Privacy Policy

PRIVACY POLICY

In accordance with the provisions of the General Data Protection Regulation 2016/679 (GDPR) and Organic Law 3/2018 on Data Protection and Guarantee of Digital Rights (LOPDGDD) of December 5, 2018, we inform you of the following:

DATA CONTROLLER

Identity: RENOVATE MANAGER SL, Tax ID (CIF) B70809108 (hereinafter referred to as “the Controller”)
Address: Av. Diagonal, 362, 08006 Barcelona, Spain
Telephone: +34 645 111 666
Contact Email: info@renovatemanager.com

PURPOSE OF DATA PROCESSING

Depending on the commercial and/or professional relationship established or intended to be established between the User and the Controller, personal data will be processed for the following purposes:

  • To manage the user registration process through a single account, allow access to the private area of the website, and process the personal data necessary for the correct provision of services, compliance with legal obligations, and maintenance of the contractual relationship between the Controller and the User.

  • To market our products and manage orders and purchases made through the website, including invoicing. Your data may also be used for administrative, accounting and tax purposes, as well as to maintain communications related to your order, including notifications regarding its status or possible incidents.

  • To process and respond to contact requests, information requests and/or inquiries submitted by users through the forms or contact channels available on the website.

  • To manage subscription to our Newsletter and send periodic communications regarding company news, services, offers, promotions and other information that may be of interest to you.

  • To facilitate, streamline and fulfill the commitments established between the Controller and the User, as well as maintain the relationship established.

In accordance with the GDPR, a record of processing activities is maintained, specifying the processing activities carried out and the purposes thereof, together with the other circumstances established by the GDPR.

Personal information provided by users will not be used for purposes other than those described above. No automated decisions will be made.

LEGAL BASIS FOR DATA PROCESSING

The legal basis for the processing carried out is based on:

  • Consent granted by checking the corresponding box(es).

  • The execution of a contract and/or service in which the User is a party and therefore has provided personal data within the framework of a contractual or pre-contractual relationship for the purpose of responding to requests and/or inquiries, where processing is necessary for maintaining said relationship.

  • Compliance with legal obligations applicable to the Controller requiring the processing of personal data in accordance with the services provided or related to tax, accounting or commercial obligations, in compliance with applicable regulations.

The User has the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent prior to its withdrawal.

PERSONAL DATA PROCESSED AND SOURCE

Depending on how the User uses the website, the personal data processed may include:

  • Identification data

  • Contact data

  • Browsing data

  • Access or account data (if the User creates an account)

  • Financial and payment data (if purchases are made through the website)

The collected data is provided directly by the User when contacting the Controller, completing forms, or using other functionalities available on the website.

The use of contact sections, forms and functionalities offered on the website is voluntary. However, completion of certain fields is necessary in order to correctly process and manage requests. Failure to provide the required information may prevent the Controller from responding appropriately.

The User guarantees that the data provided is truthful, accurate and complete. Data that proves inaccurate, incomplete or no longer necessary will be deleted, cancelled or blocked in accordance with current legislation.

If personal data belonging to a third party is provided, the User guarantees that they have informed said third party of this Privacy Policy and obtained authorization to provide the data for the stated purposes. The User also guarantees that such data is accurate and up to date and accepts responsibility for any direct or indirect damages arising from failure to comply with this obligation.

The User undertakes responsibility for the truthfulness and accuracy of the data provided and agrees to keep it updated.

LINKS POLICY AND SOCIAL MEDIA

The website may include links to third-party websites or social media platforms where the Controller is present.

These third-party websites have not been reviewed or controlled by the Controller, who assumes no responsibility for the content freely published by users on such platforms.

Users should be aware that any publications they make may be visible to other users, and therefore they themselves are primarily responsible for their privacy.

DATA RETENTION PERIOD

Personal data provided by the User will be retained:

  • For as long as the User remains registered in the service

  • For as long as the business relationship is maintained

  • Until the User requests deletion of their data

  • Or for the legally required retention period

Data may also be retained when necessary to comply with legal obligations or for the establishment, exercise or defense of legal claims.

If the User withdraws consent or exercises their rights of objection or deletion, the data will remain blocked and available to the Courts and Public Authorities for the legally established periods in order to address potential liabilities arising from data processing.

In no case will this affect the provision of services or execution of contracts with the Controller.

CONFIDENTIALITY AND SECURITY OF PERSONAL DATA

The Controller undertakes to adopt the necessary technical and organizational measures appropriate to the level of risk associated with the collected data, ensuring the security of personal data and preventing accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access.

Personal data will be treated as confidential. The Controller undertakes to ensure, through legal or contractual obligations, that confidentiality is respected by employees, collaborators and any person granted access to the information.

DISCLOSURE AND RECIPIENTS OF PERSONAL DATA

Personal data may be disclosed to third parties when expressly required by applicable law or when necessary to comply with legal obligations or provide services essential to the activity, such as banking institutions and payment gateways.

If the User makes a payment through the website, the data necessary for processing the transaction may be communicated to financial institutions or payment gateways.

These entities act as independent data controllers in accordance with their own privacy policies.

Certain service providers act as data processors, with whom the Controller has entered into the corresponding agreements in accordance with Article 28 of the GDPR, guaranteeing the security and confidentiality of the information at all times.

No international data transfers are carried out. If the Controller uses providers located outside the European Economic Area (EEA), it will ensure that such recipients provide adequate guarantees for the protection of personal data in accordance with Regulation (EU) 2016/679 (GDPR).

USER RIGHTS

What rights do you have when providing us with your data?

The User has the right to obtain confirmation as to whether or not personal data concerning them is being processed.

The User has the right to:

  • Access their personal data

  • Request rectification of inaccurate data

  • Request deletion of data when, among other reasons, the data is no longer necessary for the purposes for which it was collected

  • Request restriction of processing under certain circumstances

  • Object to the processing of their data for reasons related to their particular situation

  • Request data portability where legally applicable

  • Not be subject to automated individual decision-making

The User may exercise the rights of access, rectification, opposition, deletion, restriction of processing, portability and objection to automated decisions by sending a written request together with a copy of their ID document, including the reference “GDPR Rights”, to:

objectandstory@gmail.com

Users are also informed that they may submit any complaint relating to personal data protection to the Spanish Data Protection Agency:

Spanish Data Protection Agency (AEPD)