Privacy Policy
PRIVACY POLICY
BASIC INFORMATION ON DATA PROTECTION
|
OFFVIEW, S.L.
|
|||||
|
|
|||||
|
|
|||||
|
Your data will be processed by other Group companies and third parties working with us.
|
|||||
|
|
|||||
|
|
|||||
ADDITIONAL INFORMATION ON DATA PROTECTION
OFFVIEW, S.L. (hereinafter, "the Company") undertakes, as personal data Controller, to adopt at all times the necessary technical and organizational measures in order to ensure that the data processing is in accordance with the provisions of Regulation (EU) 2016/679 (hereinafter, "RGPD") and Organic Law 3/2018.
The Company will process your personal data fairly and lawfully, ensuring that it is adequately protected and not misused. Likewise, it is the Company's will to be transparent with regard to the handling of its customers’ and users’ personal data, making available to them all the necessary information about data collection and processing.
The purpose of the Privacy Policy is to inform you about who will process your personal data, why we collect it, how long we will keep it for, to whom we will pass it on, and what your rights are in this regard.
By providing us with your personal data and using our Website, we understand that you have read and understood the information on personal data protection set out in this Privacy Policy and in the Cookies Policy.
- WHO IS THE PERSONAL DATA CONTROLLER?
The personal data Controller is:
Corporate name: OFFVIEW, S.L.
N.I.F: B72903537
Phone: 936 91 54 50
Address: Calle Bosc Tancat No. 8 de Cerdanyola del Vallés, (08290) Barcelona
E-mail: dataprotection@offview.com.
- WHAT ARE THE PURPOSES OF PROCESSING YOUR PERSONAL DATA?
Depending on the products, services or functionalities requested by customers and users, the Company will need to process certain data, which, in general, will be the following:
- Identification and contact data: name, surname, contact telephone number, postal address, e-mail address, among others;
- Data associated with the execution of a sales or service contract with the Company: identification and contact data, payment data, information about purchases, orders and returns, among others;
- Automatically collected data: by interacting with our Website certain browsing data is automatically collected. This information is collected through cookies, regulation of which is detailed in the Company's Cookies Policy;
The information we may automatically collect relates to your use of our Website and the devices you use to access and interact with it. Some of the data we collect include, the IP address of the device you are using, the browser software you are using, your operating system, the date and time of access to the Website, the Internet address of the website through which you accessed our Website, geolocation data, information about the pages visited by the user within the Website and the time spent browsing each page;
- Data about your personal tastes and preferences.
The collected personal data are processed for the following purposes:
- Manage the procurement of products and services offered by the Company: to be able to provide you with the product or service you request, to be able to operate our business internally (in terms of accounting, auditing and other internal functions) and to manage payment for products and services;
- Quality analysis: to conduct surveys on customer and user satisfaction regarding the quality of the products and services offered by the Company;
- Customer and user support: channel and attend to their requests, queries and complaints for their management and resolution;
- Advertising and marketing actions: mainly includes personalizing the services we offer and making recommendations based on interaction with the Company through its website (e.g. based on purchase and browsing history). In the case of providing your consent, your personal data will be used to periodically send you information about new products that may be of interest to you and to offer you promotions;
- To improve the user experience on the Website: to perform analytical and statistical studies on how users browse the Company's Website.
- WHAT IS THE LEGITIMACY FOR PERSONAL DATA PROCESSING?
The legal grounds that allow us to process your personal data depends on the purpose for which we process it, as detailed below:
- Manage the contracting of products and services offered by the Company. Processing your data is necessary for the correct conclusion and proper development of the contractual relationship with the Company. The legitimacy of data processing also lies in your own consent (when you decide to contract our products or services) and in the Company’s legitimate interest to carry out the relevant checks in order to identify and prevent possible fraud, as well as for security reasons;
- Quality analysis. The legitimacy of data processing lies in the Company’s legitimate interest to analyze customer and user satisfaction, in order to offer them the highest quality products and services;
- User and customer support. The legitimacy of data processing lies in the Company’s legitimate interest to respond to your requests and claims in order to properly serve you and attend to your queries. In the event of claims or incidents related to the purchased product or service, data processing is necessary for the Company to fulfill its contractual obligations. In the case of queries related to the exercise of your legally recognized data protection rights, the Company requires data processing in order to comply with the legal obligations binding it in this area;
- Advertising and marketing actions. The legal grounds for processing your data for advertising and marketing purposes is the consent you give us to send you commercial communications (which may be personalized) and the Company’s legitimate interest to send you communications similar to those services or products contracted in the past or for which you have shown interest.
Remember that if you have given us your consent to process your data for any purpose, you have the right to withdraw it at any time.
- Improve the user experience on the Website. The legitimacy of data processing lies in the Company’s legitimate interest in the user satisfaction and take appropriate corrective measures to improve our service quality.
- HOW LONG WILL WE KEEP YOUR DATA?
Your personal data will be duly kept for the time necessary to be used for the purpose for which they were collected.
Personal data will be stored, using appropriate security measures to ensure their accuracy and integrity, for as long as their processing is necessary for the purpose for which they were collected or as long as you do not exercise your right of erasure or limitation of the processing.
In such cases, we will block your personal data, without processing it, for the periods provided by law in order to meet any liabilities and to be able to prove compliance with our legal and contractual obligations. Subsequently, the Company will permanently delete your personal data.
- WITH WHOM WE MAY SHARE YOUR DATA?
Your personal data will be processed by members of the Company who act on behalf of the organization and with whom appropriate contracts have been concluded, which contain specific confidentiality obligations and diligent personal data management in accordance with the legislation in this area.
In certain cases, in order to fulfill the purposes set forth in this Privacy Policy, the Company will need to share your personal data with other Group companies and with the following third parties:
- logistic, transport, and delivery services providers and partners, and/or establishments collaborating with them.
- customer service providers.
- marketing and advertising services providers and partners.
- authorities and public bodies in order to: comply with a court order, subpoena or investigation, or for any other reason required by law; deal with possible liabilities arising from personal data processing; prevent illegal uses of our Website or violations of our Website policies; deal with third party claims; contribute to the prevention and investigation into alleged fraud, among others.
These third party collaborators only have access to the personal information necessary to carry out the corresponding services and are required not to use it for any purpose other than the one requested. The Company also requires the same degree of protection and confidentiality from these third parties that we apply in the management of your personal data. Likewise, all of them are subject to the obligations set forth in their respective data processing contracts executed with the Company.
- WHAT ARE YOUR RIGHTS?
You are entitled to exercise the following rights in relation to personal data processing:
- Access (art. 15 RGPD): allows you to obtain certain information about the purposes for which your data are being processed, the recipients to whom they are communicated, or the categories of data being processed, among others.
- Rectification (art. 16 RGPD): allows you to contact the data Controller to modify any inaccurate personal data and to complete any incomplete data.
- Erasure (art. 17 RGPD): allows you to request the erasure, without undue delay, of your personal data processed by the Controller, in the following cases:
- the data Controller no longer needs the data for the purposes for which it was originally collected;
- data processing is based on your consent and you decide to withdraw your consent, provided that there are no other processing operations protected on a legitimate basis other than consent;
- you object to the processing of your data and the interests of the data Controller do not prevail, provided that there are no other processing operations that do not admit opposition;
- the personal data was unlawfully processed;
- the personal data must be deleted by legal obligation;
- the data have been obtained in the provision of the information society services.
- Limitation of processing (art. 18 RGPD): allows you to obtain the limitation of data processing from the Controller when one of the following conditions is met:
- when you contest the accuracy of your personal data, for a period of time that allows the Controller to verify the accuracy of the data;
- the processing is unlawful and you object to the erasure of your personal data and request instead the limitation of their use;
- the Controller no longer needs your personal data for the purposes of the processing, but you need them for the formulation, exercise or defense of claims;
- you have objected to the processing, while it is being verified whether the legitimate reasons of the Controller prevail over yours.
- Portability (art. 20 RGPD): allows you to receive your personal data or have them sent to a third party, in a structured, commonly used and machine-readable format, provided that the following conditions are met cumulatively:
- when the data Controller's legitimacy for data processing is the provision of your consent or the performance of a contractual relationship.
- the data processing is carried out by automated means.
- Opposition (art. 21 RGPD): allows you to oppose the processing of your data by the Controller. However, you can only exercise this right against processing operations protected by the legitimate basis of a public interest or a Controller’s legitimate interest.
- Opposition to automated processing (art. 22 RGPD): allows you not to be subject to decisions based solely on automated data processing, including profiling, which may produce legal effects on you or significantly affect you in a similar way.
6.1. How can I exercise my rights?
In order to exercise your data protection rights, the Company makes the following means available to you:
- Submitting a written and signed request to the Company (calle Bosc Tancat n.º 8 de Cerdanyola del Vallés, (08290) Barcelona) indicating the reason for your request and the right you wish to exercise, attaching a copy of your ID or equivalent document to prove the identity of the applicant;
- Sending the completed and signed form, attaching a copy of your ID or equivalent document to prove the identity of the applicant, to the following e-mail address: dataprotection@offview.com.
The forms for exercising the rights are provided below:
- Right of access: https://www.aepd.es/sites/default/files/2019-09/formulario-derecho-de-acceso.pdf
- Right of rectification: https://www.aepd.es/sites/default/files/2019-09/formulario-derecho-de-rectificacion.pdfv
- Right of erasure: https://www.aepd.es/sites/default/files/2019-09/formulario-derecho-de-supresion.pdf
- Right of limitation of processing: https://www.aepd.es/sites/default/files/2019-09/formulario-derecho-de-limitacion.pdf
- Right to portability: https://www.aepd.es/sites/default/files/2019-09/formulario-derecho-de-portabilidad.pdf
- Right of opposition: https://www.aepd.es/sites/default/files/2019-09/formulario-derecho-de-oposicion.pdf
- Right of opposition to automated processing: https://www.aepd.es/sites/default/files/2019-09/formulario-derecho-de-oposicion-decisiones-automatizadas.pdf
Likewise, you have the right to address to the corresponding competent supervisory authority on data protection, for any claim arising from personal data processing: the Spanish Data Protection Agency (Claims Submission Form).
Privacy policy
Controller of personal data
In compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and the free circulation of these data (hereinafter, "RGPD"), we inform you that GIGI Studios, SL, with registered address Calle Bosc Tancat, 8, Nave nº 4, Cerdanyola del Valles 08290 Barcelona - Spain, CIF B72903537, is the Controller of your personal data when you provide them to us during your experience through the website www.gigistudios.com.
Every time you use our website and provide us with or we need to access any type of information that, due to its characteristics, allows us to identify you, such as your name and surname, email, billing or shipping addresses, telephone number, debit or credit card number, etc., whether to browse the website, purchase our products or use its services, you will be subject to the application of this Privacy and Cookies Policy, which you have expressly accepted by checking the consent box, along with the general terms and conditions, documents referenced therein in force at all times, and you should review said texts to verify that you agree with them.
This Privacy and Cookies Policy provides information on the system for collecting, processing and protecting personal data that GIGI Studios, SL may access as a result of the services provided to the user on this Website (hereinafter, "the Website") or through other means, jointly referred to as "Our Systems". The owner of the website www.gigistudios.com is GIGI Studios, SL, with registered office at Calle Bosc Tancat, 8, nave nº 4, Cerdanyola del Valles 08290 Barcelona - Spain, CIF B72903537, whose activity is the production and sale of sunglasses and optical frames under the "GIGI Studios" brand. (hereinafter, "the Company").
By checking the box provided for this purpose, you have explicitly accepted the terms and conditions contained in this Privacy Policy, as well as the provisions contained in the Company's General Terms and Conditions of Use and Cookie Policy. These provisions may be modified based on legislative changes or by decision of the Company, so please read them carefully each time you browse the Website. You can also check if there are any specific conditions for their use, or if specific processing of your personal data is required.
Please note that failure to provide certain information marked as mandatory may result in the inability to process your user registration or use certain features or services available through Our Systems.
You, as a user, guarantee that the personal data you have provided to us is true and accurate, and you agree to notify us of any changes or modifications to such data. If you provide us with the personal data of third parties, you are responsible for having informed them and obtained their consent to share it for the purposes indicated in this Privacy Policy.
We inform you that the data collected through the data collection form on the Website will be incorporated into a personal data file owned by GIGI Studios, SL, with registered office at Calle Bosc Tancat, 8 Nave nº 4, Cerdanyola del Valles 08290 Barcelona – Spain, CIF B72903537 registered in the Barcelona Mercantile Registry in Volume 24,123, Page B-64,621, Folio 49, Entry 5.
Confidentiality
The Company guarantees the confidentiality of the personal data provided and compliance with all applicable regulations. It has adopted all necessary technical and organizational measures to guarantee the security and integrity of the personal data it processes, as well as to prevent its loss, alteration, and/or access by unauthorized third parties.
Purpose of processing, legal basis, legitimacy, and description of the data processing carried out through our systems:
The legal basis for processing your data will be the execution of the contract for the sale of products or the provision of corresponding services, as applicable.
The Company informs you that we will process your personal data for the following purposes:
(I) manage your registration as a user of Our Systems and give you access to its different functionalities, products and services that are available to you as a registered user.
(II) the development, fulfillment and execution of the purchase contract for the products or services that you have acquired through the Web
(III) manage the information you provide us, your resume and your personal data if you register in our Employment section.
(IV) If you have subscribed to the GIGI Studios Newsletter, we will provide you with information about our products and services, through means such as email, SMS or push notifications if you have activated them on your mobile device, and we may provide you with advertising related to our products and services.
We also inform you that, in order to improve the service we provide to you, your personal data relating to your purchases on the Website, tastes, and preferences may be used by the Company to conduct analyses, marketing studies, quality surveys, and other similar activities. If you are a registered user, you can change your preferences regarding the sending of such commercial communications through My Account. Likewise, your data may be shared with third-party service providers who will act as data processors, and we may transfer or communicate personal data to fulfill our obligations to public authorities, judicial bodies, and as required by current legislation.
I consent to GIGI Studios contacting me to conduct marketing actions related to GIGI Studios products, both general and personalized, by any means, including electronic means, even through collaborating companies.
I consent to GIGI Studios sharing my data with its partner companies so they can contact me to conduct marketing activities related to GIGI Studios products.
What are your rights?
You have the right to exercise your rights to revoke access, rectification, erasure, restriction, portability, and revocation of the consent you have given, and not to be subject to a decision based solely on the automated processing of your data.
You may exercise your rights at any time by sending a written notification, attaching a photocopy of a document that proves your identity, to the addresses below, indicating "Data Protection" as the reference: dataprotection@gigistudios.com. You may also, if you deem it appropriate, file a complaint with the Spanish Data Protection Agency. The necessary information is available at www.agpd.es
You may also unsubscribe from the GIGI Studios Newsletter at any time through the Newsletter section of Our Systems, as well as by following the instructions we provide in each communication.
Retention period of your data
GIGI Studios SL will process your personal data for a period of five years from your last interaction with us, without prejudice to any retention that may be necessary for the formulation, exercise, or defense of potential claims and/or as permitted by applicable law.