PRIVACY POLICY

 

  1. IDENTIFICATION OF THE RESPONSIBLE PARTY

The entity responsible for processing personal data on this website https://koeva.es (he "“Place Web”), according to the definition of data controller set out in Article 4.7 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (the “GDPR”), is Jun Vázquez Gualda (the “Responsible”).

The identification and contact details of the Data Controller are detailed below:

  • NIF: 38868124X

  • Address: c/ Narcís Monturiol, 22, B01, (08339) Vilassar de Dalt (Barcelona).

  • Email: info@koeva.es

If you have any questions about the processing of your personal data or wish to exercise your rights, you can contact the Data Controller by mail or email at the addresses indicated above.

  1. PRINCIPLES APPLIED IN DATA PROCESSING

In the processing of personal data, the Controller will apply the following principles in compliance with the GDPR: 

  • Principle of legality, fairness and transparencyPersonal data will be processed lawfully, fairly, and transparently in relation to the User. The Data Controller will ensure that the processing is based on an appropriate legal basis and will provide clear and accessible information about the purposes of the processing before obtaining the User's consent, where necessary. 

  • Principle of purpose limitationPersonal data will be collected for specified, explicit and legitimate purposes, and will not be further processed in a manner incompatible with those purposes. 

  • Principle of data minimizationOnly personal data that is adequate, relevant and strictly necessary for the purposes for which it is processed will be collected. 

  • Principle of accuracyReasonable measures will be taken to ensure that personal data is accurate and up-to-date. Any inaccurate data will be rectified or deleted without delay. 

  • Principle of limitation of the retention periodPersonal data will be kept for the time necessary to fulfill the purpose for which it was collected. 

  • Principle of integrity and confidentiality: Adequate security of personal data will be ensured through the application of appropriate technical and organizational measures to protect them against unauthorized or unlawful processing, as well as against accidental loss, destruction or damage.

  1. PROCESSING OF PERSONAL DATA ON THE WEBSITE

    1. SSL encryption

For security reasons, and in particular to prevent the leakage or theft of personal or confidential data, the Website It uses SSL encryption technology, which encrypts data traffic between your browser and our server. Website, thus preventing third parties from seeing or intercepting the personal or confidential data you send us when you browse or contact us through the Website.

Those websites whose URL begins with “https://”, as is the case in our Website, They offer a secure connection as they are protected by an SSL or TLS certificate that encrypts information flows.

  1. Server log files 

When you access the Website We automatically collect and process certain data provided by your browser, known as "server log files". This data includes: 

  • Browser version and type you used to access the Website

  • The operating system you use on your device.

  • Referral links.

  • Duration of the visit.

  • IP address. 

  • Time and date of access to Website.

The above-detailed information is technically necessary for you to be able to navigate our website. Website in an optimal way, avoiding errors or failures in content playback or the execution of functionalities. This data will not be combined with other data sources.  

The lawfulness of processing this personal data is based on our legitimate interest as operators of the Website -Art. 6.1.f) of the GDPR-. The legitimate interest pursued is to offer a website free of technical errors, compatible with the main browsers or operating systems and with user-friendly navigation for our users or customers. 

We will store this data for 30 days. After this period, it will be automatically deleted. 

  1. Cookies 

The Website uses its own and third-party cookies for technical, personalization, analysis, advertising purposes and to enable content from external social networks. 

If you would like more information about the use of cookies on the Website, please see our Cookie Policy: https://koeva.es/politica-de-cookies/

  1. Contact forms and emails

If you contact us via email, or if you fill out any of the contact forms available on the Website, We may ask you for some personal information in order to respond to your inquiry, complaint, or request. This personal information will primarily include the following:

  • Name and surname.

  • Contact phone number.

  • Email.

  • Any other personal data that you choose to provide to us through the contact form.

The lawfulness of processing this personal data is based exclusively on your consent -Art. 6.1.a of the GDPR-. 

You have the right to revoke your consent for this processing at any time; to do so, simply let us know via email at the address info@koeva.es via postal mail to the following address: c/ Narcís Monturiol, 22, B01, (08339) Vilassar de Dalt (Barcelona).

We will store this data for a period of 2 years, unless you request its deletion beforehand, revoke your consent, or the reason for which it was collected expires.

  1. Blog comments

If you wish to post comments on blog entries on the Website, you will need to provide some basic personal information to manage the comment functionality, prevent spam, and foster a respectful environment. This personal information primarily includes the following: 

  • Name (can be a real name or an alias). 

  • Email address. 

  • Comment content. 

  • IP address (automatically collected for technical and security reasons). 

  • Date and time of publication of the comment. 

Your name and comment will be publicly displayed on the blog, while your email address will not be published and will be used exclusively to validate the comment or, if necessary, to contact you regarding your participation in the blog. 

The lawfulness of processing this personal data is based on your consent -Art. 6.1.a of the GDPR-. 

You have the right to withdraw your consent for this treatment at any time by sending an email to: info@koeva.es or by postal mail to: c/ Narcís Monturiol, 22, B01, (08339) Vilassar de Dalt (Barcelona).

Comments and associated data will be retained as long as the blog content where they were published remains visible, unless you request their removal or withdraw your consent.

  1. Newsletter

To sign up for our newsletter and receive our news and promotions, you will need to provide us with an email address.

All our promotional emails include an unsubscribe link at the bottom. If you'd like to unsubscribe now, you can do so by clicking the link below and entering your email address: [Add Newsletter Unsubscribe Link]

Our newsletters are sent via the platform MailChimp Based in Georgia, USA. As this is an international data transfer and to ensure compliance with Article 26, paragraph 2 of the GDPR, MailChimp has incorporated standard contractual clauses to add appropriate safeguards regarding the protection of privacy and fundamental rights and freedoms of individuals for the transfer to the USA. If you wish to view the full document of contractual clauses, you can do so by following this link. link.

The lawfulness of processing this personal data is based exclusively on your consent -Art. 6.1.a) of the GDPR-.

You have the right to revoke your consent for this processing at any time; to do so, simply let us know via email at the address info@koeva.es or via postal mail to the following address: c/ Narcís Monturiol, 22, B01, (08339) Vilassar de Dalt (Barcelona).

We will store your email data until you request its deletion, revoke your consent, or unsubscribe from our newsletter. 

  1. Google services and tools

The Website uses the following services offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”): 

Google Analytics with remarketing:

This tool allows us to analyze activity within the website, providing key information about user behavior. To do this, Google uses cookies that collect and store the following data:  

  • IP address.

  • Operating system, browser, and type of device used.

  • Navigation language.

  • Date and time of the visit.

  • Interactions and navigation within the Website.

These cookies have an approximate validity of 30 days and are not designed to personally identify the user, but to evaluate the use and behavior of visitors within the Website. 

In addition, Google's remarketing feature allows you to create specific audiences based on user activity and share them with your Google Ads account. A remarketing audience is a group of users identified through cookies or advertising IDs, selected for their high likelihood of completing a conversion. 

Through Google Ads remarketing, Google places a cookie in the user's browser, assigning them a pseudonymous ID. This automatically enables interest-based advertising based on the pages visited. If the user has consented to share their browsing history with Google, this history can be combined with Google Analytics and Google Ads data to generate target audiences in remarketing campaigns, even across different devices.

  • Google Ads with conversion tracking:

Google Ads is a tool that allows you to create and publish ads on Google and other websites, as well as measure the sales conversion rate generated by clicks on your ads. When creating an advertising campaign in Google Ads, you can segment your target audience according to the following criteria:  

  •  Geographic location: segmentation by country, city or even specific radius. 

  • Demographic data: age, sex and other relevant factors. 

  • Interests: user activities, hobbies and preferences. 

  • Online shopping habits: consumer behavior and affinity with certain products or services.

When a user clicks on one of our ads, Google temporarily stores a conversion cookie in their browser. These cookies, which typically expire after 30 days, do not allow for the personal identification of the user, but they help Google assess whether a purchase was made after interacting with the ad. 

  • Google reCAPTCHA: 

Google reCAPTCHA is a tool designed to protect the forms and comment sections of our websites against spam and misuse. Its main function is to distinguish between human interactions and those generated by bots or automated software. To perform this verification, Google collects and stores information using cookies, including:

  • User's IP address. 

  • Referral URL (the page from which the form was accessed). 

  • Operating system, browser, and type of device used. 

  • Navigation language. 

  • Date and time of access. 

  • Website Activity.

Google may store and process this data in any country where it has servers or subcontractors, which could involve an international transfer of personal data. 

The data provided by Google through these tools is statistical. and anonymous, Therefore, they do not allow us to identify users individually.

  • The legal basis for processing data through Google Ads and Conversion Tracking is the user's consent, in accordance with Article 6.1.a) of the GDPR. 

  • In the case of Google reCAPTCHA, the processing is based on the legitimate interest of ensuring security and preventing fraudulent activities on the Website, in accordance with Article 6.1.f) of the GDPR.

If you would like more information about Google's use of data, you can consult the following official resources:

  1. «"How Google uses information from websites or apps that use its services," available here

  2. Google's privacy policy is available. here

Additionally, you can manage the collection of your data by configuring your browser to block third-party cookies or disable conversion tracking. If you have a Google account, you can review and modify privacy settings from the your account control panel.

  1. DATA RECIPIENTS

As a general rule, your personal data will not be communicated or transferred to third parties, except for legal obligation, in which case, only those data that are strictly necessary for compliance with the legal obligation will be disclosed.

Notwithstanding the foregoing, your personal data may nevertheless be communicated to third-party service providers related to the management of this Website, Under strict contractual and confidentiality conditions, these providers will act as data processors, as defined in Article 4.8 of the GDPR. Therefore, they may only use the personal data to which they have access to provide their services or comply with the instructions of the Data Controller and, in no case, for their own purposes or to transfer them to third parties.

No international data transfers will be made. If such transfers were to occur at any time, you will be notified beforehand in order to obtain your explicit consent.

  1. DATA RETENTION

Personal data obtained through Website They will be stored within the European Union, and will be kept as long as necessary for the purposes described, unless their deletion is requested by the user.

In section 3 of this Privacy Policy you can find out what the data retention period is for each of the processing activities we carry out through the Website. 

  1. USER RIGHTS

As a user of the Website, you have the right to:

  • Access to your dataRequest access to the personal data we hold about you.

  • Data rectification: Request the correction of any inaccurate or incomplete information we may have about you.

  • Data deletion: Request that we delete your personal data when it is no longer necessary for the purposes for which it was collected or when we no longer have a legitimate basis for processing it.

  • Treatment limitation: Ask us to restrict the use of your data in certain circumstances, for example:

  • When you question the accuracy of the data, we will wait until we verify it.

  • If the processing is unlawful and you prefer limitation to deletion.

  • When we no longer need the data, but you need it to exercise or defend legal claims.

  • Withdrawal of consent: If you gave us your consent to process your data for a specific purpose, you have the right to withdraw it at any time. You can find out how to do this in section 2, where we explain the purposes of data processing.

  • Opposition to treatment: When we process your data based on our legitimate interest, you have the right to object to the processing.

  • Data portability: Request, where technically possible, that we transfer your personal data to you or a third party in a structured, commonly used and machine-readable format.

  • File a claim: If you believe that your rights have not been respected, you have the right to file a complaint with the competent supervisory authority, in particular the Spanish Data Protection Agency (www.aepd.es).

We remind you that you can exercise any of these rights by contacting us via email info@koeva.es or by mail to the following address: c/ Narcís Monturiol, 22, B01, (08339) Vilassar de Dalt (Barcelona).

  1. SECURITY MEASURES

The Data Controller has implemented appropriate technical and organizational measures to ensure the security of personal data and prevent its loss, unauthorized access or misuse.

  1. MODIFICATIONS

The Data Controller reserves the right to modify or update this Privacy Policy to reflect legislative, jurisprudential, or internal changes in personal data processing procedures. Any modifications will be prominently displayed on the Website with a clear indication of the update date.

We recommend that users review this Privacy Policy periodically, especially before providing personal information or browsing the Website. 

With regard to data processing carried out prior to the modifications of this Policy, the conditions in force at the time the user provided their data will apply, unless legal changes require the retroactive application of the new provisions. 

 

For any questions regarding modifications made or the content of this Privacy Policy, you can contact us through the means indicated in this document.