Privacy Policy
Following the principles of legality, loyalty and transparency, the Responsible Party makes available this privacy policy (hereinafter, the “Privacy Policy“) which aims to inform, clearly and accurately, users (hereinafter, the “Users“) of the website hosted under the domain name iliatopuriastore.com and under any of the subdomains thereof (the “Website“), about the processing of personal data collected by Topuria Sports S.L. through the aforementioned Website.
This Privacy Policy may be modified at any time for legal or regulatory reasons, for technical reasons or due to changes in the provision of the services of the Website. When this occurs and in order to notify you, we will publish it on the Web Site itself and/or inform you via your e-mail address. If you continue to use the services of the Web Site, we will understand that you have accepted the modifications introduced.
Who is responsible for the processing of your personal data?
Responsible | Topuria Sports, S.L. (hereinafter, the “Responsible“) |
VAT ID |
B67629303
|
Registered office |
Plaza de la Lealtad, Nº3. 28014, Madrid.
|
[email protected] |
What categories of data do we collect and process?
The Data Controller will process the data you provide to us, which may be data of the following categories:
- Identification data, for example, name, surname, ID number.
- Contact details, e.g. e-mail, telephone number.
- Economic-financial data, e.g. payment or card data, bank account.
For what purposes do we process your data and what legal basis do we use?
- To provide the services contracted by the User through the Web Site:
In the event that the User provides personal data so that the Responsible Party can provide the services indicated on the Website, the Responsible Party will process said data so that it can provide its services and carry out the execution of the contract between the Responsible Party and the Users who have contracted the services of the Responsible Party. In the event that the User does not provide any of these data, the Responsible will not be able to provide any of its services.
- To answer your queries, send you the requested information and/or resolve any doubts or questions you may have:
In the event that the User has provided us with their data to make a request or query, the Responsible will process such data in order to be able to respond to them, and provide them with solutions that meet their needs. The Responsible undertakes to process the data obtained and provided by the interested party as long as they are necessary for the purpose described.
The Controller considers that it has a legitimate interest in carrying out such data processing insofar as it enables it to improve its services and the User experience.
- For marketing and communication purposes:
On the other hand, only in those cases in which the interested party has given us prior and express consent, the Data Controller will process their data in order to send personalized information about our products or services, sending newsletters and magazines through various means (both by ordinary and electronic means).
Whenever this processing is carried out by electronic means, it will be legitimized in the satisfaction of legitimate interests of the Controller, under the provisions of Article 21 of Law 34/2002, of July 11, 2002, on information society services and electronic commerce (“LSSI”), as well as the European Regulation on Electronic Commercial Communications.
In accordance with the provisions of the LSSI, in the event that the user wishes to stop receiving commercial or promotional communications from the Responsible, you can request cancellation of the service by sending an email to the following email address: [email protected], or through the link provided for this purpose in the communications themselves.
How long will we keep the data?
Your data will be kept for the minimum time necessary to satisfy the purpose for which it was provided, as well as to meet the responsibilities that may arise from the data provided and any other legal requirement.
In this sense, the personal data will be kept once the relationship with you has ended, duly blocked, during the period of limitation of the actions that may arise from the relationship maintained with the interested party.
Once blocked, your data will be inaccessible to the Data Controller, and will not be processed by the latter, except to make them available to the Public Administrations, Judges and Courts, for the attention of possible liabilities arising from the processing, as well as for the exercise and defense of claims before the Spanish Data Protection Agency (“AEPD”).
Finally, and provided that you have not withdrawn your consent for this purpose, the Data Controller will keep your data in order to keep you updated on products, events and services that may be of interest to you.
To which recipients will we communicate your data?
Personal data collected through the Website will not be transferred to any third party to be used for their own purposes other than those for which the User has consented to its processing.
However, the personal data of the Users may be accessed by the authorized personnel of the Responsible and other third parties or collaborators that provide services on behalf of the Responsible, for the purpose of managing the provision of services, the contractual and/or pre-contractual relationship with the Users. In those cases in which access is allowed to other collaborating companies, such access to data on behalf of third parties will be regulated in the corresponding contract, as required by current regulations.
The Controller, for the processing of personal data, may use the services of processors and sub-processors who may host some of your data outside the European Union and the European Economic Area. This may involve an international transfer of data to countries that the European Union considers not yet to have an adequate level of data protection. For example, their laws may not guarantee you the same rights, or there may not be a data protection supervisory authority capable of dealing with your complaints.
Notwithstanding the foregoing, the Controller ensures that, in the event that data is shared outside the European Economic Area, the resulting international transfers are subject to any appropriate safeguards described in the applicable regulations such as the signing of standard data protection clauses.
The Controller may also disclose the personal data collected in the specific cases in which such transfer is established and required by the applicable regulations; or when so required by the competent authorities.
What security measures have we taken to ensure the security of your data?
In order to safeguard the security of your personal data, we inform you that the Responsible has adopted all the necessary technical and organizational measures to ensure the security of the personal data provided. All this to avoid its alteration, loss, and/or unauthorized treatment or access, as required by law, although absolute security does not exist.
Likewise, the Data Controller informs you that all our staff, regardless of the processing phase in which it is involved, has undertaken to treat your data with the utmost care and confidentiality.
However, the User should bear in mind that Internet security measures, due to their nature and global character, are not impregnable.
What are your rights when you provide us with your data?
Any person has the right to obtain confirmation as to whether or not we process personal data concerning him or her.
The data protection rights held by data subjects are:
- Right to request access to personal data relating to the data subject.
- Right of rectification or suppression.
- Right of opposition.
- The right to request the limitation of their treatment.
- Right to data portability.
Interested parties may exercise their personal data protection rights by sending a written communication to the registered office of the Data Controller or to the e-mail address provided for this purpose, [email protected].
In addition, we inform you that you have the corresponding models, forms and more information about your rights on the website of the national supervisory authority of the AEPD, www.agpd.es.
Duty of secrecy
The Responsible undertakes to keep secret the data and information provided and to instruct all its personnel or collaborators to follow the instructions of the Responsible with respect to the processing of this personal data and any other information or circumstances to which he/she may become aware or to which he/she may have had access in the exercise of the functions entrusted to them.
Obligation of the interested party
The User guarantees that the data provided are true, accurate, complete and updated, being responsible for any damage or harm, direct or indirect, that could be caused as a result of the breach of such obligation. In the event that the data provided belong to a third party, the user guarantees that he/she has informed said third party of the aspects contained in this document and obtained his/her authorization to provide his/her data to the Responsible for the purposes indicated.
Can I withdraw consent?
You have the possibility and the right to withdraw your consent for any specific purpose granted at the time, without affecting the lawfulness of the processing based on the consent prior to its withdrawal.
To do so, you only have to notify us by sending an e-mail to [email protected] or by ordinary mail to the person in charge.
Where can I complain if I feel that my data is not being treated correctly?
If you consider that your data are not treated correctly by the Responsible, you can send your complaints to [email protected] or to the competent supervisory authority is the Spanish Data Protection Agency.
- Postal Address: c/ Jorge Juan, 6, Madrid, 28001.
- Website: www.agpd.es
- Telephone: 912 66 35 17