Below we inform you, in the form of questions and answers, of the bases on which we process your personal data.
Who is responsible for processing your data?
- Identity: ENDOR TECHNOLOGIES, S.L. CIF (Tax ID No.): B-64312416.
- Address: C/ Baldiri Reixac, 15, 08028 – Barcelona.
- Telephone: +34 934020468.
- Email: email@example.com.
Why do we process your personal data?
We process the personal data you provide for the purposes outlined below.
- Processing users’ registration requests to enter into a contract to purchase our products, as well as managing their orders, invoices, and payment of our services. Our customers must provide us with their data for that purpose as otherwise the contract cannot be performed.
- Addressing requests for information, suggestions, and complaints that you may send us, contacting the sender of the information, responding to their request or query, and following up on it. Although providing data for this purpose is voluntary, we cannot reply to your request, query, or complaint unless you do so. Therefore, notifying us of your personal data for these purposes is necessary so that we can respond to these requests.
- Sending marketing communications on our products and services. If you are our customer, we will send you these communications unless you tell us that you do not want to receive them by checking the appropriate box when you provide your data, or by notifying us subsequently by any means.
However, if you do not enter into a contract for our products or services, we will not send you any marketing information unless you expressly authorize us to do so, such as requesting these communications by subscribing to our newsletter. Authorization is voluntary and should you refuse, the only consequence would be not receiving our sales offers for our products or services.
Concerning the sending of the abovementioned communications, we can produce marketing profiles based on the information provided to offer you products and services tailored to your interests.
- If you become a friend or follower of one of our social media accounts, we will process your data to keep you informed of our activities and promotions through these channels. Although providing data for this purpose is voluntary, you cannot be our social media friend or follower without doing so. The categories of data processed for this purpose are identification details.
How long will we process your data for?
We will only retain your data for as long as we need it to fulfill the purpose they were collected for, to comply with our legal obligations, and to address any liabilities that may arise from fulfilling the purpose the data were collected for.
Data for managing our relationship with customers and the invoicing and payment of the services will be retained for that purpose for as long as the contract is in force. Once this relationship has ended, the data can be retained for as long as it is required by applicable legislation and until any possible liabilities arising from the contract expire.
Data for sending marketing communications on our products or services will be retained indefinitely unless you ask us to delete them or tell us you no longer wish to receive our communications.
The data of potential customers who do not actually enter into a contract for our products or services and who do not wish to receive marketing information will be deleted when it is confirmed that the contract will not be performed. In the event that possible liabilities could arise from the previous relationship between the parties, even if it no contract is performed, the data will be retained until these liabilities expire.
Data processed to deal with requests, questions, queries, or complaints will be retained for as long as needed to respond to them and to definitively close them. They will then be retained as a communication log for a year, unless you request their erasure earlier.
Data provided through social media will be retained while you remain our friend or follower on the platform.
What is the lawfulness for processing your data?
Data will be processed on the legal basis of the existence of a contractual or pre-contractual relationship.
LFuture offerings of products and services to our customers is based on satisfying the legitimate business interest of providing them with an opportunity to enter into a contract for other products or services and thus make them loyal. This legitimate interest is recognized by applicable laws (General Data Protection Regulation), which expressly permits the processing of personal data on that legal basis for direct marketing purposes. Nevertheless, we remind you that you have the right to oppose this processing of your data and may do so through any of the means outlined in this clause.
Future offerings of products and services to people who, having shown an interest in them, are not or have never become our customers, is based on the data subject’s consent. You can revoke this consent at any time, with no consequences other than no longer receiving advertising and without this affecting the previous processing of your data.
The basis for the processing of personal data to reply to your requests for information, questions, queries, and complaints is the data subject’s consent. This consent may be withdrawn at any time, although this will not affect the lawfulness of the previous processing.
Data provided through social media will be processed on the legal basis of your consent, which you can revoke at any time, although this will not affect the lawfulness of the previous processing.
The categories of data processed are the ones requested in the form or contract used to provide us with your data in all cases.
Which recipients will be notified of your data?
Your data will be given to the following:
- Competent authorities, including judges and courts, in the cases provided for in law and for the purposes the law defines.
- The financial institutions through which the payments are made and collected.
- Logistics, transportation, and delivery service companies for the purpose of managing product shipments.
Although not a transfer of data, third-party companies, acting as our suppliers, may access your information to perform the service. These companies access your data on our instructions, may not use them for any other purpose, and maintain the strictest confidentiality on the basis of a contract in which they undertake to comply with the requirements of current personal data protection regulations.
This company has a contract for its website infrastructure with Shopify International Ltd, located in Ireland. This entity can make international data transfers to countries outside the European Economic Area. Should you require any further details, please visit https://www.shopify.com/legal/privacy?shpxid=feb4d6e8-6B36-4F06-C5E6-B5F79802AF7B#information-sharing.
What are your rights when you provide us with your data?
Everyone has the right to obtain confirmation as to whether we are processing their personal data. Data subjects have the right to access their personal data, as well as to request the rectification of inaccurate data or their erasure when, among other reasons, the data are no longer necessary for the purposes they were collected for.
Under the conditions provided for in the General Data Protection Regulation, data subjects may request that the processing of their data is restricted or their portability, in which case we will only keep them to exercise or defend complaints.
In certain circumstances, and for reasons related to their particular situation, data subjects may oppose the processing of their data. If you have given your consent for a specific purpose, you have the right to withdraw your consent at any time, without affecting the lawfulness of the processing based on your consent before your data are removed. In these cases, we will stop processing your data or, if applicable, we will stop processing them for that specific purpose, except for compelling legitimate reasons or to exercise and defend complaints.
Data protection regulations also allow you to object to being the subject of decisions based solely on automated processing of your data, where applicable.
The abovementioned rights are characterized by the following:
- Exercising the rights is free, unless the requests are manifestly unfounded or excessive (e.g., repetitive), in which case a fee proportional to the administrative costs incurred may be charged or we may refuse to act.
- You may exercise your rights directly or through your legal or voluntary representative.
- We must respond to your request within one month, although, if the complexity and number of requests are considered, the timeframe may be extended by a further two months.
- We are obliged to inform you of how you can exercise these rights, which must be accessible, and we cannot refuse you the exercise of the right for the sole reason of choosing another means. If the request is made electronically, the information will be provided by these means whenever possible, unless you request another.
- If, for any reason, your request is not dealt with, we will inform you, within no longer than one month, of the reasons for this and of the possibility to complain to a supervisory authority.
To facilitate the exercise of the abovementioned rights, below are links to the forms to request each of them:
- Form to exercise the right of access
- Form to exercise the right to rectification
- Form to exercise the right to object
- Form to exercise the right to erasure (right to be forgotten)
- Form to exercise the right to restrict processing
- Form to exercise the right to data portability
- Form to exercise rights related to automated individual decision-making
All the abovementioned rights can be exercised through the means of contact listed at the beginning of this clause.
In all cases, you must prove your identity by attaching a photocopy or a scanned copy of your identity card or an equivalent document, or a document demonstrating the representation, if your right is exercised by a representative.
All the abovementioned rights can be exercised through the means of contact listed at the beginning of this clause.
Should any of your rights be violated, especially when you have not obtained satisfaction in exercising them, you can file a complaint with the Spanish Data Protection Agency (contact details available at www.aepd.es), or any other competent supervisory authority. You can also obtain more information on your rights by contacting these organizations.
How do we protect your personal data?
We are firmly committed to protecting the personal data we process. We use reasonably reliable and effective physical, organizational, and technological controls and procedures aimed at preserving the integrity and security of your data and guaranteeing your privacy.
In addition, all personnel with access to personal data have been trained and are aware of their obligations relating to personal data processing.
The contracts we sign with our suppliers include clauses requiring them to maintain the duty of secrecy regarding any personal data they have had access as a result of the order, and also to establish the technical and organizational security measures needed to guarantee the confidentiality, integrity, availability, and permanent resilience of their personal data processing systems and services.
All these security measures are reviewed periodically to ensure their suitability and effectiveness.
However, absolute security cannot be guaranteed, and no security system is impenetrable. Therefore, should any information we process and control be compromised as a result of a breach of security, we will take appropriate measures to investigate the incident, notify the supervisory authority and, if applicable, users that may have been affected so they can take remedial action.
What is your responsibility as the data subject?
When you provide us with your personal data, you guarantee you are older than 14 and that the data provided are true, accurate, complete, and up to date.
For these purposes, the data subject is responsible for the accuracy of the data and must keep them appropriately updated so that they match your current situation. You are liable for any false and inaccurate data you may provide, and for any direct or indirect damages that may arise.
If you provide the data of third parties, you assume the responsibility of informing them in advance of all the provisions in article 14 of the General Data Protection Regulation in the conditions established therein.
What is a cookie?
A cookie is a file that downloads onto your computer when you access certain websites. Besides other details, cookies enable a website to store and retrieve information on users’ browsing habits or devices and, depending on the information they contain and how you use your device, they can be used to recognize you.
Nevertheless, they only obtain information related to the number of pages you visit, the city the IP address you use for access is assigned to, the number of new users, visit frequency and recurrence, the time of visit, the browser or the operator or type of terminal you visited from. No data are obtained on the name, surname, postal address, or other similar data of the user that has connected.
¿What types of cookies are there?
Technical cookies are cookies that enable users to browse the website, platform, or app and use its available options or services, including managing and operating the website and enabling its functions and services, for example, identifying a session, accessing restricted areas, remembering parts of an order, completing the purchase process of an order, managing the payment, etc. The website does not work properly without these cookies, so they are considered necessary.
Preference or personalization cookies enable websites to remember information that changes how the website behaves or its appearance so that users access the service with certain features that can differentiate their experience from other users’, for example, language, the number of results to display when the user performs a search, or the region where the user is located. If users choose these features themselves, by checking the language flag, for example, the service is considered expressly requested as long as the cookies exclusively stick to the selected purpose of personalization.
Analytical or measurement cookies are for understanding how visitors interact with the webpages and perform a statistical analysis of how they use the services provided. The information collected is used to measure activity on websites or apps with the aim of introducing improvements in the products and services offered.
Marketing or behavioral advertising cookies store information on users’ behavior, obtained from constant observation of their browsing habits, to produce a specific profile to show individual users advertising they find relevant and attractive, which is, therefore, more valuable for third-party advertisers.
Cookies can also be own or third-party cookies. Own cookies are ones sent to the user's terminal from a computer or domain, managed by a web editor, providing the service the user requests. Third-party cookies are ones sent to the user's terminal from a computer or domain not managed by the web editor but by another entity that processes the data obtained using cookies.
Cookies can be session or persistent cookies. The former are cookies designed to collect and store data only while the user is accessing a website. Persistent cookies are a type that stores data on the terminal so they can be accessed and processed for as long as the cookie manager determines, which can be a few minutes to several years.
Who is responsible for processing the cookies on this website?
The website owner, responsible for the processing of the cookies used here, and their contact details are accessible in this website’s Legal Notice. There may be third-party cookies that differ from the website owner’s, as explained below.
Which cookies does this website use and why?
This website uses the following third-party cookies:
- Analytical cookies, advertising cookies, personalization cookies and cookies for social media.
- For analytical cookies, Google Analytics, owned by Google. (https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage).
- For advertising cookies, Double Click, owned by Google. (https://support.google.com/adsense/answer/2839090?hl=es).
- For social media cookies:
- Google+ Platform, owned by Google (https://developers.google.com/+/web/buttons-policy?hl=es).
- Facebook Social Plugins, owned by Facebook (https://es-es.facebook.com/help/340599879348142/).