PRIVACY POLICY OF http://www.colorker.com
This Privacy Policy has been developed taking into account the provisions of Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and the movement of such data, hereinafter the GDPR, as well as the Organic Law 3/2018, of 5 December, on Data Protection and Digital Rights (hereinafter, LOPDGDD) and other applicable regulations.
The purpose of this Privacy Policy is to inform natural persons who provide their personal data, and/or those of the person they represent, in respect of which information is being collected, of the specific aspects relating to the processing of their data, the purposes of the processing, the contact details for exercising their rights, the periods of conservation of the information and the security measures, among other things.
WHO IS THE DATA CONTROLLER?
In terms of data protection, COLORKER SA shall be considered the Data Controller in relation to the processing of personal data carried out by this entity.
The contact details of the Data Controller are set out below:
o Identity of the data controller: COLORKER SA (A12050050 )
o Physical address: CRA. DE ALCORA, KM 21,3, 12110, ALCORA, L', CASTELLóN
o E-mail: ${mail_company}
o Telephone: 964 36 16 16
WHO IS THE DATA PROTECTION DELEGATE?
In this entity is framed the figure of data protection delegate, who can be contacted through the following email address: or by writing to the address of this entity to the attention of the "Data Protection Delegate".
WHAT PERSONAL DATA DO WE PROCESS?
All information collected by COLORKER SA will be processed in a loyal, lawful and transparent manner.
Likewise, the data requested in each of the processing operations carried out will only consist of those data that are strictly necessary to carry out the intended and informed purpose in each case.
In this way, the data collected will be adequate, relevant and not excessive in relation to the purposes for which they are processed in each case. Therefore, your personal data will be collected for specific, explicit and legitimate purposes and will not be further processed in a way that is incompatible with those purposes. Furthermore, they will be updated whenever necessary.
In general terms, within the framework of the different processing activities carried out in the organisation, the following types of data are collected:
o Data of an identifying nature.
o Academic, professional and training data
o Detailed employment data
o Administrative data
o Judicial data
o Commercial information.
o Transactions of goods and services.
o Economic and financial data.
o Social circumstances.
o Employment details.
o Personal characteristics.
o Special category data.
WHERE DOES THE PERSONAL DATA COME FROM?
As a general rule, personal data is always collected directly from the data subject, however, in certain exceptions, data may be collected through third parties, entities or services other than the data subject.
In this regard, this will be communicated to the data subject through the informative clauses contained in the different information collection channels and within a reasonable period of time or in the first communication made to the data subject.
FOR WHAT PURPOSES AND IN WHAT SPECIFIC CASES DO WE PROCESS PERSONAL DATA?
In general terms, personal data is processed for the following purposes:
o Newsletters: when previously authorised, by email, fax, SMS, MMS, social communities or any other electronic or physical means, present or future, that makes it possible to send commercial communications, as well as to send the website's newsletter. These communications will be made by the Controller or any of the companies in the Controller's group, related to its products and services, or its collaborators or suppliers with whom a promotional agreement has been reached. In this case, third parties will never have access to personal data.
o Contact: In order to respond to your request, we will process the essential data, which generally corresponds to the contact details (email) and data related to your order, or to the incident that you communicate to us, as well as respond to requests for information received about the products and services offered or any type of request made by the user through any of the forms of contact that are made available to them.
When using social networks to send us queries, please avoid entering personal data, remember that we do not have control over the data entered on these platforms, so we advise you to carefully read the privacy policies of the social network from which you act.
o Work with us: To carry out internal recruitment processes, both current and future.
The personal data collected will not be used to create profiles or make automated decisions.
However, all the explicit purposes for which each of the processing operations are carried out are set out in the informative clauses included in each of the data collection methods (web forms, paper forms, voice messages or posters and informative notes, invoices, contracts and other documents containing personal data).
HOW IS PROFILING CARRIED OUT?
COLORKER SA may create a commercial profile based on the information provided by the interested party and their interactions with the content offered in order to send them personalised information about our products or services, including by electronic means. The legitimate basis for profiling is the legitimate interest of COLORKER SA in knowing the profile of the interested party in its communications and services in order to offer them personalised information and content adapted to their interests and activity. No automated decisions will be taken on the basis of this profile. The User may at any time oppose the profiling of his/her information through the channel provided for this purpose.
- Subscription to our Newsletters. We will process your identification and contact data to send you personalised information about our products, promotions, offers, as well as products and offers from our partners. To carry out this purpose, we create a user profile that allows us to personalise the information we send you, adapting it to the tastes and preferences that we know based on your browsing habits, purchase history, or even the information collected through the use of cookies and other similar technologies (for more information on the use of cookies, please visit our Cookies Policy).
- Other marketing and advertising purposes: We will use your data to suggest products or offers based on the profile you create according to your purchase history, the products you view when you browse our platforms, or the products you leave in your cart when you do not complete the purchase process. These suggestions may be sent to you via push notifications, banners or even to your email through the abandoned cart function. We will also process your data to show you advertising on other websites, apps or social networks that you frequent. This advertising is usually based on a profile created according to purchases made, your purchase history or preferences.
WHAT IS THE LEGAL BASIS FOR THE PROCESSING OF DATA?
As a general rule, prior to the processing of personal data, COLORKER SA informs you of the legal basis on which it establishes the legitimacy of the processing in question.
However, personal information may be processed within the organisation for the following purposes:
o Fulfilment of legal and regulatory obligations: By way of example and without limitation. General Law for the Defence of Consumers and Users, General Tax Law, Corporate Tax Law, Account Auditing Law, Value Added Tax Law, Civil Code, Commercial Code, as well as the existence of a specific law or regulation authorising or requiring the processing of the data subject's data, which will be set out in the corresponding informative clause.
o Execution of a Contract: for the prior management of a contracted service or product, development of the execution of a contract or subsequent management derived from such operations.
o Consent: there are processing operations based on obtaining the express and unequivocal consent of the data subject, through the incorporation of informed consent clauses in the different information collection systems, providing consent by means of a declaration or a clear affirmative action such as ticking a box provided for this purpose or signing the appropriate document or by sending data through the means of contact indicated. In addition, we inform you that we will only use personal information in accordance with this Privacy Policy and, in general, we will request your consent for uses for purposes other than those for which you initially provided it.
o Legitimate interest: the processing of data based on the legitimate interest of the data controller will be established mainly for the sending of communications or commercial events about products or services similar to those contracted. According to article 21.2 of the Information Society Services Act, this processing will only be valid when, as a customer, you have not expressly refused at the time of collecting the data or in any of the communications we make.
HOW LONG DO WE PROCESS PERSONAL DATA?
At http://www.colorker.com personal data is processed for the time necessary to fulfil the purpose for which it was collected, for as long as the service is provided or the employment or contractual relationship is maintained, there is a mutual interest and/or for the time provided for in the corresponding regulations.
Once the established time criteria have been met, the data will be cancelled. Said cancellation will lead to the blocking of the data, which will only be kept at the disposal of the Public Administrations, Judges and Courts, in order to attend to any possible liabilities arising from the processing, during the period of limitation of these, after which time the information will be destroyed.
WITH WHOM DO WE SHARE PERSONAL DATA?
OPTION 1
As a general rule, COLORKER SA does not transfer or communicate your data to third parties, except for those legally required.
However, should it be necessary, the interested party is informed of any such transfer or communication of data through the informative clauses contained in the different personal data collection channels.
OPTION 2
To fulfil the purposes described above, personal data may be shared with:
- Group companies
ARE INTERNATIONAL TRANSFERS MADE?
We also inform you of the transfer of data outside the European Economic Area, based on the existence of adequate guarantees in accordance with the GDPR and these guarantees are available to anyone who expressly requests them to rgpd@colorker.com..
Specifically, the following guarantees are established:
o The country or countries to which the data is transferred has or have been declared by the European Commission to have an adequate level of protection.
o There is a legally binding and enforceable instrument in place between public authorities or bodies.
o The transfer is between companies of the group to which the controller belongs and have approved, by the competent supervisory authority, binding corporate rules in accordance with Article 47 of the GDPR.
o A document of standard data protection clauses adopted by the Commission or a supervisory authority has been signed (Art. 93.2 GDPR).
o The controller is adhered to a code of conduct adopted pursuant to Article 40 of the GDPR, together with binding and enforceable commitments in the third country to implement appropriate safeguards, including those relating to the rights of data subjects.
o The controller has been certified in accordance with certification mechanisms approved in accordance with Article 42 of the GDPR, together with binding and enforceable commitments in the third country to implement appropriate safeguards, including those relating to the rights of data subjects.
o The transfer has been authorised by the Spanish Data Protection Agency in accordance with Article 42 of Organic Law 3/2018 of 5 December on the Protection of Personal Data and Guarantee of Digital Rights.
o The international transfer is subject to one of the exceptions set out in article 49 of the GDPR (indicate which one): .
WHAT RIGHTS CAN YOU EXERCISE?
According to European regulations, the rights you have are the following:
Right of Access, the right to request information from the data controller about whether your personal data is being processed.
o Right of rectification, the right that allows the data subject to request the modification of data that is inaccurate or incomplete.
o Right of Opposition, the right of an individual to object to the processing of his or her personal data or the cessation of such processing.
o Right against automated individual decisions, the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects on him or her or significantly affects him or her in a similar way.
o Right of restriction, the right to suspend the processing of the user's personal data under certain circumstances
o Right of Deletion or Oblivion, the right to erasure of the data subject's personal data
o Right of Portability, the right to request the data controller to provide the personal data in a structured and clear format to another data controller.
o The right to lodge a complaint with the competent supervisory authority if you consider that the processing does not comply with the regulations in force.
HOW TO EXERCISE YOUR RIGHTS
The applicant may exercise his or her rights by the following means:
o Email to rgpd@colorker.com. providing documentation accrediting the identity of the applicant (copy of the front of the National Identity Document, or equivalent).
o Postal mail to CRA. DE ALCORA, KM 21,3, 12110, ALCORA, L', CASTELLóN providing documentation proving the identity of the applicant (copy of the front of the National Identity Card, or equivalent).
In any case, you can request the protection of the Spanish Data Protection Agency through its website.
In this regard, COLORKER SA will deal with your request as soon as possible and taking into account the deadlines set out in the data protection regulations.
HOW TO EXERCISE YOUR RIGHTS?
The applicant may exercise their rights by the following means:
o Email to rgpd@colorker.com. providing documentation proving the identity of the applicant (copy of the front of the National Identity Card, or equivalent).
o Postal mail to CRA. DE ALCORA, KM 21,3, 12110, ALCORA, L', CASTELLóN providing documentation proving the identity of the applicant (copy of the front of the National Identity Card, or equivalent).
In any case, you can request the protection of the Spanish Data Protection Agency through its website.
In this regard, COLORKER SA will deal with your request as soon as possible and taking into account the deadlines set out in the data protection regulations.
WHAT COULD BE THE CONSEQUENCES OF NOT PROVIDING THE INFORMATION?
The data requested in the fields marked with an asterisk (*) or those provided in the documents or media where the information is provided, are those strictly necessary in relation to the purpose for which they are collected, or for the provision of an optimum service to the interested party or through a legal obligation imposed on the data controller or a necessary requirement to enter into a contract, with the inclusion of data in the remaining fields being voluntary.
If not all data is provided, there is no guarantee that the information and services provided will be completely tailored to your needs.
Therefore, in the event that the required data is not provided or is provided incorrectly or incompletely, we will not be able to attend to your request, making it completely impossible to provide you with the information requested or to carry out the contracting of the services.
Likewise, the user guarantees that the information transmitted in any of the forms is truthful, accurate and corresponds to personal data of which he/she is the owner.
The services of our platforms are not intended for minors, so that only persons over 18 years of age are allowed to register, otherwise we warn that any liabilities that may arise as a result of the use of our platforms will be borne by the parents or guardians of the minor.
To avoid the use of our services by minors, we try to verify the age of our users when they register by requesting their date of birth.
WHAT SECURITY MEASURES DO WE HAVE IN PLACE?
The security measures adopted by COLORKER SA are those required, in accordance with the provisions of article 32 of the RGPD.
In this regard, COLORKER SA, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of the processing, as well as the risks of varying likelihood and severity for the rights and freedoms of natural persons, has established the appropriate technical and organisational measures to ensure the level of security appropriate to the existing risk.
In any case, COLORKER SA has implemented sufficient mechanisms to:
- Guarantee the permanent confidentiality, integrity, availability and resilience of the processing systems and services.
- Restore availability and access to personal data quickly in the event of a physical or technical incident.
- Regularly verify, evaluate and assess the effectiveness of the technical and organisational measures implemented to ensure the security of the processing.
CHANGES TO THIS PRIVACY POLICY
From time to time, this Privacy Policy may be revised in order to update changes in current legislation, update the procedures for collecting and using personal information, the appearance of new services or the exclusion of others. These changes will be effective from the date of publication on the website, so it is important that you regularly review this Privacy Policy in order to remain informed about the changes.