Privacy Policy

Privacy Policy of www.simuero.com

This Privacy Policy has been developed in accordance with the provisions of Regulation 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and the free movement of such data, hereinafter referred to as GDPR, as well as Organic Law 3/2018, of December 5, on the Protection of Personal Data and Digital Rights (hereinafter, LOPDGDD), and other applicable regulations.

This Privacy Policy aims to inform natural persons who provide their personal data and/or those of the person they represent, regarding the collection of such information, the specific aspects of data processing, the purposes of the processing, contact details for exercising their rights, data retention periods, and security measures, among other aspects.

Who is responsible for data processing?
In terms of data protection, SIMUERO SL must be considered the Data Controller for the personal data processing carried out by this entity.
The contact details of the Data Controller are as follows:
Data Controller: SIMUERO SL
Tax ID: B02902260
Physical Address: C/ BURRIANA, 44 BAJO DERECHA, 46005, VALENCIA, VALENCIA
Email: info@simuero.com
Phone: 640931697

What personal data do we process?
All information collected by SIMUERO SL will be processed lawfully, fairly, and transparently.
Moreover, the data requested for each processing operation will consist solely of those strictly necessary to fulfill the stated purpose.
Thus, the collected data will be adequate, relevant, and not excessive concerning the purposes for which they are processed. Additionally, personal data will be collected for specific, explicit, and legitimate purposes and will not be further processed in a manner incompatible with those purposes. Furthermore, data will be updated whenever necessary.
Generally, within the scope of the various activities conducted by the organization, the following types of data are collected:

  • Identification data.
  • Commercial information.
  • Transactions involving goods and services.
  • Economic and financial data.

Where do personal data come from?
As a general rule, personal data are always collected directly from the data subject. However, in certain exceptional cases, data may be obtained through third parties, entities, or services other than the data subject.
In such cases, this will be communicated to the data subject through the informational clauses included in the various information collection methods within a reasonable period or during the first communication with the data subject.

For what purposes do we process personal data?
In general terms, personal data are processed for the following purposes:

  • Newsletter: Sending information via the provided means about updates, events, news, products, and services related to us or our sector.
  • Contact: Responding to information requests received regarding the products and services we offer, as well as addressing any other type of inquiry sent by users.
  • Management, fulfillment, and execution of the purchase contract: Specifically, personal data will be used for the formalization of the purchase contract, payment management of transactions, contacting in case of any incident related to the order, managing billing and delivery of tickets and invoices, handling returns of purchased products, informing about the availability of requested products, and/or managing coupons or gift cards redeemed on the website or in our stores.
  • Customers: Managing the sale of goods and services, billing, accounting, collections, unpaid bills, offers, quotes and contracts, customer service, contact, and commercial relationships.
  • Profiling: Using your data to create a commercial profile based on your consumption habits, personal, and social characteristics. Profiling will not, under any circumstances, lead to automated decisions that could negatively affect the user. Through these processes, profiles of visitors to our website are created to make automated decisions based on the logic described in this same Privacy Policy.

What is the legal basis for data processing?
As a general rule, the consent of the data subject is the legal basis for the data processing in accordance with the purposes described above. This consent is expressed through a declaration or a clear affirmative action, such as ticking a checkbox provided for this purpose, voluntary subscription, or by submitting data through forms. This consent may be withdrawn at any time by contacting the company through its contact channels. Generally, we will request your consent for uses with purposes other than those for which you initially provided it.

Specifically, the following legal bases are applied for the indicated processing purposes:

  • Compliance with legal and regulatory obligations: This includes, but is not limited to, the General Law for the Defense of Consumers and Users, the General Tax Law, the Corporate Income Tax Law, the Audit Law, the Value Added Tax Law, the Civil Code, the Commercial Code, and any specific law or regulation that authorizes or requires the processing of the data subject's information, which will be mentioned in the corresponding informational clause.
  • Execution of a contract: For the preliminary management of a contracted service or product, the development and execution of a contract, or subsequent management derived from such operations.
  • Legitimate interest: Data processing based on the legitimate interest of the Data Controller will primarily be used for sending communications or commercial events about products or services similar to those already contracted. According to Article 21.2 of the Law on Information Society Services, this processing will only be valid when, as a client, you have not expressly objected at the time of data collection or in any subsequent communication.

How long do we retain personal data?
In general, personal data are processed for the time necessary to fulfill the purpose for which they were collected, as long as the service provision or contractual relationship is maintained, there is mutual interest, and/or for the period established by applicable regulations.
Once the established retention criteria have been met, the data will be deleted. Such deletion will result in the blocking of the data, which will only be kept available to Public Administrations, Judges, and Courts for the purpose of addressing possible liabilities arising from the processing, during the applicable statute of limitations period. After this period, the data will be permanently destroyed.

Who do we share personal data with?
As a general rule, no data transfers or communications to third parties are carried out, except those required by law.

What rights can you exercise?
According to European regulations, you have the following rights:

  • Right of Access: The right to request information from the Data Controller about whether your personal data is being processed.
  • Right of Rectification: The right to request modification of inaccurate or incomplete data.
  • Right to Object: The right to oppose the processing of your personal data or to request its cessation.
  • Right to Automated Individual Decision-Making: The right not to be subject to a decision based solely on automated processing, including profiling, that produces legal effects concerning you or significantly affects you.
  • Right to Restriction: The right to suspend the processing of your personal data in certain cases.
  • Right to Erasure or Right to be Forgotten: The right to request the deletion of your personal data.
  • Right to Data Portability: The right to request that your personal data be provided in a structured, clear format for transfer to another Data Controller.
  • Right to lodge a complaint with the competent supervisory authority if you believe that the processing does not comply with current regulations.

How can you exercise your rights?
The applicant may exercise their rights through the following means:

  • Email: admin@simuero.com
  • Postal mail: C/ BURRIANA, 44 BAJO DERECHA, 46005, VALENCIA, VALENCIA
    In both cases, documentation may be required to verify the applicant's identity.
    In any case, you can request the protection of the Spanish Data Protection Agency through its website.
    Requests will be addressed as soon as possible, considering the deadlines established by data protection regulations.

What are the consequences of not providing the information?
The data requested in the fields marked with an asterisk or identified as mandatory, or provided through the means where information is provided, are strictly necessary in relation to the purpose for which they are collected, or for the optimal provision of a service to the data subject or due to a legal obligation imposed on the Data Controller or a requirement necessary to enter into a contract, while the inclusion of data in the remaining fields is voluntary.
If all the required data is not provided, it cannot be guaranteed that the information and services provided will fully meet your needs. Therefore, if the required data is not provided, or if it is provided incorrectly or incompletely, your request cannot be processed, making it impossible to provide you with the requested information or to enter into the service contract.
Likewise, the user guarantees that the information transmitted in any of the forms is true, accurate, and corresponds to their own data.

How is profiling carried out?
SIMUERO SL may create a commercial profile based on the information provided by the data subject and their interactions with the offered content to send personalized information about our products or services, including by electronic means. The legal basis for profiling is SIMUERO SL's legitimate interest in knowing the profile of the data subject in its communications and services to offer personalized information and content tailored to their interests and activity. No automated decisions will be made based on this profile. The User may oppose profiling at any time through the channel provided for this purpose.

Subscription to our Newsletters: We will process your identification and contact data to send personalized information about our products, promotions, offers, as well as products and offers from our partners. To achieve this purpose, we create a profile of users that allows us to tailor the information we send, according to the tastes and preferences we know based on your browsing habits, purchase history, or even the information collected through the use of cookies and other similar technologies (for more information about the use of cookies, visit our Cookies Policy).

Other marketing and advertising purposes: We will use your data to suggest products or offers based on the profile created according to your purchase history, the products you view when browsing our platforms, or the products left in your cart when you do not complete the purchase process. These suggestions may reach you via push notifications, banners, or even by email through the abandoned cart feature. Likewise, we will process your data to display advertising on other websites, apps, or social networks you visit. This advertising is usually based on a profile created according to your purchases, purchase history, or preferences.

What security measures have we implemented?
The security measures adopted by SIMUERO SL are those required under Article 32 of the GDPR.
In this regard, considering the state of the art, implementation costs, the nature, scope, context, and purposes of the processing, as well as the varying likelihood and severity of risks to the rights and freedoms of natural persons, appropriate technical and organizational measures have been implemented to ensure a level of security appropriate to the existing risk.

In any case, SIMUERO SL has implemented sufficient mechanisms to:

  • Ensure the permanent confidentiality, integrity, availability, and resilience of processing systems and services.
  • Restore the availability and access to personal data quickly in the event of a physical or technical incident.
  • Regularly verify, evaluate, and assess the effectiveness of the implemented technical and organizational measures to ensure processing security.
  • Enable data and communication encryption.

CHANGES TO THIS PRIVACY POLICY
This Privacy Policy may be revised periodically to update changes in current legislation, update procedures for collecting and using personal information, introduce new services, or remove others. These changes will be effective upon their publication on the website, so it is important that you regularly review this Privacy Policy to stay informed about any updates.