1. DATA OF THE DATA CONTROLLER
Company Name: RO. PA. FASHION GROUP, S.L. (hereinafter, the "Company" or the "Responsible").
Tax ID: B74245242
Address: POLIGONO INDUSTRIAL OLLONIEGO, ZONA C, PARCELA 4 - 33660 - OVIEDO - ASTURIAS
Email for communications regarding Data Protection: email@example.com
1.1. Applicable regulations
1.2. Data Protection Officer
There is no appointed Data Protection Officer.
2. PURPOSE OF THE PROCESSING OF PERSONAL DATA
• Manage your registration as a user in the store owned by ROPA (www.walkinpitas.com). However, in any case the user must verify and validate their registration on each of the platforms by entering their username and password through consent.
• Manage the orders of products and / or services that you make through the Web, as well as the corresponding billing and shipping.
• Periodically send (via email, postal and / or SMS) electronic communications with offers, promotions and news related to our online platforms, unless otherwise indicated or the user opposes or revokes their consent.
• Make anonymous statistical reports regarding access habits and activity developed by users on the Web.
• Develop a commercial profile of the user and carry out commercial actions adjusted to it, using their data derived from the management of the products acquired (browsing data, access habits, traffic), unless the user opposes or revokes their consent.
• Comply with legally established obligations.
2.1. Term of Conservation of your data
We will keep your personal data from the moment you give us your consent until you revoke it or request the limitation of the treatment. In such cases, we will keep your data blocked for the legally required periods.
3. LEGITIMATION AND DATA COLLECTED
The legitimacy for the processing of your data is the express consent granted by a positive and affirmative act (fill in the corresponding form and check the acceptance box of this policy) at the time of providing us with your personal data.
3.1. Consent to process your data
3.2. Categories of data
The data collected refers to the category of identifying data, such as: Name and Surname, Telephone, Postal Address, Gender, Date of birth, Company, Email, as well as the IP address from where you access the data collection form.
4. SECURITY MEASURES
Within our commitment to guarantee the security and confidentiality of your personal data, we inform you that the necessary technical and organizational measures have been adopted to guarantee the security of personal data and prevent its alteration, loss, treatment or unauthorized access, taking into account the state of technology, the nature of the data stored and the risks to which they are exposed, according to Art. 32 GDPR EU 679/2016.
5. TRANSFER OF DATA
No data transfers or international transfers of your data are foreseen, except for those authorized by tax, commercial and telecommunications legislation as well as in those cases in which a judicial authority requires us to do so.
6. USER RIGHTS
Any data subject has the right to obtain confirmation as to whether we are processing personal data concerning him/her, or not. Interested persons have the right to access their personal data, as well as to request the rectification of inaccurate data or, where appropriate, request its deletion when, among other reasons, the data is no longer necessary for the purposes for which they were collected. In certain circumstances, the interested parties may request the limitation of the processing of their data, in which case we will only keep them for the exercise or defense of claims. For reasons related to their particular situation, the interested parties may object to the processing of their data. The Person Responsible for the file will stop processing the data, except for compelling legitimate reasons, or the exercise or defense of possible claims.
In accordance with current legislation you have the following rights: right to request access to your personal data, right to request its rectification or deletion, right to request the limitation of your treatment, right to oppose the treatment, right to the portability of the data and likewise, to revoke the consent granted. You also have the right to file a claim with the Spanish Agency for Data Protection.
6.1. How to exercise my rights?
To exercise your rights, you must contact the person in charge, requesting the corresponding form for the exercise of the chosen right. Optionally, you can go to the competent Control Authority for additional information about your rights. The contact details for the exercise of your rights are the email: firstname.lastname@example.org. Remember to accompany a copy of a document that allows us to identify you.
7. CONSENT TO SEND ELECTRONIC COMMUNICATIONS
Likewise, and in accordance with the provisions of Law 34/2002, of July 11, Services of the Information Society and Electronic Commerce, by completing the data collection form and checking the corresponding box "I accept the sending of electronic communications", you are granting express consent to send you to your email address, telephone, fax or other electronic means in sending information about the Company.
COMMENT FUNCTION ON OUR BLOG
We offer users the possibility to leave individual comments on each of the articles of our blog, which is located on the controller's website. A blog is a web-based, publicly accessible service through which one or more people called bloggers or bloggers can publish articles on different topics. Blog posts are usually commented on by third parties.
If a data subject leaves a comment on the blog published on this website, the comments made by the data subject are also stored and published, as well as information about the date of the comment and about the user (pseudonym) chosen by the data subject. In addition, the IP address assigned by the Internet Service Provider (ISP) to the data subject is also recorded. This storage of the IP address takes place for security reasons, in the event that the data subject violates the rights of third parties, or publishes illegal content through a certain comment. The storage of this personal data is therefore in the interest of the data controller, so that it can exculpate itself in the event of a breach.
This personal information collected will not be passed on to third parties, unless such transfer is required by law or serves the purpose of the data controller's defense.