Data protection policy

According to the provisions of the General Regulations European Data Protection (RGPD) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such, and based on the Organic Law 3/2018 of Personal data Protection and guarantee of digital rights management (LOPDGDD), we inform you that we will respect at all times the confidentiality of their data under the exclusive responsibility of:

1. Responsible

Company Name: CORTÉS ZAPATERIAS S.L.

Number B-27151034

Address: Doutor Castro, 20-22 27001 LUGO

Phone: 982 226 253

Email: clientes@corteszapaterias.com

Registered in the Register of Lugo, Sheet 1, Volume 166, Page LU-878

2. Purpose

CORTES ZAPATERIAS S.L. We treat the information you provide us interested persons in order to:

• To maintain customer relationships for billing and collection
• Manage the delivery of information requested us
• Provide stakeholders with product offerings and services of interest, as well as upcoming events or news relevant.

Pursuant to Art. 6, paragraph 1, paragraph 1, letter a of the RGPD, explicit consent be obtained prior to enrollment for our newsletter, we will use the data necessary for it to send commercial communications according to such consent. You can unsubscribe from the newsletter at any time by sending a message to our contact address described here or by clicking on the link provided for this purpose in the e-mail with such commercial communication. After unsubscribing we block your e-mail address for this use, provided that you have not given their express consent that the data remain used, or we reserve the right to continue using your data in cases permitted by law and on the that we reported in this document.

Data retention:

Data for managing the customer relationship and billing and collection services will be preserved throughout the time the contract is in force. After the relationship ended, if any, data may be kept for the time required by applicable law and to prescribe the possible liabilities arising from the contract.

Data for sending commercial communications products or services will be preserved indefinitely until, if any, we express their will to suppress them.

We will not store your personal information for any purpose for longer than necessary and only retain personal data required in relation to that purpose. In addition, we need to keep certain information in accordance with the law or as long as is reasonably necessary to meet regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions.

3. Legitimacy

The legal basis for the processing of your data is to implement the provision of the relevant service.

Prospective range of products and services to customers is based on the satisfaction of the business consisting legitimate interest to offer our customers the hiring of other products or services and thus get their loyalty. Such legitimate interest recognized by the relevant legislation (Regulation General Data Protection), which expressly permits the processing of personal data on the legal basis for direct marketing.

The basis of sending commercial communications to non-customer users is the consent that has been requested, being able to be revoked at any time. The withdrawal of this consent will not affect in any case to the execution of the contract, but data treatments for that purpose previously performed will not lose their landing due to the fact that consent has revoked.

However, we remind you that you have the right to oppose this treatment of your data, being able to do it by any of the means described in this policy.

4. Recipients

Data to third parties will not be given, except legal obligation.

5. International data transfers

They are not done.

6. Data conservation

The data obtained through cookies are preserved for 30 days.

7. Automated decisions

We will not elaborate a "commercial profile", based on the information provided. No automated decisions will be made based on this profile.

8. Origin of the data:

We inform you that we only collected the data from you, without obtaining them from other sources.

9. Integration of Trusted Shops TrustBadge

Trusted Shops TrustBadge is integrated into this website to show your quality seal and collected assessments, as well as to offer Trusted Shops products to buyers after placing an order.

This is necessary for the satisfaction of our legitimate interests when marketing our offer and to ensure the security of a purchase, commemorate to article 6 Farmover of the RGPD. The TrustBadge, and the services announced with it, are part of the offer of Trusted Shops GmbH, SubbelRather Str. 15C, Cologne C.P. 50823, Germany. A distribution network provider (CDN for its acronym in English) provides TrustBadge, as part of the order processing.

Trusted Shops GmbH uses US service providers. An adequate level of data protection is guaranteed. You can find more information about the security of Trusted Shops GmbH data here: https://www.trustedshops.es/aviso-legal/

Each time the TrustBadge is found, the Web server automatically saves a server log file, which contains the IP address, date and time of the visit, the amount of data transmitted and the applicant provider (access data), while registering the visit. The individual access data is stored in a security database for the analysis of security problems. The log files are automatically deleted, at the latest, 90 days after its creation.

Additional personal data will be transferred to Trusted Shops GmbH, to the extent that, once an order is formalized, you have opted for the use of Trusted Shops products or have already registered to enjoy its use. In this case, the contractual agreement established between you and Trusted Shops will be applied. To this end, personal data is automatically collected from the order data. Regardless of whether it is registered or not as Trusted Shops client, the client is recorded by a neutral parameter, the email address encrypted by a unidirectional encryption function. The email address becomes this Hash value, which Trusted Shops can not decrypt before transmission. After checking a coincidence, the parameter is automatically deleted.

This is necessary for the fulfillment of our legitimate interests and those of Trusted Shops in providing the protection of the buyer linked to the specific order and transactional review services in accordance with Article 6 paragraph F of the RGPD. You can find more details, including the right to file an objection, in the Private Shops Privacy Policy linked above and within the TrustBadge.

10. Rights

• Anyone has the right to obtain confirmation on whether in Cortés Zapaterías S.L. We are dealing with personal data that concerns them, and to the following information: the purpose of treatment; the categories of data treated; The recipients or the categories of recipients who have been communicated or communicated; If possible, the predicted period of conservation of personal data or, if not possible, the criteria used to determine this period.
• Interested persons have the right to access their personal data, as well as request the rectification of inaccurate data or, where appropriate, request their deletion when, among other reasons, the data is no longer necessary for the purposes that were collected .
• The interested parties may request the deletion of the personal data that concerns him when one of the following circumstances: that are not necessary in relation to the ends for which they were collected. or treated; that withdraws consent and treatment is not based on another legal basis; what is opposed to treatment and other legitimate reasons for treatment prevail; They have been illicitly treated.
• In certain circumstances, stakeholders may request the limitation of the treatment of their data, in which case we will only be retained for the exercise or defense of claims.
• In certain circumstances and for reasons related to their particular situation, interested parties may oppose the treatment of their data. Cortés Zapaterías S.L. It will stop treating the data, except for legitimate imperious reasons, or the exercise or the defense of potential claims.
• Interested persons have the right to portability, which implies that the personnel data of the interested party is transmitted directly from one responsible to another, without the need for them to be previously transmitted to the interested party, provided that this is technically possible.
• The interested persons have the right to withdraw the consent provided at any time.

Exercise of rights: The exercise of rights must be carried out in writing by attaching photocopy of its identification document, and direct it to the email address clients@corteszapaterias.com

Right of claim before the Control Authority: In the event that your rights have not been respected, you may file a claim by writing in writing to the Spanish Data Protection Agency at Jorge Juan, 6 28001-Madrid or use the electronic headquarters: https://sedeagpd.gob.es. In both cases, you must accompany the pertinent documentation.

You can also be informed in the Guide for the Citizen Edited by the Spanish Agency for Data Protection through the following link: Citizen guide of www.agpd.es