Our website address is: https://chromatica.es.
At Chromatica Home we respect your privacy and we are committed to protecting your personal data.
We must have a legal basis to process your personal data and this policy explains how we act legally with respect to each of the purposes for which your information is maintained and used. In general, we are authorized to process your personal information where necessary in connection with a contract between us (such as a contract to supply our products or services), to comply with our legal obligations or if we have a legitimate interest, prevailing interests of the client.
WHO ARE WE?
We are Chromatica Home and we offer home accessories, lighting products and fine art photography prints. We also sell our products through the Etsy platform to customers in Spain, the US, Europe and other countries around the world.
Chromatica Home (“we”, “us” or “our”) operates the website https://www.chromatica.es/ (the “Service”).
HOW DO WE COLLECT INFORMATION?
– We obtain information when you ask for our services.
– We obtain information when you make a purchase through this website and/or our Etsy shop.
– We obtain information when you subscribe to our mailing list.
– We obtain information when you browse our website.
WHAT INFORMATION DO WE COLLECT?
We collect information that allows us to fulfill our obligations to our customers, and respond to business inquiries. The table below describes what information we collect and for what purpose.
• Personal data: By using our service, we may request that you provide us with certain personally identifiable information that may be used to contact you or identify you. Personally identifiable information may include, but is not limited to:
– Email address
– First Name and Last Name
If you give us permission to do so (for example, by subscribing to our mailing list), we may use your personal information to contact you with newsletters, promotional or marketing materials and other information that may be of interest to you.
You may opt-out of receiving any, or all, of these communications from us by following the unsubscribe link or the instructions provided in any email we send you.
• Sensitive data: We do not gather sensitive personal data (for example, health, genetic, biometric data, racial or ethnic origin, political opinions, religious or philosophical beliefs, union affiliation, sexual orientation and criminal convictions). We expressly request that you not provide us with any sensitive information.
• Children’s data: Our service does not address anyone under 13 years of age. We do not knowingly collect personally identifiable information from anyone under the age of 13. If you are a parent or guardian and you know that your child or children have provided us with personal information, contact us. If we become aware that we have collected personal data from children without verification of parental consent, we take steps to remove that information from our servers.
• Usage data: Our servers can also collect information about how the Service is accessed and used. This data may include information such as the Internet Protocol address of your computer (IP address), browser type, browser version, the pages you visit in our website, the time and date of your visit, the time spent on those pages, device identifiers and other diagnostic data. All this information is recorded in a server activity file that allows the subsequent processing of the data in order to obtain statistical measurements that allow knowing the number of page impressions, the number of visits made to web services, etc.
HOW DO WE USE THE DATA COLLECTED?
We guarantee that the use made of your personal data is covered by the GDPR (General Data Protection Regulation). The legal bases and the different uses of your personal data may be, but are not limited to the following:
• Execution of a contract established with you:
– To provide and maintain our Service.
– To notify you about changes to our Service.
– To provide customer support.
• When you have provided your affirmative consent, which you can revoke at any time:
– By registering on our mailing list.
– To allow you to participate in interactive features of our Service when you choose to do so.
• Compliance with our legal obligations:
– To comply with our Terms and Conditions and other Policies.
– Management and logistics planning, including accounting and auditing.
– Management of legal disputes.
– Detection and prevention of fraud, money laundering and other crimes.
– Protection of the user and others from possible damages.
• Achievement of our legitimate interests or those of third parties:
– To improve our services.
– To detect, prevent and address technical problems.
– To provide you with news, special offers and general information about other goods, services and events that we offer that are similar to those you have already purchased or enquired about, unless you have chosen not to receive such information.
– Interact and respond to the requests you have sent us or on any publication or social networks where you have tagged us.
– Answer the communications you send us, including calls, emails, real-time chats, publications and messages through social networks.
Please note that we may process your personal data without your knowledge or consent, protected by the above-described rules, provided they are within the legal framework.
WITH WHOM DO WE SHARE THE PERSONAL DATA?
– We will not sell or rent your information to third parties.
– We will not share your information with third parties for marketing purposes.
– We will share your personal information with these third parties, but only to the extent necessary to perform these services in the following manner:
• Commercial transfers: If we sell or merge our business, we may disclose your information as part of that transaction, only to the extent permitted by law.
• In accordance with the laws: We may collect, use, retain and share your information if we believe in good faith that it is reasonably necessary to:
– Respond to a legal process or to government requests.
– Enforce our agreements, terms and policies.
– Protect and defend our rights, our property or public property.
– Prevent, investigate and address fraud and other illegal activities, security or technical problems.
– Protect the rights, property and safety of our clients or others.
Under certain circumstances, we may be required to disclose your Personal Data if required by law or in response to valid requests from public authorities such as the State Security Forces, in compliance with investigations and judicial processes.
• Service providers: We may employ third party companies and individuals to facilitate our Service, to provide the Service on our behalf, to perform services related to our Service, or to help us analyze the use of our Service. Such providers may include, but are not limited to:
– Google Analytics: Is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.
For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en
– Facebook Tracking Pixel: With your permission, our website utilizes the Conversion Tracking Pixel service of Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA (“Facebook”). This tool allows us to follow the actions of users after they are redirected to a provider’s website by clicking on a Facebook advertisement. We are thus able to record the efficacy of Facebook advertisements for statistical and market research purposes. The collected data remain anonymous. This means that we cannot see the personal data of any individual user. However, the collected data are saved and processed by Facebook. We are informing you on this matter according to our information at this time. Facebook is able to connect the data with your Facebook account and use the data for their own advertising purposes, in accordance with Facebook’s Data Use Policy found under: https://www.facebook.com/about/privacy/. Facebook Conversion Tracking also allows Facebook and its partners to show you advertisements on and outside Facebook. In addition, a cookie will be saved onto your computer for these purposes.
Only users over 13 years of age may give their permission. If you are younger than this age, please consult your legal guardians.
Please click here if you would like to revoke your permission:
– Payments: We may provide paid products and/or services within our services. In that case, we use third-party services for payment processing (e.g. payment processors).
– Shipping companies and / or carriers to provide freight transport services.
– Internet Hosting Providers with whom we work to maintain our website, infrastructures, services and applications.
– Contact management systems, for sending emails, instant messaging, messages through social networks and SMS.
– Other web analysis services to monitor and inform about the traffic of our website.
We also use a series of third-party services to help us meet our contractual obligations and provide the services we offer, as detailed in the table below. We have verified that these third-party services comply with GDPR (or are working to comply with GDPR) and are certified under the EU-US Privacy Protection Framework. (Or they are working to obtain certification) where these organizations are based outside the EU.
|NAME||WHAT||LEGAL BASIS||PURPOSE||THIRD PARTIES||DATA RETENTION|
|Prospect, client, customer and supplier contact information.||Contract||To allow ongoing contact with potentials and existing clients, customers and suppliers.||Raiola Networks||Until request for deletion.|
|Mailing List||Subscriber first name and email address||Consent||Required to provide you with educational and promotional emails you asked to receive when you join our mailing list.||Mail Poet||Until you unsubscribe by clicking the link inside any email from us, or request deletion.|
|Invoicing||Client, customer and supplier purchase history and contact details.||Legal Obligation||For invoicing.||None (at the moment)||Indefinitely, for ongoing accounting and record-keeping.|
|Analytics||Website visitor behavior (anonymized – full IP address is not stored)||Legitimate Interests||To analyze popular content and website performance so we can improve our service and offerings.||Google Analytics||No personal data stored, behavior data retained indefinitely by Google Analytics.|
|Surveys||(Unless anonymized) first name, email address, website||Consent||To gather your thoughts and suggestions on our products and services, so we can improve.||None (at the moment)||Deleted 30 days after you submit your survey response.|
|Shipments||Name, shipping address, email address and phone number (if required by shipping company for international shipments)||Contract||To be able to send our products to their proper destination.||Packlink, Metrópoli Cuatro, Correos España||Indefinitely, for ongoing accounting and record-keeping.|
|Facebook Tracking Pixel||Website Visitor Behavior (no personal data)||Legitimate Interest||To observe the efficacy of Facebook advertisements.||Indefinitely unless you revoke permission, as detailed beforehand.|
HOW LONG DO WE KEEP PERSONAL DATA?
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
HOW DO WE PROTECT THE SECURITY OF PERSONAL DATA?
The security of your data is important to us, but remember that no method of transmission over the Internet or electronic storage method is 100% secure. Although all our resources are aimed at protecting your personal data, we can not guarantee your absolute security; therefore, any transmission you make will be under your responsibility. Once we have received your information, it will be treated under the strictest security procedures and protocols to avoid accesses that are not authorized.
The information will be stored and processed whenever possible within the EU. In the event that it is not possible for third parties, they agree that the information will be treated according to the Privacy Shield Framework (Treaty between the US and EU on Data Protection) or the Model Clauses of the EU (Standard contractual clauses used in the agreements between service providers and their customers to ensure that all data leaving the European Economic Area are transferred in accordance with the EU Data Protection Act).
All the information you provide us is hosted on security servers managed by third parties. Please keep in mind that you are responsible for the password that we have provided you or that you have created to access certain areas of our website. We ask you not to share the password with anyone.
Your information, including personal data, may be transferred and maintained on computers located outside of your state, province, country or other governmental jurisdiction where data protection laws may differ from those in your jurisdiction.
If you are outside of Spain and you decide to provide us with information, please note that we transfer the data, including Personal Data, to Spain and process it there.
WHAT ARE YOUR RIGHTS REGARDING YOUR PERSONAL DATA?
We aim to take reasonable measures to allow you to correct, modify, eliminate or limit the use of your personal data.
If you reside in certain territories, including the European Union, you have several rights in relation to your personal information. While some of these rights apply in general, certain rights apply only in certain limited cases. We describe these rights below:
• Access: You may have the right to access and receive a copy of the personal information we have about you by contacting us using the contact information below.
In order to maintain the security of your data, we will have to verify your identity before providing you with a copy of the information we keep. The first copy you request will be free. If you require more copies, we could charge you an administrative fee to cover our costs.
• Correct, restrict, delete: You may also have the right to change, restrict our use or delete your personal information. In the absence of exceptional circumstances (such as when we are required to store data for legal reasons) we will generally remove your personal information upon request.
• Object: You can object (i) to processing some of your information based on our legitimate interests and (ii) receiving our marketing messages after providing your express consent to receive them. In such cases, we will delete your personal information unless we have compelling and legitimate reasons to continue using that information or if it is necessary for legal reasons.
• Complaints: If you reside in the European Union and wish to raise a concern about our use of your information (and without prejudice to any other rights you may have), you have the right to do so with your local data protection authority.
LINKS TO OTHER SITES
We do not control or assume any responsibility for the content, privacy policies or practices of third-party sites or services.
We may modify this Policy from time to time, so check this page periodically to make sure you are up to date with the changes. By using our services, you agree to the collection and use of information in accordance with this policy.
Any questions related to this policy should be sent by email to:
Effective date: May 25, 2018.