|Basic Information on Data Protection|
|Person responsible for processing||EUGENIO GABARRÓ SL|
|Purposes of processing||Management of orders and deliveries of our products.
Informative web page.
Management of inquiries through web page forms.
Management of Web users.
Commercial communications related to our services.
|Legal Bases For Processing||Express consent of the data subject.
Execution of a contract or implementation of pre-contractual measures.
Legitimate interest for data processing.
Fulfillment of legal obligations.
|Data retention||The data will be kept for the time strictly necessary to fulfill the collected purposes; as long as the interested party does not revoke his consent, as well as for the fulfillment of legal obligations.|
|Target Group||Personal data collected through the website will not be transferred to third parties. Without prejudice to those third parties that provide services to EUGENIO GABARRÓ SL in order to manage the provision of services, contractual and / or pre-contractual relationship with stakeholders or process requests made by them.|
|Rights of the Interested Parties||Access, rectification, opposition, deletion (‘right to be forgotten’), limitation of treatment, portability and not being the subject of automated decisions.|
|Websites||Main web page: https://leatherhug.com/.
Profiles in social networks.
|Further Information||Additional and detailed information on Data Protection can be found in the attached clauses below:|
Additional information on data protection
In accordance with the provisions of Articles 13 and 14 of REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as “GDPR“), and the Data Protection Act 2018, on the Protection of Personal Data and the Guarantee of Digital Rights (hereinafter, “DPA 2018“), which regulates the right to information in the collection of data, we inform you of the following points:
Who is responsible for processing your personal data?
The personal data that you have provided us through the website and in any other communications with you will be subject to the Register of Processing Activities under the responsibility of EUGENIO GABARRÓ SL with postal address at en C/ Gran Bretanya, 4 – 08700– Igualada (Spain) and email firstname.lastname@example.org.
What is your presence in social networks?
EUGENIO GABARRÓ SL, has the following profiles in the main social networks of the Internet: Twitter, LinkedIn and Facebook.
EUGENIO GABARRÓ SL acknowledges that it is responsible for processing the data of its users, followers, or persons who make comments through them. Likewise, EUGENIO GABARRÓ SL is exonerated from any type of responsibility derived from comments made by users and followers on its social networks. EUGENIO GABARRÓ SL may use the profiles described above to inform its users of topics it considers of interest.
How is a visit to the website managed?
The visit to the website by the user must be done in a responsible manner and in accordance with current legislation and good faith. The website provides a wide range of information, services and data. The user assumes responsibility for the correct use of the website.
The use of any of the contents of the website for purposes that are or may be unlawful is strictly prohibited, as well as the performance of any action that causes or may cause damage or alterations of any kind not consented by EUGENIO GABARRÓ SL, to the website or its contents.
The company reserves the right to make unannounced changes it deems appropriate in its website, may change, delete or add content and services provided through the same as the way in which they are presented or located on their servers.
Depending on the purposes we will need to treat some data or others, which in general will be, depending on the case, the following:
- The website is completely informative about the services of EUGENIO GABARRÓ SL.
- EUGENIO GABARRÓ SL offers users the possibility of contacting us through contact forms provided for this purpose. The collection and automated processing of data that is done through the COMPANY NAME form is collected in order to manage your request.
The website is fully informative about the services offered by EUGENIO GABARRÓ SL. The data may be processed to respond to requests for information about these services.
The collection and automated processing of data that is done through the form on the website to request to contact us.
What personal data do we collect?
The personal data that the user may provide:
- Identification data: Name and surname
- Contact details: Telephone number and e-mail address.
- Username and password.
- IP address, date and time of access to the services.
- Data about the access device.
- Any other information or data you choose to share with us.
Personal data obtained through any of the channels of the website will be part of the Register of Activities and Processing Operations (RAT) owned by EUGENIO GABARRÓ SL. This will be updated periodically in accordance with the provisions of the RGPD; EUGENIO GABARRÓ SL has taken all appropriate security measures in this regard.
The user is informed of the possibility of withdrawing their consent in the event that it has been granted for any specific purpose, without affecting the lawfulness of the preceding processing based on the consent prior to its withdrawal.
What is the legitimacy for the processing of your data?
The processing of your data may be based on the following legal bases:
- Express consent by users in the completion of forms for sending commercial communications and information tailored to the user’s profile.
- Application of pre-contractual measures for the execution of sales contracts.
- Application of contractual measures for the provision of services agreed between EUGENIO GABARRÓ SL and its customers.
- Legitimate interest in relation to the following purposes:
Profiling through navigation on the website by a customer or registered user on the Web, as well as all those users who have provided us with data for any other purpose.
Profiling for sending information about promotions, latest news and personalized information tailored to the user profile.
The legitimate interest of EUGENIO GABARRÓ SL is to ensure that our website remains secure, as well as to help us understand the needs, expectations and level of satisfaction of users and, therefore, improve our services and products. All actions are taken in order to improve the level of user satisfaction and to ensure a unique browsing and eventual contracting experience.
- Fulfillment of legal obligations for fraud prevention, collaboration with Public Authorities and/or eventual third party claims.
How long do we keep your data?
The processing of data for the purposes described will be kept for the time necessary to fulfill the purpose of collection, as well as to comply with legal obligations arising from the processing of data. Notwithstanding that the conservation is necessary for the formulation, exercise or defense of potential claims, provided that it is permitted by applicable law.
The data relating to invoices will be kept for six years from the last entry made in the books, in accordance with the provisions of Article 30 of the Royal Decree of August 22, 1885, which publishes the Commercial Code. For tax purposes, the accounting books and other records where user data may be contained shall be kept for 4 years in accordance with Articles 66 to 70 of Law 58/2003, of December 17, 2003, General Tax Law.
EUGENIO GABARRÓ SL, undertakes to cease the processing of personal data when the retention period has expired, as well as duly block them in our databases.
Which 3rd party recipients is your data communicated to?
In some cases, only when necessary, EUGENIO GABARRÓ SL will provide user data to third parties. However, data will never be sold to third parties. External service providers (e.g. payment providers or delivery companies) with which EUGENIO GABARRÓ SL works may use the data to provide the corresponding services; however, they will not use such information for their own purposes or for transfer to third parties.
EUGENIO GABARRÓ SL tries to ensure the security of personal data when it is sent outside the company and ensures that third party service providers respect confidentiality and have appropriate measures to protect personal data. These third parties have an obligation to ensure that the information is handled in accordance with data privacy regulations.
In some cases, personal data may be required by law to be disclosed to public bodies or other parties, only what is strictly necessary for the fulfillment of such legal obligations will be disclosed.
Personal data obtained may also be shared with other group companies.
Where is your data stored?
In general, data is stored within the EU. For data sent to third parties outside the EU, we will ensure that they offer a sufficient level of protection, either because they have Binding Corporate Rules (BCR).
What rights do you have and how can you exercise them?
You can address your communications and exercise your rights by sending written communication to the following e-mail address: email@example.com.
By virtue of what is established in the regulations on data protection you can request:
- Right of access: you can ask for information about the personal data we have about you.
- Right of rectification: you can communicate any change in your personal data.
- Right to delete and forget: you can request the deletion of your personal data after they have been blocked.
- Right to limit processing: this involves restricting the processing of personal data.
- Right to oppose: you may withdraw your consent to the processing of your data by opposing future processing.
- Right to portability: in some cases, you can request a copy of the personal data in a structured, commonly used, machine-readable format for transmission to another service.
- Right not to be subject to individual decisions: you can request that decisions not be taken on the basis of automated processing alone, including profiling, which produces legal effects or significantly affects the data subject.
In some cases, the request may be refused if you ask for the deletion of data necessary for the fulfilment of legal obligations. Also, if you have a complaint about the processing of your data, you can make a complaint to the competent data protection authority.
Who is responsible for the accuracy and veracity of the data provided?
The user is solely responsible for the accuracy and correctness of the data included, exonerating EUGENIO GABARRÓ SL of any responsibility in this regard. Users guarantee and respond, in any case, the accuracy, validity and authenticity of the personal data provided, and undertake to keep them updated. The user agrees to provide complete and correct information in the registration or subscription form. EUGENIO GABARRÓ SL reserves the right to terminate the contracted services that had been concluded with users, if the information provided is false, incomplete, inaccurate or not updated.
EUGENIO GABARRÓ SL is not responsible for the veracity of the information that is not of its own elaboration and of which another source is indicated, so it does not assume any responsibility for hypothetical damages that may arise from the use of such information.
EUGENIO GABARRÓ SL reserves the right to update, modify or delete information contained in its Web pages may even limit or deny access to such information. EUGENIO GABARRÓ SL is exonerated from liability for any loss or damage that the user may suffer as a result of errors, defects or omissions in the information provided by EUGENIO GABARRÓ SL whenever it comes from outside sources.
Also, the user certifies that he/she is over 14 years old and has the necessary legal capacity to provide consent for the processing of personal data.
How do we handle personal data of minors?
In principle, our services are not specifically addressed to minors. However, in the event that any of them are directed to minors under fourteen years of age, in accordance with Article 8 of the RGPD and Article 7 of the LO3/2018, of December 5 (LOPDGDD), EUGENIO GABARRÓ SL will require the valid, free, unequivocal, specific and informed consent of their legal guardians to treat the personal data of minors. In this case, the
ID card or other form of identification of the person giving consent will be required.
In the case of persons over fourteen years of age, data may be processed with the consent of the user, except in those cases in which the law requires the assistance of the holders of parental authority or guardianship.
What security measures do we apply to protect your personal data?
EUGENIO GABARRÓ SL has adopted the security levels of protection of Personal Data legally required, and tries to install those other additional technical means and measures at its disposal to prevent the loss, misuse, alteration, unauthorized access and theft of Personal Data provided to EUGENIO GABARRÓ SL.
EUGENIO GABARRÓ SL is not responsible for hypothetical damages that may arise from interferences, omissions, interruptions, computer viruses, telephone breakdowns or disconnections in the operation of this electronic system, caused by reasons beyond EUGENIO GABARRÓ SL control; delays or blockages in the use of this electronic system caused by deficiencies or overloads of telephone lines or overloads in the Data Processing Center, in the Internet system or in other electronic systems, as well as damages that may be caused by third parties through illegitimate intromissions beyond the control of EUGENIO GABARRÓ SL. However, the user must be aware that Internet security measures are not impregnable.
Links to other Web sites
Internal security policy
Security breaches can be caused by employees, third parties or computer errors. Therefore, we are legally obliged to notify data subjects if their personal data has been seriously affected within a maximum of 72 hours. In addition, users will be notified as soon as the security breach is resolved. Furthermore, the supervisory authority (ICO) will be contacted if the breach is significant and requires notification.