YOUR DATA IS SECURE

Information in compliance with personal data protection regulations

In Europe and Spain, there are data protection regulations in place designed to safeguard your personal information, which our entity is obligated to comply with.

Therefore, it is very important for us that you fully understand what we will do with the personal data we ask for.

This way, we will be transparent and give you control over your data, using plain language and clear options that will allow you to decide what we will do with your personal information.

Please, if you have any questions after reading this information, don’t hesitate to ask us.

Thank you very much for your cooperation.

«We are at your disposal, do not hesitate to contact us.»

In general, your personal data will be used to engage with you and provide our services, including e-commerce, which involves the purchase and sale of products or services through electronic means.

Likewise, they can also be used for other activities, such as sending you advertisements or promoting our activities.

Your personal data is necessary for us to engage with you and provide our services, including e-commerce services. In this regard, we will provide you with a series of checkboxes that will allow you to decide clearly and simply about the use of your personal information.

All the information we request will be used to contribute to the proper development of the buyer-seller relationship of products that connects us with you. Data such as addresses or phone numbers, which may not seem directly related to e-commerce activity, will be used solely to ensure that you can enjoy the products purchased through this website.

The information you provide should be accurate to ensure the coherent and effective provision of e-commerce services. Additionally, it would be helpful if you keep the provided information up to date at all times to prevent future errors or confusion that could disrupt the proper delivery of services.

As a general rule, only authorized personnel of our organization will have access to the information we request from you.

Similarly, those entities that require access to your personal information to enable us to provide our services may also be informed of your personal information. For example, our bank will have knowledge of your data if payment for our services is made through credit card or bank transfer.

It’s important for you to be aware that your information will be shared with third-party entities engaged in goods transportation or courier services. However, only the necessary data will be provided to ensure you can receive the products purchased through this website.

Likewise, those public or private entities to which we are obligated to provide your personal data in compliance with the law will also have access to your information. For instance, to provide an example, the Tax Law requires us to provide the Tax Agency with specific information about financial transactions that exceed a certain amount.

In cases other than those mentioned, if we need to disclose your personal information to other entities, we will seek your prior permission through clear options that allow you to decide in this regard.

We will protect your data with effective security measures based on the risks associated with the use of your information.

To achieve this, our organization has adopted a Data Protection Policy, and annual controls and audits are conducted to verify that your personal data is secure at all times.

However, you must maintain the utmost confidentiality regarding your access credentials, taking all necessary measures to prevent them from being used by unauthorized third parties.

In the world, there are countries that are safe for your data and others that are not as safe. For instance, the European Union is a secure environment for your data. Our policy is not to transmit your personal information to any country that is not safe in terms of data protection.

In the event that, in order to provide you with the service, it is essential to send your data to a country that is not as secure as Spain, we will always request your prior permission and implement effective security measures to reduce the risks of transmitting your personal information to another country.

We will retain your data during our relationship and as long as required by laws. Once the applicable legal periods have ended, we will proceed to securely and environmentally responsibly delete them.

At any time, you can contact us to know what information we have about you, correct it if it’s incorrect, and have it deleted once our relationship concludes, if legally possible.

You also have the right to request the transfer of your information to another entity. This right is called «data portability» and can be useful in certain situations.

To request any of these rights, you should submit a written request to our address, along with a photocopy of your ID card for identification purposes.

In our company’s offices, we have specific forms available to request these rights, and we are ready to assist you in completing them.

To learn more about your data protection rights, you can visit the website of the Spanish Data Protection Agency (www.aepd.es).

You can withdraw your consent if you change your mind about the use of your data at any time.

For example, if you were previously interested in receiving advertising about our products or services but no longer wish to receive such communications, you can indicate your preference through the objection form available at our company’s offices.

If you believe that your rights have been disregarded by our organization, you can file a complaint with the Spanish Data Protection Agency using one of the following methods:

Spanish Data Protection Agency
Address: C/ Jorge Juan, 6, 28001 Madrid

Phone number: 901 100 099

Phone number: +34 91 266 35 17

Filing a complaint with the Spanish Data Protection Agency does not incur any cost, and the assistance of a lawyer or legal representative is not required.

Our policy is not to create profiles of users of our services.

However, there may be situations where, for service provision, commercial, or other purposes, we need to create profiles of information about you. An example could be the use of your purchase or service history to offer you products or services tailored to your preferences or needs.

In such a case, we will implement effective security measures to protect your information at all times from unauthorized individuals attempting to use it for their own benefit.

Our policy is not to use your data for purposes other than those we have explained. However, if we ever need to use your data for different activities, we will always seek your prior permission through clear options that allow you to decide.

Commitment to Personal Data Protection

OUR COMMITMENT TO PERSONAL DATA PROTECTION: «INFORMED INDIVIDUALS AND PROTECTED DATA»

The Management / Governing Body of EVENHORSE, S.L. (hereinafter referred to as the data controller) assumes the highest responsibility and commitment for the establishment, implementation, and maintenance of this Data Protection Policy, ensuring the continuous improvement of the data controller with the aim of achieving excellence in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119/1, 04-05-2016), as well as the Spanish regulations on the protection of personal data (Organic Law, specific sectoral legislation, and their implementing regulations).

The Data Protection Policy of EVENHORSE, S.L. is built upon the principle of proactive responsibility, by which the data controller is accountable for complying with the regulatory and jurisprudential framework that governs this Policy, and is capable of demonstrating such compliance to the relevant supervisory authorities.

In this regard, the data controller will be guided by the following principles, which should serve as a guide and framework for all its personnel in the processing of personal data:

  1. Data Protection by Design: The data controller will implement appropriate technical and organizational measures to ensure that, by default, only personal data necessary for each specific purpose of processing is processed.
  2. Data Protection by Design: The data controller will implement appropriate technical and organizational measures to ensure that, by default, only personal data necessary for each specific purpose of processing is processed.
  3. Data Protection Throughout the Information Lifecycle: Measures ensuring the protection of personal data will be applicable throughout the entire lifecycle of the information.
  4. Lawfulness, Fairness, and Transparency: Personal data will be processed in a lawful, fair, and transparent manner in relation to the data subject.
  5. Purpose Limitation: Personal data will be collected for specific, explicit, and legitimate purposes and will not be further processed in a manner incompatible with those purposes.
  6. Data Minimization: Personal data will be adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed.
  7. Accuracy: Personal data will be accurate and, if necessary, updated; all reasonable measures will be taken to promptly delete or rectify personal data that is inaccurate with respect to the purposes for which it is processed.
  8. Limitation of Retention Period: Personal data will be kept in a way that allows the identification of individuals for no longer than necessary for the purposes of processing personal data.
  9. Integrity and Confidentiality: Personal data will be processed in a manner that ensures proper security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, through the implementation of appropriate technical or organizational measures.
  10. Information and Training: One of the key aspects to ensure the protection of personal data is the training and information provided to the personnel involved in their processing. Throughout the lifecycle of information, all personnel with access to the data will receive appropriate training and information about their obligations regarding compliance with data protection regulations.

The Data Protection Policy of EVENHORSE, S.L. is communicated to all personnel of the data controller and made available to all stakeholders.

As a result, this Data Protection Policy involves all personnel of the data controller, who must be familiar with it and embrace it as their own, with each member being responsible for its implementation and for ensuring compliance with data protection rules applicable to their activities. Additionally, they are encouraged to identify and contribute any improvement opportunities they deem suitable to achieve excellence in compliance.

This Policy will be reviewed by the Management / Governing Body of EVENHORSE, S.L. as many times as deemed necessary, to ensure compliance at all times with the current provisions regarding the protection of personal data.