other than as described in this Privacy Policy and the Terms of Use.

7. LEGITIMATE BASIS OF PROCESSING

Coleman & Pearse Limited use of your data for the purposes described above is based on the following legitimate basis:
7.1 Website visitors data
If you are a website visitor, we use your data inline with our privacy policy order to fulfil our contractual obligations with you and, if you are acting on behalf of a legal person, we have a legitimate interest to use your data in order to maintain the relation with your company as a Coleman & Pearse Limited client.
In addition, we are entitled by law to use your data for direct marketing purposes, in order to send you commercial communications related with Coleman & Pearse Limited products or services which are similar to the Services, since legislation on data privacy recognizes direct marketing to clients as a legitimate interest of use of personal data, and legislation on information society services expressly allows Coleman & Pearse Limited to send you commercial communications by electronic means, provided that they are related with products or services which are similar to the Services. In any case, you are entitled to ask us, now or at any moment, not to send you any commercial communications. If you don’t want us to send you commercial communications, you can do it, now or at any moment, by changing the communication preferences in your account settings page Additionally, all commercial communications you might receive in the future, will include an easy and free-of-charge way for you to ask us not to receive further commercial communications.
7.2 Respondents’ Data
If you are a Respondent, we are processing your data as Data Processor of the User that invited you to take the Coleman & Pearse Limited, so we suggest that you read carefully the own privacy policies that such User might have established for the use of your data as a Respondent

8. COOKIES

8.1 A cookie is a small string of information that the website you visit transfers to your computer for identification purposes. Cookies can be used to follow your activity throughout the Coleman & Pearse Limited Service and that information helps us to understand your preferences and improve your experience.
8.2 For a detailed description of the types of cookies we use and on how you can control the use of cookies, please see our Cookie Policy.

9. CANCELING YOUR ACCOUNT, OPTING OUT OF EMAIL, AND MODIFYING PERSONAL INFORMATION

9.1 You may cancel your account and you may opt out of receiving any emails from Coleman & Pearse Limited at any time by changing the settings in your account settings page. Deleting your account will cause all the Coleman & Pearse Limiteds data in the account to be permanently deleted from our systems within a reasonable time period, as permitted by law and will disable your access to any other services that require a Coleman & Pearse Limited account. We will respond to any such request, and any appropriate request to access, correct, update or delete your personal information within the time period specified by law (if applicable) or without excessive delay. We will promptly fulfill requests to delete personal data unless the request is not technically feasible or such data is required to be retained by law (in which case we will block access to such data, if required by law).
9.2 You may modify your personal information by logging in and visiting your settings at “My Account” page and “Plan + Billing” page, following the instructions provided, or open a support ticket from our Help Centre.
9.3 We encourage you promptly to update your personal information when it changes. Information concerning your past behavior with the Service may be retained by Coleman & Pearse Limited as long as necessary for the purposes set out below.

10. RETENTION OF YOUR INFORMATION

10.1. We retain information for active Coleman & Pearse Limited Accounts as long as it is necessary and relevant for our operations. In addition, we may retain information from closed accounts to comply with the law, prevent fraud, collect any fees owed, resolve disputes, troubleshoot problems, assist with any investigation, enforce the Coleman & Pearse Limited Terms of Service and take other actions permitted by law.
10.2. The information we retain about you will be handled in accordance with this Privacy Policy during the maximum terms permitted by law, and will exclusively be used for the purposes described in section 9.1 above. After those terms, your information will be fully deleted or, alternatively, will be anonymized.

11. HOW TO CONTACT US

Send a request via https://www.Coleman & Pearse Limited.com/help/. Click the Contact Support link at the bottom of any article.

12. COMPLAINTS

If you consider that any use of your data might breach any of your rights, you can lodge a complaint at any time by opening a support ticket from our Help centre or, alternatively, by filing a complaint before the Spanish Authority on Data Protection (Agencia Española de Protección de Datos) at www.agpd.es