Privacy Policy
In compliance with the provisions of the General Data Protection Regulation 2016/679 (GDPR) and the Organic Law 3/2018 on Data Protection and Guarantee of Digital Rights (LOPDGDD) of 5 December 2018, we inform you:
DATA CONTROLLER
Identity: SYLACORE, S.L. with NIF B22572374 hereinafter referred to as “the Owner”
Address: C/ Collbaix, no. 101; 08250; Sant Joan de Vilatorrada - Barcelona
Phone: +34 930 48 52 80
Contact by email: legal@sylacore.com
PURPOSE OF DATA PROCESSING
We inform you that the data you provide will be processed for the purpose of managing a single registration account for your use on the website, marketing our products, managing orders and purchases made through the website and their invoicing, which includes any incidents related to the order placed (order inquiries, returns, complaints...), attending to and responding to contact requests, information requests and/or inquiries received through the contact channels available on the website, as well as facilitating, streamlining and fulfilling the commitments established between the Owner and the user and maintaining the relationship that is established.
In accordance with the provisions of the GDPR, a record of processing activities is maintained that specifies, according to their purposes, the processing activities carried out and the other circumstances established in the GDPR.
Personal information will not be used for purposes other than those related to the contracted services or purchased products. No automated decisions will be made based on this profile.
LEGITIMACY FOR DATA PROCESSING
The legal basis for the processing carried out is based on:
- The consent granted by the User by accepting this Policy and the corresponding checkbox.
- The User has provided their personal data within the framework of a contractual or pre-contractual relationship for the attention to their request and/or inquiry, and therefore its processing is necessary for the maintenance of that relationship.
- The legal obligations applicable to the Owner that require the processing of personal data in accordance with the services provided or those related to tax matters.
PERSONAL DATA BEING PROCESSED AND SOURCE
Depending on the use the user makes of the website, the personal data we process includes: identifying data, contact data, browsing data, access or account data (if the user creates an account), economic and financial data (if a purchase is made on the website). This data has been provided by the User themselves when contacting the Owner, by completing the corresponding form(s) or other functionalities offered on the website.
The use of the contact sections, completion of forms and/or functionalities offered on the website is voluntary. However, completing certain fields of the form or providing them through the use of other functionalities is necessary to properly attend to and manage your request, so the User's refusal to provide the required information will prevent the Owner from attending to and managing it correctly.
The User guarantees that the data provided is truthful, accurate, and complete. Data will be cancelled, deleted, or blocked when it is found to be inaccurate, incomplete, or no longer necessary or relevant for its purpose in accordance with current legislation. If the personal data provided belongs to a third party, the User guarantees that they have informed them of the Privacy Policy and obtained their consent to provide their data for the aforementioned purposes. They also guarantee that the data provided is accurate and up to date, being responsible for any damage or harm, direct or indirect, that may arise as a result of non-compliance with this obligation. The User commits to and is responsible for the truthfulness and correctness of the data they provide, undertaking to keep it duly updated.
PROTECTION OF MINORS' DATA
According to the provisions of the GDPR and the LOPDGDD, only those over 14 years old can give their consent for the lawful processing of their personal data. In the case of those under 14 years old, parental or guardian consent will be a mandatory condition for processing their personal data.
LINKS AND SOCIAL MEDIA POLICY
The website may include links to third-party sites such as social networks where the Owner is present. The aforementioned third-party websites have not been reviewed nor are they subject to controls by the website or its owner. The Owner will not be responsible for the content freely published by the user. The user should be aware that their publications will be known to other users, making them primarily responsible for their privacy.
RETENTION PERIODS FOR PERSONAL DATA
The personal data provided by the User will be retained as long as they remain registered with the service, while the business relationship is maintained, as long as the User does not request its deletion, or for the legally established period. They may also be retained when necessary for compliance with a legal obligation or for the formulation, exercise, and defence of claims.
If the User withdraws their consent or exercises their rights of opposition or deletion, their data will be retained in a blocked state at the disposal of the Administration of Justice for the legally established periods to address any potential liabilities arising from the processing of personal data. In no case will this condition the provision of the service, and/or the execution of contracts with the Owner.
The withdrawal of consent will not affect the lawfulness of processing based on consent prior to its withdrawal.
SECRECY AND SECURITY OF PERSONAL DATA
The Owner undertakes to adopt the necessary technical and organisational measures, according to the level of security appropriate to the risk of the collected data, in such a way as to guarantee the security of personal data and to prevent the accidental or unlawful destruction, loss, or alteration of personal data transmitted, stored, or otherwise processed, or the unauthorised communication or access to such data.
Personal data will be treated as confidential by the Owner, who undertakes to inform and ensure through a legal or contractual obligation that this confidentiality is respected by their employees, associates, and any person to whom they make the information accessible.
TRANSFERS AND RECIPIENTS OF PERSONAL DATA
Your personal data will only be communicated in cases legally provided for the fulfilment of obligations directly enforceable against the Data Controller or when it is necessary to comply with the purposes of the processing indicated above.
Your data will also be communicated to the Data Controller's service providers, with whom the corresponding data processing contracts have been signed to ensure the security of personal data.
USER RIGHTS
What are your rights when you provide us with your data?
The User has the right to obtain confirmation as to whether or not we are processing personal data concerning them. The User has the right to access their personal data, as well as to request the rectification of inaccurate data or, where appropriate, to request its deletion when, among other reasons, the data is no longer necessary for the purposes for which it was collected. Under certain circumstances, the User may request the limitation of the processing of their data, in which case we will only retain it for the exercise or defence of claims. Under certain circumstances and for reasons related to their particular situation, the User may object to the processing of their data, in which case the data controller will cease processing the data, except for compelling legitimate grounds, or for the exercise or defence of possible claims. In those cases where it is legally applicable, they will have the right to data portability, which means they have the right to receive the personal data concerning them that we are processing and store it on their own device.
You may exercise your rights of access, rectification, objection, erasure, restriction of processing, data portability, and to object to being subject to automated individual decision-making before the Data Controller, where applicable, by means of a written communication accompanied by a photocopy of your ID card to verify your identity, with the reference “GDPR Rights” addressed to the email address: legal@sylacore.com.
We also inform you that you can direct any type of complaint regarding personal data protection to the Spanish Data Protection Agency www.aepd.es, the Control Authority of Spain.