Privacy Policy
Protecting personal data from users and clients is essential, which is why we want to explain and facilitate in a transparent manner how we collect, protect, use and share this data in undertaking our activities.
Personal data should be understood as information about an identified or identifiable natural person, which we collect through any of the established channels, such as
- data collection forms inserted in our website, Apps, electronic offices, by telephone or in person when filling out one of our forms, among others.
Regardless of the channel chosen, we recommend that you carefully read the information provided regarding privacy, and if you have any doubts about any of the sections herein, please contact us using the email: info@chic-kles.com
It is very important that you understand:
- Who collects your personal data.
- What personal data we collect.
- How we obtain your personal data.
- Why we process personal data.
- Information on the applicable legal bases and obligation to provide data.
- How we share information with third parties.
- How long we store your data.
- Profiling and automated decision making.
- What your privacy rights are and how you can exercise them.
WHO COLLECTS YOUR PERSONAL DATA – WHO IS THE DATA CONTROLLER FOR PROCESSING DATA?
Identification and contact information of the Data Controller:
Chic-kles Gum is responsible for the processing your personal data.
- NIF: B98129158
- Registered offices: Pol. Ind. el Oliveral, 6, 6 Riba-Roja 46394, Valencia, Spain
- Email: info@chic-kles.com
WHAT PERSONAL DATA DO WE COLLECT?
Depending on the type of web form or application used, we will collect certain personal or technical information.
Technical data from web users |
|
Personal Data Collected through forms | Contact form that collects personal information such as name, email, and details of the query. |
HOW DO WE OBTAIN YOUR PERSONAL DATA?
From the information that you provide with us directly through the enabled data collection channels, such as:
- Contact form inserted on the website.
From information provided by third parties:
- Legal representative or authorized person, in the case of minors, disabled persons or legal representatives or joint accounts.
WHY DO WE PROCESS PERSONAL DATA?
Identification of purposes and applicable legal bases
We inform you that all data processed by Chic-kles Gum are necessary for the purposes described in this Privacy Policy. Failure to provide them makes it impossible for us to suitably manage any existing relationship with you.
Below are the various purposes for which your personal data are processed as well as the bases legitimizing said processing:
DATA SUBJECTS | PURPOSES | APPLICABLE LEGAL BASIS |
USERS | Addressing doubts and queries processed through established customer service/contact channels and providing the information requested.
Management and transfer of the suggestion or complaint notified. |
Legitimate interest, or execution of a contract if you are a customer. |
Responding to requests regarding data protection, such as the exercise of rights.
Notifying, if applicable, a security breach. |
Compliance with legal obligations. |
INFORMATION ON APPLICABLE LEGAL BASES AND THE OBLIGATION TO PROVIDE DATA
Information on applicable legal bases
If the applicable legal basis is of your legitimate interest, you may oppose processing based on this by contacting the Data Protection Officer at: info@chic-kles.com explaining your reason for said opposition. In such cases, the Data Controller will judge whether the aforementioned interest prevails over the rights of any interested parties.
Obligation to provide data.
In some cases, it is mandatory to collect certain personal information before managing your request or providing some of our services, either because said information is the minimum necessary for responding to your request or because we are legally obliged to collect it.
However, Chic-kles Gum undertakes to collect only those data necessary for the purpose in question.
You should be aware that, in such cases, if the required information is not provided, this may cause delays in the provision of the requested services or even make it impossible to provide them. Mandatory changes will normally be marked with an asterisk (*).
HOW DE WE SHARE INFORMATION WITH THIRD PARTIES?
To comply with applicable legal obligations, your data may be transferred to the following recipients:
- Spanish Data Protection Agency.
- Computer Security Incident Response Teams (CSIRT) and Computer Emergency Response Teams (CERT).
- State Security Bodies and Forces.
- Prosecutor’s Office, Judges and Courts.
Ultimately, in certain cases, it is possible that some of our suppliers process your personal data on behalf of the Data Controller if it is necessary for undertaking a specific activity. Specifically, some of these providers are:
- IT service providers such as servers, cloud platforms.
- Administrators, investors, managers.
- Design and maintenance tools and applications.
- Specialized postal delivery services.
- Information destruction services.
As a general rule, no data transfers are made to third parties located outside the European Economic Area, or whose servers are located outside the EEA. Nevertheless, if you accept the use of third-party cookies, it is likely that your information will be shared with third parties located outside the European Economic Area. For more information, access our cookie policy.
HOW LONG DO WE STORE YOUR DATA?
As a rule, your data will be deleted when it is no longer necessary for the purpose for which it was collected.
If processing was only based on your consent, your data will be processed until you withdraw said consent.
Without prejudice to the foregoing, privacy regulations provide for the possibility of retaining certain data for longer than necessary to achieve the purpose originally intended, in the following cases:
- Compliance with a legal obligation in accordance with article 17.3.b of the GDPR.
- Archiving purposes in the public interest, scientific and historical research, statistical purposes in accordance with article 17.3.c and 89 of the GDPR.
- Execution or defence of claims in accordance with article 17.3.e of the RGPD.
In accordance with the provisions of the LOPDGDD, when rectification or deletion of data is appropriate, based on the principle of proactive responsibility, we can continue to keep your data blocked (that is, with restricted access) prior to any definitive physical or digital deletion for the prescribed periods as established in the applicable regulations and with the sole purpose of addressing or demanding possible liabilities derived from processing.
Access to data and, consequently, making it available, is limited only to judges and courts, the Public Prosecutor’s Office or Public Administrations.
DEFINITIVE DELETION OF YOUR DATA
Your data will be definitively destroyed when the storage periods imposed by the rules regulating our activity and the statute of limitations for administrative or judicial actions arising from the relationships established between you and us have elapsed.
For cookies, your data will be kept in accordance with the provisions of said policy.
PROFILING AND AUTOMATED DECISION MAKING.
Using the data collected through the website, the data controller does not make automated decisions or create profiles.
WHAT ARE YOUR PRIVACY RIGHTS ARE AND HOW CAN YOU EXERCISE THEM?
RIGHTS | Access | You may consult your data included in the Controller’s databases. |
Rectification | You may modify your personal data when it becomes inaccurate. | |
Deletion | You may request the deletion of your personal data. | |
Opposition | You may object to the entity processing your personal data when the legal basis for the processing is their own legitimate interest.
You may also opt out of receiving commercial information by sending an email to the address: info@chic-kles.com writing “UNSUBSCRIBE” in the subject line. If you object to communications for commercial purposes, you are informed that the entity may send information related to any contracted products or services such as: information about card blocking; requests for transactions made from a non-usual location; information communications that may affect current contracts, etc. |
|
Opposition to automated decisions | Should we make decisions automatically, you may object to this and request that the decision be reviewed by a person, and/or express your opinion or challenge the decision, where appropriate. | |
Portability | You have the right to ask us to transfer your data to you directly or to another third party. This right will only apply when we carry out automated processing based on your consent or because you have a contract with said entity. | |
Limitation | You may request the limitation of the processing of your data when:
|
|
Withdrawal of original consent | You can withdraw your consent at any time without affecting any processing previously carried out. In all cases, your consent remains valid as long as you do not withdraw it. | |
How can you exercise your rights?
Requests can be submitted:
To exercise your rights, the data controller must make the necessary inquiries to verify and ensure the identity of the person making the request. Without prejudice to the above, identity may be proven through one of the following methods:
Claims to the supervisory authority. Should you consider that your data protection rights have been violated, or your request has not been responded to appropriately, you may file a claim with the Control Authority (Spanish Data Protection Agency) at https://www.aepd.es/es.
|