Privacy policies

Version 1.2 — Effective date: 05/10/2025

At Pericardium.org, we respect your privacy and handle personal data with the utmost care.
This Privacy Policy explains what data we collect, for what purposes, the legal basis for processing,
how we protect it, and the rights you have as a user or customer.
It complements our Terms and Conditions of Use and our Cookie Policy.

 

1. Data Controller

Trade name: PERICARDIUM.ORG (managed by ANAYAWAKA PRODUCTIONS, S.L.)
Registered company name: ANAYAWAKA PRODUCTIONS, S.L.
Tax ID: ESB66007998
Address: C. Vallès, 25 – 08430 La Roca del Vallès (Barcelona – Spain)
Email: info@anayawaka.com

 

2. Purpose of data processing

  • To provide and manage services, courses, events, and memberships.
  • To manage user accounts (registration, access, authentication).
  • To respond to inquiries, provide support, and moderate the community.
  • To send informational or promotional communications, only with prior consent.
  • To comply with legal, tax, and accounting obligations.
  • To analyze and improve our services through aggregated and/or anonymized data for statistical purposes.

 

3. Data we collect

  • Identification: name, surname, nickname.
  • Contact: email address, phone number (optional).
  • Access: username, encrypted password, registration date.
  • Navigation data: IP address, device, pages visited, connection time.
  • User-generated content: messages, comments, shared documents.
  • Billing: tax and payment details (only for paid services or products).
    Payment data is not stored on our servers but processed directly by secure gateways
    (Stripe, PayPal, Redsys) in accordance with their own privacy policies.
  • Professional data: for trained members of the Pericardium Liberation method
    (training history, languages spoken, address of practice or teaching location, or other details necessary
    to promote their professional activities).
  • Cookies and similar technologies: see our Cookie Policy.

 

4. Legal basis for processing

  • User consent (e.g., newsletters, marketing).
  • Performance of a contract (e.g., courses, memberships).
  • Legal compliance (e.g., tax or accounting obligations).
  • Legitimate interest (site security, service improvement, fraud prevention),
    always respecting the rights and freedoms of data subjects.

 

5. Data retention

Data will be retained for as long as there is an active relationship with the user and during the legally required periods.
Once that relationship ends, data will be deleted or anonymized, except where retention is required by law.

 

6. Consent and minors

For processing based on consent (e.g., marketing or newsletters), users may withdraw consent at any time.
We only collect data from individuals aged 16 or older.
For minors, the express consent of parents or legal guardians is required.

 

7. Data sharing and third-party access

We do not sell personal data.
We may share it with third-party providers (hosting, mailing, payment processors, analytics, or maintenance services) under agreements that ensure confidentiality and data security, in accordance with Article 28 of the GDPR.
Data may also be disclosed when required by law or to comply with a competent authority.

 

8. International data transfers

In cases where data is transferred outside the European Economic Area (EEA) (for example, to providers such as Mailchimp, Google, Meta, or Stripe), Standard Contractual Clauses approved by the European Commission will be applied to ensure adequate protection.

 

9. Data security and breaches

We implement appropriate technical and organizational measures to ensure the confidentiality, integrity, and availability of personal data.
In the event of a data breach, the competent authority and affected users will be notified within 72 hours.
We regularly review our security measures and internal protocols to maintain a high level of protection.

 

10. User rights

  • Access, rectification, and deletion (right to be forgotten).
  • Restriction or objection to processing.
  • Data portability.
  • Withdrawal of consent at any time.
  • Filing a complaint with the Spanish Data Protection Agency (AEPD).

To exercise your rights, please send your request along with a copy of your identification document to info@pericardium.org with the subject “Data Protection”.

 

11. Cookies

We use first-party and third-party cookies to improve browsing, analyze traffic, and personalize content. For more information, please see our Cookie Policy.

 

12. External links

Our website may contain links to external sites that are beyond our control.
We are not responsible for the content or privacy practices of such sites.
We recommend reviewing their respective privacy policies before providing personal information.

 

13. Updates to this policy

This policy may be updated to reflect regulatory or operational changes.
The current version will always be published with its effective date.
In case of substantial changes, we may notify users via email or a notice on the website.

 

14. Applicable law and jurisdiction

This Privacy Policy is governed by Spanish law,
including Regulation (EU) 2016/679 (GDPR),
Organic Law 3/2018 on Data Protection and Digital Rights (LOPDGDD),
and Law 34/2002 on Information Society Services and Electronic Commerce (LSSI-CE).
Any dispute shall be submitted to the courts of Barcelona, Spain.