PRIVACY AND DATA PROTECTION POLICY
BAGUES MASRIERA S.A.U hereinafter, “the Entity”, through this website presents and makes available to users a catalog of jewelry products of the “Masriera” brand as well as different channels of contact with the Entity.
The Entity, in its capacity as Data Controller, is committed to due diligence and compliance with the Data Protection regulations implemented through Regulation 2016/679 regarding the protection of natural persons with regard to the treatment of personal data. and to the free circulation of these data General Data Protection (RGPD) and Organic Law 3/2018 on Data Protection and Guarantee of Digital Rights (LOPDGDD).
In compliance with the foregoing, the confidentiality and Personal Data Protection policy applicable to the processing of personal data in the framework of its activity is set out below.
Identity: BAGUES MASRIERA S.A.U
Address: Carretera de l’Hospitalet, 147 Edificio Viena 3ª Planta, 08940, Cornellà de Llobregat (Barcelona)
Phone: 93 481 70 54
Contact details of the Data Protection Officer (DPD): firstname.lastname@example.org
Data Protection Channel: www.corporate-ethicline.com/bagues-masriera
The Entity may collect personal data through the following channels:
Directly from the interested parties: the personal data that the interested party provides directly when filling out a form to request information, as well as when requesting assistance through the Chat or communicating with us in any way.
The types of personal data that we can collect are identification, contact and billing data.
Third parties: identification and contact information provided by our collaborators
Purposes of data processing
The Entity will process the data and information collected for the following purposes:
- Manage any type of request, suggestion or request for information made by interested persons about the products in our catalog,
- Manage orders and purchases made by our customers, as well as manage the relationship they have with our Entity.
- Send informative and commercial communications: email treatment provided through subscription to our Newsletters in order to inform you about activities, articles of interest and general information related to our activity and the contracted services / products.
- Manage data provided by candidates for a job through the Curriculum Vitae (CV) for the purpose of selection and recruitment process.
Comply with legal provisions
For the good purpose and development of your care and management of the above purposes, the owner consents to the processing of your data for the above purposes, all under the strictest compliance with the Data Protection regulations and the policy that we are detailing . At any time you can exercise your rights (see specific section).
Data Retention Criteria
Request and order management: we will keep personal data for as long as necessary to manage orders and requests. At the conclusion of the relationship between the Entity and the customer, personal data will be kept in the cases that may lead to responsibilities with the Entity and / or in compliance with other regulatory frameworks that are applicable to the Entity or a standard with range of law that requires the conservation of these. The personal data will be kept in a way that allows the identification and exercise of the Rights of those affected and, under the technical legal and organizational measures that are necessary to guarantee their confidentiality and integrity.
Curriculum Vitae Management: the Entity, as a rule, retains the Curriculum Vitae for a maximum period of one year; once this period has expired, it will be automatically destroyed, in compliance with the data quality principle.
Others: the rest of the data and information provided by the user by any means, will be kept for as long as necessary to fulfill the purpose for which they were collected.
The legal basis that enable the Entity to process the personal data of users, customers and potential clients are the following:
The consent of interested persons for the processing and management of any request for information or consultation about our services and products.
The Consent given by the Job Candidates for the purpose of selection and recruitment.
The framework for the provision and / or contracting of services / products with the Entity.
The legitimate interest to send you informative, commercial and / or promotional offers related to the activity of the Entity and the services / products contracted through email or any other means.
No personal data is transferred to third parties, except legal provision. In these cases, your
data could be communicated to Supervisory Bodies, Judges and Courts in compliance with
Nor are international data transfers made to third countries.
Right of Access, Rectification and Erasure: interested persons have the right to obtain confirmation about whether we are treating personal data in the Entity. Interested persons have the right to access their personal data, as well as to request the rectification of inaccurate data or request its erasure when, among other reasons, the data is no longer necessary for the purposes that were collected.
Right to Restriction of processing and to Object: in certain circumstances, the interested parties may request the restriction of processing of their data, in which case we will only keep them for the exercise or defence of claims. In certain circumstances and, for reasons related to their situation, the interested parties may object to the processing of their data. The Entity will stop processing the data in this case, except for compelling legitimate reasons, or for the exercise or defence of possible claims.
These rights may be exercised in our Data Protection Channel (see specific section).
Data Protection Channel
The Entity has implemented a Communications and Complaints Channel where the relevant and necessary aspects of data protection are incorporated, considering the highest commitment, rigor and professionalism in terms of security, experience, independence and knowledge in the treatment of communications received, incorporating the requirements set forth in article 24 of the LOPDGDD for this type of channel.
The Data Protection Channel has been implemented through a web platform, developed and managed by an independent external expert to provide and guarantee our previous commitments.
Through the Data Protection Channel, you can communicate and process the exercise of your Rights (see previous section) and communicate any indication or knowledge you have of possible security breaches (breaches) and / or possible breaches or irregularities on the regulations. of Data Protection or the present policy of the Entity.
The access data to the Data Protection Channel are detailed at the beginning of this policy.
Attention and support
Interested persons may communicate to the Entity any questions about the processing of their personal data or interpretation of our policy, by contacting the Data Protection Officer (DPO) at the email indicated at the beginning of this policy.