Your privacy is important to us. This privacy statement explains:
The type of personal information (in accordance with Organic Law 3/2018, of December 5, on the Protection of Personal Data and the digital rights guarantee (hereinafter, the Organic Law on Personal Data Protection and digital rights guarantee (LOPDGDD))) that we collect directly or through your interactions with our website (https://www.simla.com/) applications and software.
How we use this information, with whom we share it, the rights and options available to people regarding the use of your information.
Data controller refers to a person who (either alone or jointly or in common with other people) determines the purposes for which, and the manner in which, any personal data are, or are to be, processed.
Data processor, in relation to personal data, refers to any person (other than an employee of the data controller) who processes the data on behalf of the data controller.
"You", "your" or "data subject" refers to:
- Visitors to our website;
- Subscribers to any service we offer through our website;
- Users of our apps (The company collects and processes the personal data of the contact persons of online stores without affecting the personal data of the buyers);
- Prospective or existing clients corresponding with us by phone, e-mail or otherwise;
Personal data is processed by the company, using automation tools or without them.
"Data controller", "us" and "our" refers to:
DIGITAL RETAIL TECHNOLOGIES SL, its branches and those in charge of the treatment;
Personal data means any information of identified or identifiable natural persons about an identified or identifiable natural person; an identifiable natural person shall be considered as any person whose identity can be determined, directly or indirectly, in particular by means of an identifier, such as a name, an identification number, location data, an online identifier or one or more elements that reflect the changes technologies and the ways in which organisations can collect data about individuals. The definition incorporates the definitions set out in Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016, related to the protection of natural persons with regard to the processing of personal data and free movement of these data (hereinafter, the General Data Protection Regulation (GDPR)).
The GDPR refers to sensitive personal data as "special category data". Please, see "Special category data".
Includes personal data that reveal ethnic or racial origin, political opinions or religion, union affiliation (except union dues), genetic data, biometric data aimed at uniquely identifying a person, physical or mental health data , data related to sexual life or sexual orientation.
Criminal offense data such as personal data related to criminal convictions and crimes.
For the purpose of the General Data Protection Regulation the data controller is DIGITAL RETAIL TECHNOLOGIES SL with CIF: B70567656, dirección: Сalle Serrano 19, 6º dcha, Madrid, España, 28001, teléfono: +34 910 602 211, e-mail: firstname.lastname@example.org
PERSONAL DATA WE MAY COLLECT FROM YOU
We may collect and process the following data and personal information about you:
We collect the information provided by you to operate effectively and provide you with the best experience on our website, products and services. By providing some of this information through filling in the contact forms on our website, creating an account at our website or by corresponding with us by phone, e-mail or otherwise, you are doing so voluntarily. This includes information you provide if you subscribe to any service we offer through our site, send us a query or feedback, sign up for information on events, upload a document with your enquiry, purchase services via the website, participate in discussion boards or other social media functions on our site, promotion or survey or when you report a problem with our website.
The information you may give us is Personally Identifiable Information ("PII"). When we refer to "PII" in this policy, we refer to information that identifies an individual or may with reasonable efforts cause the identification of an individual. This may include your: forename, surname, e-mail address and phone number, passwords, password hints and similar security information used for your authentication and account access if you create an account at our website, information on requested or provided services, your message / enquiry / call which might contain (but not limited to) your company name, website link, business contact information, job title, representative voice recording.
We do not sell any products or services for purchase by children. If you are under 14, you may use our website only with the involvement of your parent or guardian. We do not knowingly collect personal information from children below 14 years old without the consent of the child's parent or guardian.
In providing personal data about other individuals (such as someone, which, in whose name you are registering an account or subscribing to our marketing promotions), you acknowledge: that you have notified them of (i) the purposes for which information will be used (ii); the recipients of their personal data and (iii) how they can access and correct the information. You further acknowledge that you have obtained necessary consent from them.
- may include your device and connectivity information such as IP (Internet Protocol) address, unique device identifiers (such as your phone’s IMEI code)
- Web browser configuration data, language, date and time settings, types and versions of browser add-ons, geographic data;
- All the information that is generated while browsing our website, which includes queries and searches made on the website, 'click-stream' of visitors and service users, maps of movement through the pages, URL links of referral / exit pages; products that you have been able to consult, response times and user visits to certain pages, information about the interaction with the page (such as scrolling, clicks and mouse-overs) and methods used to leave the website;
- Logs, bug reports and other information related to any malfunction you may experience on our website and phone numbers or used to contact support;
- Information about how you have accessed our website (for example through a partner network).
We use tracking technologies such as cookies, tags, scripts to collect and store information from you when you use our services.
A cookie is a small file, typically of letters and numbers, downloaded on to a device when the user accesses certain websites. Cookies allow a website to recognise a user's device.
Among other data, cookies can store the user’s preferences.
Authentication Cookies. If you're signed in to our services, these cookies will help us show you the right information and personalise your experience.
Session Cookies. These cookies store the ID of a user's session. The cookie is set when a user signs in and is used to restore a previous session without entering personal data.
Preference, Features And Services. These cookies help us to customise your preferences, such as language and communications. They can also help us to fill out forms on our website faster.
Third-party Cookies. We may use these for website analytics and advertising purposes, i.e. cookies which are set and can be accessed by servers respectively domains of our third-party providers.
We use Google Analytics cookies on this website which may register a unique ID that is used to generate statistical data on how the visitor uses the website, and cookies sending data to Google Analytics about the visitor's device and behaviour which track the visitor across devices and marketing channels.
We use the following session, permanent and third-party marketing cookies and tracking technologies, including cookies from our partners and service providers:
Most browsers accept cookies automatically, however some people prefer not to allow cookies. You may change the security settings of your web browser in order to stop your device receiving and storing cookies, to allow receiving and storing cookies from selected websites you trust, or to be notified before receiving cookies. You may also delete cookies stored in your browser at any time. Information stored in such cookies will be removed from your device. However, these settings may have negative effects on the website’s usability.
Browser developers usually provide help pages relating to cookie management in their products. Please see below for more information:
- Google: https://support.google.com/chrome/answer/95647?hl=es
- Internet Explorer: https://support.microsoft.com/es-es/topic/descripci%C3%B3n-de-las-cookies-ad01aa7e-66c9-8ab2-7898-6652c100999d
- Mozilla Firefox: https://www.google.com/url?q=https://support.mozilla.org/es/kb/cookies-informacion-que-los-sitios-web-guardan-en-&sa=D&source=editors&ust=1623314846759000&usg=AOvVaw1nxnDPDBAn6pX6_7FGbYOW
- Safari (Desktop): https://support.apple.com/es-es/guide/safari/sfri11471/mac
- Safari (Mobile): https://support.apple.com/es-es/HT201265
- Android Browser: https://support.google.com/nexus/answer/54068?visit_id=1-636585517588941681-639659396&hl=es&rd=1&co=GENIE.Platform%3DAndroid&oco=1
- Opera: https://help.opera.com/en/latest/web-preferences/#cookies
- Opera Mobile: https://www.opera.com/help/mobile/android#privacy
For other browsers, please take a look at the documentation your browser developer provides.
You may opt-out of third party cookies from Google Analytics on its website.
You can opt-out of interest-based targeting provided by participating ad servers through the Digital Advertising Alliance (http://youradchoices.com). In addition,
on your iPhone, iPad or Android, you can change your device settings to control whether you see online interest-based ads.
Our Website may include certain social media features and widgets in order to allow you an authorisation as part of Oath functionality for using our blog services, such as the "Facebook Login", "Twitter", "Google +1", "VK", "Odnoklassniki", "Tumblr", "Yandex", "Live Journal" features, buttons or other interactive mini-programs ("Social Media Features"). These social media features may collect information such as your IP address or the page you are visiting on our website, and may set a cookie to enable them to function properly. Social media features are either hosted by a third party or hosted directly on our website. Please be aware that if you choose to interact or share any personal information via such widgets, you are providing it to these third parties, not to us. Your interactions with these third parties are managed by their social media policies, not ours. For example, you will not be able to use the "Facebook Like" button if you are not logged in to your Facebook account. Once you use the button this will be associated with your Facebook history, but we will not process this information.
We might obtain some non-personally identifiable information from third parties. We protect data obtained from third parties according to the practices described in this statement, plus any additional restrictions imposed by the source of data.
We might insert advertising on our partner’s websites, social networks or advertising networks who may categorise website visitors with similar characteristics or interests into non-personally identifiable data segments and offer these segments to their own clients, visitors and subscribers. For example, if a person expresses an interest in cryptocurrency or beauty products, they might see an advertising banner linking to a similar service provider website.
We may obtain and record information when an ad was requested or shown, its frequency, the target geography of the ad (which will not include an IP address or specific personally identifiable location) and any user interactions with the ad or the page where the ad appears. This information is used for analysis, reporting and troubleshooting. We do not perform any visitor profiling activities.
We take client confidentiality and security very seriously. We are committed to protecting the personal data you share with us. We use a combination of industry standard security technologies, procedures, and organisational measures to help protect your personal data from unauthorised access, use or disclosure.
Your personal data is stored inside the European Union Area. DIGITAL RETAIL TECHNOLOGIES S.L. engages OVH France to store the data and the data processing consists in hosting provider services. The backup data is stored on Amazon Web Services (AWS Cloud infrastructure in Europe (Frankfurt) Region).
The personal data that you share with us may be treated under confidentiality contracts by our treatment managers, whose services complement and facilitate ours. The contracts with those in charge of treatment guarantee that the treatment is in accordance with the requirements of the current RGPD and guarantee the protection of the rights of the interested parties.
The Data Processor will only act on behalf of our documented instructions, have direct responsibilities under the GDPR and may be subject to fines or other sanctions if they don't comply.
Processors may include the following categories:
Providers of computer services, web analytics, email distribution and monitoring, marketing services, CDNs, legal and financial advisers, accounting, insurance, messaging, IP telephony, messengers.
Such data processors may receive or otherwise have access to your identifiable or unidentifiable personal data, in its entirety or in part – depending on each of their particular roles and purposes in facilitating and enhancing our services and business, and may only use it for such purposes. The data processors will never use the data for their own purposes.
Your personal data might be maintained, stored and processed at a destination inside the European Economic Area.
Once this contract is concluded, the data processor will return data to us or transmit to another processor appointed by us, and erase any copy in its possession. However, the processor may keep the data locked to address possible administrative or jurisdictional responsibilities.
We will store (and use) your personal information (contact information) from the moment you give the corresponding consent and until as long as your account is active as long as the information is necessary to provide you services or as long as it is necessary to comply with the legal obligations of the company (fulfill commitments, resolve disputes, fulfill agreements), or, if necessary, to provide you with information about the company's services. As a data subject, you have rights related to the processing of your personal data and the possibility to revoke your consent at any time. See the paragraph "Your rights".
Unless you have indicated otherwise, once you have allowed us to send advertising messages about our products and services and similar to those you have previously received, we assume that we can keep your personal data while your subscription or user account stay active. As a subject of personal data (the interested party) you have the rights related to the processing of your personal data and the right to withdraw your consent for advertising messages at any time (See the "Your rights" section).
We process all personal data lawfully, fairly and in a transparent manner. We use the data we collect for the following basic purposes, described in more detail below:
1. As a source of information to answer and clarify your questions and potential inquiries:
1.1 As a source of information to later provide you with any service you may have requested. The legal basis of this is the execution of this contract and your consent.
1.2 We will use the provided information to operate effectively and do our best to respond to your enquiry and provide you our services consisting in: synchronisation of business data including orders, customer's data, products and services with CMS systems, online sales systems, delivery companies, stock management systems, supply management systems, warehouse systems, preparation of printing forms, configuration of customer segments, CRM services, eCommerce, technical support as described in detail in our "AGREEMENT on the transfer of a Simple Non-Exclusive Right (License)" and "Data Processing Agreement". Once you enter into a business relationship (oral or written contract) with us, we will invoice our services and offer you post-sales service and necessary loyalty.
2. We may hold your information for as long as necessary to comply with our legal obligations and in accordance with our legitimate interests as a data controller after the contractual relationship between you and us elapses. The legal basis for such retention is our Legitimate interest and a Legal obligation. As the data subject you have rights related to maintenance, storage, and processing of your personal data. Please see paragraph "Your rights".
3. To send you communications, including promotional communications and advertising with your explicit consent or allow you to participate in interactive features of our service, when you choose to do so. The legal basis for such processing is your Consent and our Legitimate interests.
3.1 If you do not wish to receive such promotional emails, you may withdraw your consent at any time by contacting us as described in the "Your rights" paragraph, or follow the "unsubscribe" instructions contained in the promotional communications you receive. However, in this case we may not be able to carry out our agreement and inform you about available offers.
4. We might use your automatically collected data such as IP address and browser data for our website improvement and personalisation, such as:
4.1 To administer our website and for internal operations, including data security, troubleshooting, testing, statistical and survey purposes.
4.2 To ensure that content from our site is presented in the most effective manner for you and for your device. The legal basis for such processing are our legitimate interests.
We are committed to keeping your data under the highest technical and organisational security measures to prevent all types of unauthorised access or treatment.
The security of personal data processed by the company is guaranteed by the implementation of legal, organisational and technical measures, such as: limiting the number of people authorised to process personal data, limiting user access to resources and devices, registration and login with password, antivirus tools, backups, informing company staff about the provisions of the GDPR and the obligations in this regard, consulting this Policy and other internal company documents related to personal data , etc. However, due to the architecture of the Internet, data transfer is not always controlled by us and can sometimes be insecure, so although we do our best, we cannot guarantee adequate security when sending data to us through the internet. In case you receive passwords from us, please make sure you keep them in a safe place and do not share them with third parties. If you have any questions about the security measures applied on this website, please contact us by email: email@example.com or call us at +34 910 602 211.
We do not share your personal information with other unaffiliated persons or companies without your consent, except in the following circumstances:
1. With trusted data managers (see the section "WHERE DO WE STORE YOUR DATA?" Who can store, maintain or process the data. Managers may not use the data for their own purposes;
2. To comply with applicable laws and regulations, including the investigation, prevention or other action related to prohibited or suspicious activities, including fraud or situations of threats to public safety or to a person;
4. With your explicit permission and consent, we can share your personal data with loan providers and financial entities as explained in the paragraph “LEGAL BASIS AND THE PURPOSES OF USE OF YOUR PERSONAL INFORMATION”.
We may disclose or allow others to access your Personal Information when necessary for compliance with an obligation or legal consultation, summons, legal procedure, search and capture order, for compliance with current legislation with or without prior notice. We may also use your data for fraud protection purposes or against threats to public safety.
In accordance with the General Data Protection Regulation and the Organic Law on Protection of Personal Data and guarantee of digital rights, you have the following rights:
The right to information and access to personal data. It is the right to obtain from the person responsible for the treatment confirmation of whether or not personal data concerning him or her is being processed and, in this case, the right to request a copy of the personal data and the following information: the purposes of the treatment; the categories of personal data; the recipients or the categories of recipients to whom the personal data were or will be communicated, in particular recipients in third parties or international organisations; the expected period of conservation of personal data.
Right of rectification. You have the right to have your personal data modified that turns out to be inaccurate or, taking into account the purposes of the treatment, incomplete.
Right to erasure ("the right to be forgotten"). You have the right to obtain the deletion of your personal data.
Right to limitation of treatment. You have the right to obtain the limitation of the processing of your personal data. When the treatment is limited, we will store your data, but we will not be able to continue processing it.
Right to data portability. You have the right to receive the personal data that concerns you, which you have provided to a data controller, in a structured format, commonly used and machine-readable, and to transmit them to another data controller without being prevented by the controller to whom it was facilitated.
Right to object to automated individual decisions including profiling.
Right to withdraw your consent for the processing of data (right of opposition)
You have the right not to carry out the processing of your personal data or to stop the processing of them by part.
You can make use of all specified rights by contacting us by email.
The right to file a claim with a supervisory authority
You have the right to file a claim with a control authority if you have any inconvenience about our data processing practices, and in particular, contact the Spanish Data Protection Agency www.aepd.es.
We inform you that you can exercise your right to the protection of personal data at any time through the following mechanisms:
- In relation to the data in your user account: you can access the data of your user account at any time and manage your personal data and other services.
- Regarding notifications: if you have expressed your consent to receive notifications, you can unsubscribe and stop receiving them at any time.
- Regarding commercial emails: all our emails include a link that allows you to unsubscribe.
You can exercise your rights by contacting us at: firstname.lastname@example.org or +34 910 602 211.