INFORMATION FOR USERS
The company CAUCHOS KAREY S.A., assigned TIN A-03225794 (referred to hereinafter as Equilibrium Perfect Balance or the Data Controller), is in charge of processing the personal data about users.
The definition of the Data Controller can be found in the General Data Protection Regulation (EU) 2016/679 from the European parliament and council and it is as follows:
Data Controller or controller is the individual or legal entity, public authority or another organization that, alone or together with others, determines the why and the how for processing personal data.
The contact details are:
Address: Ctra. San Vicente – Agost, km. 8, 03698 Agost, Alicante (Spain).
Telephone number: (+34) 96 569 13 35
Email address: email@example.com
Purpose of processing the personal data
The main purpose of obtaining your personal data is to promote and improve the business relationship that, as a user and a customer, you expect of us.
The operations provided for to process your data are aimed at attaining the following objectives:
Send advertising messages via email, fax, SMS, MMS, social communities or any other electronic or physical medium, present or future, that makes it possible to send advertising and marketing messages.
These messages shall be sent by the Data Controller and they shall be related to its products and services or about its collaborators or suppliers that have reached some type of sales promotion agreement with it. In this case, the third parties shall never gain access to the personal data.
Carry out statistical studies.
Process orders, requests or any type of question that is asked by users through any of the contact forms that are made available for them.
Send the website newsletter.
Time that the personal data is stored
Your personal data, shall be kept for as long as it is deemed reasonably necessary, bearing in mind that it is required to answer questions that are asked or solve problems, activate services, make improvements or comply with the legally established requirements in force at all times. This means that your data might be kept even when you have stopped using the website services.
After this period, your personal data shall be deleted from all the website systems.
And the legally established requirements shall be complied with.
Legitimization to process the personal data
The legal basis to process your personal data is as follows:
Execution of the sales agreement:
All the data needed to be able to complete the purchase and sale of the products must be provided. Otherwise, this transaction cannot be carried out.
Users guarantee that the personal data provided is true and they shall be held responsible for informing the Data Controller about any changes made to this.
Compliance with legal obligations:
The Data Controller can use the personal data of users to comply with its legal obligations, which might be: Manage and issue the corresponding invoices, uphold and respond to their privacy rights, deal with enquiries, claims or complaints made through the customer service.
Forwarding on data to third parties
The Data Controller specifically guarantees users that their personal data shall not be passed on to third parties without there being due cause.
In some cases, we have to pass on the information that you provide us with to third parties to be able to provide the service requested, such as in the case of the courier service companies.
Moreover, there are companies that provide us with other types of services such as: information technology, legal services, auditing…
Your personal information shall be made available to the public authorities, Judges and Courts whenever it is required.
These third parties, shall only have access to the personal information required to carry out their duties, they are expected to keep it confidential and not use it for anything else other than what they were assigned to do by the company.
You can exercise your rights by sending a message stating your wishes through the following email address: firstname.lastname@example.org, these rights are as follows:
You are entitled to know whether your personal data is being processed or not and also who has access to it.
Right to rectification
You are entitled to ask to have your personal data corrected when it is incorrect and add to it when it is incomplete.
Right to erasure/right to be forgotten:
You can ask to have your personal data deleted, when, among other things:
It is no longer needed for the purposes that it was initially supplied for.
When it has been processed illegally.
When it is based on the consent given to the Data Controller, which is withdrawn, as long as this data processing is not based on another legitimate cause.
The processing of the personal data has been objected to while exercising the right to oppose.
Right to object:
You can object to the processing of your personal data on the basis of a public or legitimate interest on behalf of the Data Controller, including profiling. In this case, your data will no longer be processed, unless it is for compelling legitimate grounds that prevail over the interests, rights, freedoms of the interested party or to make or defend itself against any possible claims or complaints.
Right to restrict the processing of the personal data:
You are entitled to ask to restrict the processing of your personal data, in which case, it will only be kept to make or defend itself against any possible claims or complaints.
Right to transfer data:
You are entitled to receive personal data in a structured format, of common use and machine readable and pass it on to another Data Controller when the data processing is based on the consent or an agreement and it is done by automated means.
Right to make a complaint:
You are entitled to make a compliant at the Spanish Data Protection Agency or before the local competent Supervisory Authority.
Data supplied about third parties or by third parties.
We supply services for which it is necessary to process the personal data of third parties; which is supplied by users, for example, products sent by the user to third parties or as gifts.
If the user provides the personal data of third parties, they guarantee that they have informed this third party about the purpose of this and that their data is going to be processed. The company cannot be held responsible for the information provided by third parties, regardless of whether it exercises as many rights as it deems fit.
Protection of personal data
Pursuant to the provisions established in the existing regulations on the Protection of Personal Data, the Data Controller guarantees that this legislation is indeed complied with, which means that all the data supplied is processed in a legal, fair and transparent way with regard to the interested party and appropriately, relevantly and limited to what is really necessary to attain the objectives that it is processed for.
The company guarantees that the appropriate technical and organizational policies have been implemented to take the security measures established by law in order to protect the rights and freedoms of the users.
Moreover, it has informed users that their data is processed and also about the mechanisms available for them to exercise their rights.