MARCÓ DACHS, S.A. processes your data as the Data Controller. This means that MARCÓ DACHS, S.A. collects and stores your personal data and that, if there are any queries concerning the handling of this data, you should contact us.
What do we use your personal data for?
MARCÓ DACHS, S.A. will use your data to respond to any requests, queries or suggestions that you send us. We may also use the data to contact you if necessary or to send you commercial information if you have authorised us to do so. If you use our online platform, we will use your data to process your order.
Why do we process your personal data?
MARCÓ DACHS, S.A. is legally entitled to process your data for various reasons. In most cases, such as when you send us a query or request, the legal basis for processing this data is our legitimate interest in responding to your request. When we send you a commercial communication, the legal basis for the processing is your authorisation for us to do so. Another legal basis is the performance of the contract that binds us, in cases in which the user is one of our customers or suppliers.
Who do we share your personal data with?
It is the intention of MARCÓ DACHS, S.A. not to share your personal data, but it is sometimes necessary to do so for certain operations. Whenever we do so, it will be with companies we trust, with whom we will have reached an agreement and who will have demonstrated their regulatory compliance in accordance with current data protection regulations. Whenever we share your data, it will be for specific matters and under our control. These companies will not process the data on their own, but in accordance with our request.
What are your rights in relation to the personal data that we process?
Whenever your personal data is processed, you have the right to access, rectify and erase that personal data. If certain circumstances are met, you can also restrict and object to its processing, as well as having the right to data portability and not to be subject to automated decision-making.
For more detailed information, you can continue reading the rest of this Privacy Policy.
1. Who is the Data Controller?
The Data Controller is:
17253 MONT-RAS (Girona)
MARCÓ DACHS, S.A. informs users that the data provided on this website will be processed by the Data Controller in accordance with the provisions of this Privacy Policy, as well as the information collected in the Processing Activity Register, in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of April the 27th, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter, GDPR).
2. How do we process your personal data?
The website www.marcodachs.com has different purposes for which it processes data, so depending on the services or features you wish to use at any given time, we will need to process some data or other. In general, however, the purposes are the following:
- Identification and contact data: We collect the identification and contact data of those users who browse our website or fill in a form. This data category includes their name and surname, language, telephone number, email address...
- Economic and transactional information: We collect economic and transactional data from customers who place orders through our web platform. This data category includes payment methods and information regarding the goods and services supplied.
- Connection, geolocation and browsing data: We collect connection, geolocation and browsing data that is provided to us by cookies or permissions that have been attributed to the browser from which the website is accessed, if done through a mobile device.
- Commercial information: We collect commercial information data from users who have subscribed to the newsletter. This category includes purchase preference data.
In certain forms, where personal data is requested in order to give you access to certain features, you need to fill in fields marked as mandatory. Please note that not filling in the mandatory data fields may mean that you will not be able to access said service or feature.
- The processing of data in order to be able to inform you of updates or informative communications associated with the products or services requested.
- Management of payments for products or services purchased.
- Management of exchanges or returns of purchases made through the purchasing portal.
- Invoicing of products or services provided and provision of relevant documentation.
- Sending of quality surveys by any available means.
- Personalise services and provide recommendations based on user preferences. It involves analysing the user's profile such as their purchase history.
- For users who subscribe to the newsletter, we will process the data provided in order to manage their subscription, which includes the sending of generic and personalised information related to our products.
- Display internet advertising that may appear on websites or apps and which is associated with the acceptance of advertising profiling cookies. For more information regarding the Cookies Policy, visit the "Cookies Policy" document.
- Enhance our own data by combining the information that we have from various sources and in certain circumstances in order to improve our understanding of your needs.
- Carry out promotional actions in which the user participates. In each promotional action that allows the user to participate, the legal bases will be published, which will expand on the information to be taken into account.
- Disseminate on our channels or social networks images that users have shared publicly.
3. What is the legal basis for processing your data?
- First, there is a contract that binds both parties, therefore, the legal basis is the performance of the contract (Art. 6.1.b GDPR).
- There are certain purposes that will only be applied if the user requests them, and as such the legal basis will be their consent (Art. 6.1.a GDPR).
- There are purposes in which the legal basis is the legitimate interest that we have in carrying out said action, verification or communication (Art. 6.1.f GDPR).
If the user decides to contact us via WhatsApp, they have accepted the platform's Privacy Policy and have authorised us to use said platform to contact them, the legal basis is their authorisation (Art. 6.1.a GDPR).
- Our legitimate interest in personalising the services and providing recommendations to our customers, as well as in combining the information we have in order to ascertain the tastes and interests of our customers (Art. 6.1.f GPDR).
- The express authorisation given by the user when they subscribe to the newsletter, accept cookies that allow their habits to be analysed or participate in promotional actions (Art. 6.1.a GDPR).
4. How long do we keep your data for?
There are other types of data, which do not have to be kept for a certain period of time, which we will keep until the user requests that we delete it or until the deadline for the removal of the documentation concerned has passed.
In the case of promotional campaigns, the retention periods will be specified in the terms and conditions of participation.
5. Do we share your data with third parties?
In order to fulfil the intended purposes and guarantee the quality standards of MARCÓ DACHS, S.A., we need to have the support of external companies that allow us to carry out our activity. The entities to which we may transfer your data, when required, are:
- Financial entities.
- Fraud detection and prevention entities.
- Technology service providers and partners.
- Logistics, transport and delivery service providers and partners.
- Customer service providers.
- Advertising, marketing and social media service providers and partners.
Our providers are entities located within the EU, meaning they guarantee compliance with the GDPR and the data processor agreement has been signed with them to ensure that they are compliant with the relevant regulations. However, in specific cases, it may be that one of our providers is located outside the EU and, as a result, international data transfers may occur. In these cases, MARCÓ DACHS, S.A. will guarantee the use of the Standard Contractual Clauses adapted by the European Commission as a guarantee for transfers to countries that do not have an adequacy decision from the European Commission.
In any case, the providers with whom certain personal data is shared will have previously demonstrated the adoption of appropriate technical and organisational measures for the adequate protection of the data. By accepting this Privacy Policy, you accept that an international data transfer may occur in accordance with the guarantees indicated.
In the event that the conditions set out in Article 46 of the GDPR are not met, the data subject may consent to the international transfer or a contract may be executed in the interest of the data subject. Otherwise, authorisation must be requested from the supervisory authority.
We also inform you that some services provided by MARCÓ DACHS S.A. may involve the transfer of personal data to a third country outside the EU, in cloud services provided by some of the main international providers (for example, Amazon, Google, Microsoft, Apple). In these services, the aforementioned compliance will also be confirmed.
Finally, we inform you that the data may be transferred to or requested by public administrations and bodies when so required by applicable regulations.
6. What are your rights when you provide us with your data?
MARCÓ DACHS, S.A. undertakes to respect the confidentiality of your personal data and to guarantee the rights inherent to both the data and the processing it carries out. For this reason, we provide you with two ways of requesting the exercise of your rights, with "DATA PROTECTION" in the subject line:
- By email to: info@marcodachs.com
- By postal mail to: Av. de La Bisbal, 18. Z. I. de Morena, 3. Road C-31 Km. 332. 17253 MONT-RAS (Girona)
If we consider it necessary, we may request a copy of a document proving your identity or that of the person you represent.
The rights that you can exercise, regardless of the purpose or legal basis, are:
- Request access to the data that we hold about you.
- Request that we rectify the data that we already hold, but that is erroneous or inaccurate.
- Request that we erase data that is no longer necessary for the purpose for which it was requested.
- Request that we restrict the processing of your data.
- Request the consent that you have previously given us for the processing of your data.
- Object to our processing of your data based on legitimate interest, especially in the field of marketing.
- Request the portability of the data (this right can only be exercised when the legal basis is your consent or the performance of a contract).
MARCÓ DACHS, S.A. must reply to the request submitted within one month of receiving it. This period may be extended for another two months if necessary, taking into account the complexity and number of requests. We will inform you of any extension within one month of receiving the request, indicating the reasons for the delay.
Data subjects also have the right to complain to the competent supervisory authority (Spanish Data Protection Agency, "DPA") when they believe MARCÓ DACHS, S.A. has violated their rights under the data protection regulations at: www.aepd.es.
7. What happens if we are provided with third-party data or if a third party has provided their data?
Typically, the user provides their own data, but there are certain features, such as when someone requests that their shipment be delivered to another address or on behalf of another person, in which we can process third-party data.
If you need to provide us with someone else's personal data, you guarantee that you have informed the person in question about our Privacy Policy and about the data that you are going to provide us with, informing them of the purpose for which it will be processed.
If, on the other hand, a third party has provided your data, we will use it for the purposes that correspond in each case. In the event you do not want us to continue processing the data, you should contact us as indicated in the previous section.
8. Do I need a username and password
MARCÓ DACHS, S.A. customers can access the customer area after requesting to create an account with MARCÓ DACHS, S.A. The user is responsible for maintaining the confidentiality of their account information, including the password, as well as each and every one of the activities that take place within it.
In the event of the illegitimate use of their account or password, or if any security-related problems occur, the user has the obligation to inform MARCÓ DACHS, S.A. immediately, by sending an email to: marcodachs.com.
9. Changes to the Privacy Policy
The information contained in this Privacy Policy may be modified when deemed appropriate by MARCÓ DACHS, S.A. In this event, we will notify you in a number of ways through the website itself or even by means of a communication sent to the email address that you have provided when the change in question is significant in regard to your privacy, so that you can review the changes, assess them and, where appropriate, object or unsubscribe from any service or feature.
10. Links to other websites
If you choose to leave our website via the links that appear on it, MARCÓ DACHS, S.A. will not be responsible for the privacy policies of said sites or for the cookies that they may store on the user's device.
Version: 1.0
Date: May 2021