0
  • No products in the cart.
Total:0,00

Privacy Policy

PRIVACY POLICY AND DATA PROTECTION


1. DETAILS OF THE DATA CONTROLLER
Company Name: INTERNACIONAL PELUCAS CABELLO R, S.L. (hereinafter, the “Company” or the “Responsible”).
VAT NO: B81719460
Address: C/ MAGDALENA, MADRID36,28012,
Telephone: 913692423
Email for data protection communications: info@cabellor.com

1.1. Applicable regulations

Our Privacy Policy has been designed in accordance with the EU General Data Protection Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), and Organic Law 3/2018 of 5 December, on the Protection of Personal Data and Guarantee of Digital Rights. By providing us with your data, you declare that you have read and understood this Privacy Policy, giving your unequivocal and express consent to the processing of your personal data in accordance with the purposes and terms expressed herein.

The Company may modify this Privacy Policy in order to adapt it to new legislation, case law or the interpretation of the Spanish Data Protection Agency. These privacy conditions may be complemented by the Legal Notice, Cookies Policy and the General Conditions that, where appropriate, are collected for certain products or services, if such access involves any speciality in terms of personal data protection.

 

2.- PRINCIPLES UNDER THE EUROPEAN DATA PROTECTION REGULATION
We undertake to process the personal data (hereinafter the “data”) provided in accordance with the following principles set out in the General Data Protection Regulation (GDPR):

  • Lawfulness: We will only collect your Personal Data for specified, explicit and legitimat e purposes, and we will not process your Personal Data in a way that is incompatible with those purposes.
  • Lawfulness: in accordance with Article 6 of the General Data Protection Regulation your personal data will be processed provided that you expressly consent to the processing of such data as a form of externalisation of your free and informed will and consent. Your personal data may be necessary for the performance of a contract, agreement or service to which the data subject is a party, for compliance with legal obligations, for the protection of the vital interests of the data subject and another natural person, for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller. of the processing or which meets the legitimate interests pursued by the controller where these do not violate the fundamental rights and freedoms of the data subject or the protection of the data subject’s personal data.
  • Loyalty and transparency: in accordance with Article 5 of the General Data Protection Regulation as a manifestation of transparency, as evidenced by the fact that the data subject is informed of the existence of the processing operation and its purposes.
  • Data minimisation: we limit the collection of personal data to what is strictly relevant and necessary for the purposes for which it was collected.
  • Purpose limitation: we will only collect your personal data for specified, explicit and legitimate purposes, which we keep in the form of processing.
  • Accuracy: We will keep your personal data accurate and up to date.
  • Data Security: we apply the appropriate technical and organisational measures to guarantee the appropriate level of security in accordance with the risks and nature of the data in order to prevent them from being disclosed or accessed by unauthorised personnel, or from any loss or alteration. In short, any form of unlawful processing.
  • Any person who, having given their consent for the collection of data, wishes to request any processing management, is recognised and may exercise: the right of access, rectification, opposition, deletion, limitation of processing, portability and the right not to be subject to individualised decisions. The exercise of this right shall be free of charge and said request shall be corrected within a period of one month, which may be extended for a further two months, depending on exceptional circumstances such as, for example, the number of requests, complexity, or others of a similar nature.
  • Principle of limitation of the retention period: the data will be kept for the time necessary and for the purposes of processing without undue delay, during which time the users’ and clients’ own data will be made available to them upon request.


3. PURPOSE OF THE PROCESSING OF PERSONAL DATA
We process your personal data for the following purposes:

– To provide you with information related to services offered by our company and detailed on this website.

-To process your order in accordance with the Terms and Conditions of the Site, which you must always accept before completing any such order.

3.1. Retention period of your data
We will retain your personal data from the time you give us your consent until you revoke it or request the restriction of processing. In such cases, we will keep your data blocked for the legally required periods.


4. LEGITIMACY AND DATA COLLECTED
The legitimacy for the processing of your data is the express consent given by a positive and affirmative act (filling in the corresponding form and ticking the acceptance box of this policy) at the time of providing us with your personal data.

4.1. Consent to process your data
By filling in the forms, ticking the box “I accept the Privacy Policy” and clicking to send the data, or by sending e- mails to the Company through the accounts provided for this purpose, the User declares that they have read and expressly accepted this privacy policy, and gives their unequivocal and express consent to the processing of their personal data in accordance with the purposes indicated.

4.2. Data categories
The data collected refers to the category of identifying data, such as: Name and Surname, Telephone, Postal Address, E-mail, as well as the IP address from which you access the data collection form.


5. SECURITY MEASURES
As part of our commitment to guarantee the security and confidentiality of your personal data, we inform you that we have adopted the necessary technical and organisational measures to guarantee the security of your personal data and prevent its alteration, loss, unauthorised processing or access, taking into account the state of the technology, the nature of the data stored and the risks to which they are exposed, in accordance with Art. 32 of the RGPD EU 679/2016.

 

6. TRANSFER OF DATA
No data transfers or international transfers of the data collected through this website are foreseen, with the exception of those authorised by tax, commercial and telecommunications legislation and in those cases in which a judicial authority requires us to do so.

 

7. USER RIGHTS
Any data subject has the right to obtain confirmation as to whether or not we are processing personal data concerning him or her. Data subjects have the right to access their personal data, as well as the right to request the rectification of inaccurate data or, where appropriate, to request its deletion when, among other reasons, the data is no longer necessary for the purposes for which it was collected. In certain circumstances, data subjects may request that we restrict the processing of their data, in which case we will only retain the data for the purpose of exercising or defending claims. For reasons relating to their particular situation, data subjects may object to the processing of their data. The Data Controller will stop processing the data, except for compelling legitimate reasons, or the exercise or defence of possible claims.

We also remind you that, if you are a customer, you may revoke your consent or object to the sending of commercial communications by any means and at any time, by sending an e- mail to the address info@cabellor.com.

If you consider that your request has not been dealt with correctly or that your data is not being processed appropriately, you may address your complaints to the Spanish Data Protection Agency , the supervisory body for this matter in Spain. Below, we provide you with further information on the aforementioned rights, with direct access to their exercise using the links of the Spanish Data Protection Agency:

A)-RIGHT OF ACCESS

Article 15 of the General Data Protection Regulation recognises the right of the data subject to know whether or not his or her personal data are being processed and the purposes of the processing, the categories of data, the recipients, the origin of the data, the storage period and the criteria for determining the storage period. Thus, the data controller shall provide a copy of the personal data
undergoing processing in electronic form upon request.

They may also request the data controller: rectification, erasure or limitation of data and processing. In order to make it easier for the user to exercise this right, we provide you with the form to be filled in for your request via the following link: https://www.aepd.es/media/formularios/formulario-derecho-de-acceso.pdf

B)-RIGHT OF RECTIFICATION AND ERASURE
Articles 16 and 17 of the General Data Protection Regulation provide for the rectification and deletion of personal data, whereby the customer or user may request the rectification of their personal data on the grounds that it is inaccurate or that it is supplemented or deleted because it is no longer necessary for the purposes for which it was collected and processed.
In order to make it easier for the user to exercise this right, we provide the following link to the form to be filled in for your request: https://www.aepd.es/media/formularios/formulario-derecho-de-rectificacion.pdf https://www.aepd.es/media/formularios/formulario-derecho-de-supresion.pdf

C)- RIGHT TO RESTRICTION OF PROCESSING
The data subject shall have the right to obtain from the controller the restriction of the processing of the data insofar as he or she contests the accuracy of the personal data. That is to say, the data may only be processed, with the exception of their retention, with the consent of the data subject, for the purposes of the exercise or defence of claims, the protection of the rights of another natural or legal person or for reasons of public interest of the Union or of a specific Member State. Furthermore, the data subject shall be informed by the controller prior to the lifting of such restriction.
In order to make it easier for the user to exercise this right, we provide you with the form to be filled in for your request via the following link: https://www.aepd.es/media/formularios/formulario-derecho-de-limitacion.pdf

(D) -RIGHT TO DATA PORTABILITY
Article 20 of the General Data Protection Regulation recognises the right of the data subject to receive personal data relating to him or her, i.e. transmitted directly from controller to controller where technically feasible, in a structured, commonly used and machine-readable form without being prevented from doing so by the controller to whom he or she has provided it, where consent has been expressly externalised or by contract.

In order to make it easier for the user to exercise this right, we provide you with the form to be filled in for your request via the following link: https://www.aepd.es/media/formularios/formulario-derecho-de-acceso.pdf

 

8. CONFIDENTIALITY
The personal data that may be collected will be treated with absolute confidentiality, and the Company undertakes to keep them secret and to guarantee the duty to store them by adopting all necessary measures to prevent their alteration, loss and unauthorised processing or access, in accordance with the provisions of the applicable legislation.

To this end, the Controller guarantees that it will keep the corresponding confidentiality commitments signed with any person involved in any phase of the processing of the personal data collected.