This legal text gives details of how we collect and process your personal data through your use of our website https://refixyourself.com, including any information you may provide to us through the site when you purchase a product, register for our newsletter or provide your details through the form provided for this purpose.
By providing us with the data, we inform you that our services are not possible for those persons that the regulations prevent them from giving consent, so when you send us the forms you guarantee that you have sufficient capacity to give consent.
Below we inform you about the data protection policy of: Siete Cuarenta Natural, S.L
1. Data controller.
Contact information of the person in charge:
Siete Cuarenta Natural, S.L, with CIF: B70491840 and address at: C/ Donantes de Sangre 2, escalera derecha 1A (15004), A Coruña, España and telephone: 690 648 048. Email: info@refixyourself.com
Registered in the Mercantile Registry of A Coruña, on July 4, 2016, in Volume 3587, Folio 170, Section 8, Page C 54420, I/A 1.
Siete Cuarenta Natural, S.L, is responsible for your data. (hereinafter referred to as we, us or our).
2. What data do we collect?
The General Data Protection Regulation defines personal data as any information about an identified or identifiable natural person, i.e. any information capable of identifying a person. This would not include anonymous or percentage data.
The personal data that could be collected directly from the interested party, will be treated confidentially and will be incorporated to the corresponding treatment activities, owned by Siete Cuarenta Natural, S.L.
On our website we may process certain types of personal data, which may include:
- Identity data: name, surname and user name.
- Personal characteristics data: date of birth.
- Contact information: email, telephone and address.
- Financial data: bank details.
- Profile data: user name and password.
- Marketing and communications data: preferences for receiving marketing communications from us and preferred means of communication.
We do not collect any data relating to special categories of personal data (those revealing your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership and health information, genetic or biometric data).
In the event that you are required to collect personal data by law or under the terms of contract between us and you refuse to provide it to us, we may not be able to perform the contract or provide the service and you must notify us in advance.
3. How do we collect your personal data?
The means we use to collect personal data are:
- Through the form on our website, through our contact email, by phone or mail, when:
- Request information about our products
- Contract the provision of our services or products
- Request a quote
- Subscribe to any of our services or publications
- Send your comments
To ensure the quality of our portal, we reserve the right to reject any application for registration or to suspend or cancel a previously accepted registration if we believe it does not meet these requirements or any other law or regulation. If this happens, we will try to state the reasons for our decision, but we cannot undertake to do so in all cases.
- Through technology or automated interactions: on our site we may automatically collect technical data about your equipment, browsing actions and usage patterns. This data is collected through cookies or similar technologies. For more information, you can consult our cookie policy here (link).
- Through third parties:
- Google: analytical data or search data. Outside the European Union.
4. Purpose and legitimacy for the use of your data.
The most common uses of your personal data are:
- For the formalization of a contract between Siete Cuarenta Natural, S.L. and you.
- When you consent to the processing of your data.
- When we need them to comply with a legal or regulatory obligation.
- When necessary for our legitimate interest or that of a third party.
The User may revoke the consent given at any time by sending an email to info@refixyourself.com or by consulting the section on the exercise of rights below.
Below is a table in which you can consult the ways in which we will use your personal data and the legitimacy for its use, in addition to knowing what type of personal data we will process. We may process some personal data for additional legal reasons, so if you need details please send an email to info@refixyourself.com.
Form | Purpose | Data type | Legitimacy for treatment |
Contact Clientele | The purpose is to manage contacts and requests for information received via the web. | First Name Last Name Email Phone | Consent of the data subject (art. 6.1.a GDPR) Pre-contractual measures (art. 6.1.b GDPR) Processing is necessary for the purposes of the legitimate interests pursued by the controller (art. 6.1f GDPR) |
Contact Associations | The purpose is to manage contacts and requests for information received via the web. | Name Email Phone | Consent of the data subject (art. 6.1.a GDPR) Pre-contractual measures (art. 6.1.b GDPR) Processing is necessary for the purposes of the legitimate interests pursued by the controller (art. 6.1f GDPR) |
Newsletter | The purpose is to manage the data provided in order to send information about our services and promotions. | Email Name Birthday Date | Consent of the data subject (art. 6.1.a GDPR) Pre-contractual measures (art. 6.1.b GDPR) Processing is necessary for the purposes of the legitimate interests pursued by the controller (art. 6.1f GDPR) |
Access | The purpose is to manage the data provided to access the private area. | Username Email Password | Consent of the data subject (art. 6.1.a GDPR) Pre-contractual measures (art. 6.1.b GDPR) Processing is necessary for the purposes of the legitimate interests pursued by the controller (art. 6.1f GDPR) |
Buy | The purpose is to manage purchases | First name Last name Email Phone Phone Address Card information | Consent of the data subject (art. 6.1.a GDPR) Processing necessary for compliance with a legal obligation applicable to the controller (art. 6.1.c GDPR) Processing necessary for the performance of a contract to which the data subject is party or for the implementation at the request of the data subject of pre-contractual measures (art. 6.1b GDPR) Processing necessary for the purposes of the legitimate interests pursued by the controller (art. 6.1f GDPR) |
Commercial communications: you will only receive communications if
- You requested information from us or contracted a product or service from us.
- If you provided us with your data, accepting the box provided in our form.
- Provided that you have not expressed your desire to stop receiving such communications.
We obtain your express consent before sending you any communication, and you may request at any time that we stop sending you communications by email to info@refixyourself.com.
When you opt out of receiving communications from us, your personal data will continue to be stored as a result of your contracting with us in order to comply with legal requirements.
Purpose: we will only use your data for the purposes for which we collect it, unless we reasonably consider that we should use it for another reason, notifying you in advance so that you are informed of the lawful reason for processing and provided that the purpose is compatible with the original purpose.
5. How long will we keep your data?
They will be kept for the time necessary to fulfill the purpose for which they were collected and to determine the possible responsibilities that may arise from that purpose and from the processing of the data. The provisions of the different regulations regarding the storage period shall apply, insofar as applicable to this processing.
Subscriber data by e-mail or form: From the time the user subscribes until the user unsubscribes.
6. Minors.
Siete Cuarenta Natural, S.L. does not authorize minors under 14 years of age to provide their personal data through the means provided in this website (filling out web forms to request services, contact or by sending emails). Therefore, persons who provide personal data using such means formally state that they are over 14 years of age, being Siete Cuarenta Natural, S.L. exempt from any liability for failure to comply with this requirement.
If your child under the age limit has provided personal information to Siete Cuarenta Natural, S.L., please contact us to request the exercise of your applicable rights.
In those cases in which the services offered by Siete Cuarenta Natural, S.L. are intended for minors under 14 years of age, the means to obtain the authorization of the parents or legal guardians of the minor will be enabled.
7. Exercise of Data Protection Rights:
How to exercise these rights? Users may send a communication to the registered office of Siete Cuarenta Natural, S.L. or e-mail address info@refixyourself.com, including in both cases a photocopy of your ID card or other similar identification document, to request the exercise of the following rights:
- Access to your personal data: you can ask Siete Cuarenta Natural, S.L. if it is using your personal data.
- To request their rectification, if they are not correct, or to exercise the right to be forgotten with respect to them.
- To request the limitation of the treatment, in this case, they will only be kept by Siete Cuarenta Natural, S.L. for the exercise or defense of claims.
- To oppose to its treatment: Siete Cuarenta Natural, S.L. will stop treating the data in the way you indicate, unless for legitimate reasons or for the exercise or defense of possible claims, these should continue to be treated.
- To the portability of the data: in case you want your data to be processed by another firm, Siete Cuarenta Natural, S.L, will facilitate the portability of your data to the new responsible.
You may use the forms made available to you by the Spanish Data Protection Agency to exercise your above rights: Here
Claim before the AEPD: if you consider that there is a problem with the way in which Siete Cuarenta Natural, S.L. is treating your data, you can direct your claims to the corresponding control authority, being in Spain, the competent for it: Spanish Data Protection Agency.
We will ask you for specific information to help us confirm your identity and ensure your right to access your personal data (or exercise any of the other rights mentioned above). This is a security measure to ensure that personal data is not disclosed to anyone who is not entitled to receive it.
All requests will be solved within the legal deadline of one month. However, it may take more than a month if your request is particularly complex. In this case, we will notify you and keep you updated.
8. Communication of data: provision of services.
It is possible that, in the performance of our work, we may need the assistance of third parties, who will only process the data to provide the contracted service, and with whom we have the corresponding measures to guarantee your rights:
- Service providers that provide information technology and systems administration services.
- Professional advisors including lawyers, auditors and underwriters providing banking, legal, insurance, accounting and legal consulting services
All processors to whom we transfer your data will respect the security of your personal data and will process it in accordance with the GDPR.
We only allow such data processors to process your data for specified purposes and in accordance with our instructions. However, in order to comply with transparency requirements, you may request a list of the companies that provide services to us by sending an email to: info@refixyourself.com.
9. Data Security.
We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized manner, modified or disclosed. In addition, we limit access to your personal data to those employees, agent contractors and other third parties who have a business need to know such data. They will only process your personal data in accordance with our instructions and are subject to a duty of confidentiality.
We have implemented procedures to deal with any suspected breach of your personal data and will notify you and the Supervisory Authority in the event of a security breach, as regulated by the GDPR in Articles 33 and 34.