1, INTRODUCTION
It is very important for us to comply with current data protection regulations and laws, so the following is a detailed description of the data protection steps and data collection processes of gorgeousibiza.net Site and GorgeousIbiza SL. Company.
The data is processed by GorgeousIbiza SL and this company is responsible for the processing of personal data.
Contact information:
Full legal name: GorgeousIbiza SL.
E-mail address: web@gorgeousibiza.net
Mailing address: Balanzat 15c 6-apart 21, 07820, San Antonio de Portmany
2, WHAT PERSONAL DATA DO WE PROCESS AND WHY?
Personal data are those that clearly allow an individual to be identified accurately.
On page gorgeousibiza.net, we process the following personal data, specifying the legal basis:
COMMUNICATION DATA
This includes any messages you send to us via the website, email, social media posts or any form of communication.
This data is processed and retained to enable us to fulfil orders and to provide a basis for a decision in the event of any legal claims.
Our legal basis for processing this data is the user’s verifiable interest in our activities, as manifested in the messages sent to us.
CUSTOMER DATA
Which includes all data relating to the purchase of products and services, such as the customer’s name, shipping and billing address, email address, telephone number, details of the product purchased.
This data is processed to ensure the successful fulfilment of orders and to keep a legally correct record of purchases.
The legal basis for the storage of the data is the performance of the contract between the customer and gorgeousibiza.net resulting from the order.
USER DATA
This includes data generated during the use of the website to enable the technical operation of the site, to maintain the security of the site, to keep a record of users’ activity and to ensure that you always have access to the most relevant content.
The legal basis for the processing of data is the clear interest of the user in our activities, which is necessary to ensure and store them for the technical functioning of the site.
TECHNICAL DATA
This includes data generated during the use of the site, such as IP address, login information, browser data, time spent on each page, page views and navigation paths, number and time of visits to the site, time zones, and the device you are using to view the site.
The data source is our analytics software.
We process this data to analyse users’ behaviour on the site, to keep our site safe and to understand the usefulness of our marketing decisions.
The legal basis for processing this data is the user’s clear interest in our activities, which allows us to process this data in accordance with security requirements and use it to enhance our business for more effective operations.
MARKETING DATA
Which includes visitor preferences, what marketing content they prefer to receive from us. We process this data to enable participation in sweepstakes and to send advertising related to our products/services in which the user has expressed an interest.
The legal basis for processing the data is the user’s clear interest in our activities, which allows us to process this data in accordance with security requirements and use it to increase business for more effective operation.
From time to time, we may use the information collected for purposes such as providing targeted, relevant ads on the Facebook™ platform and various dynamic advertising platforms, and to measure the effectiveness of our ads.
The legal basis for processing the data is the user’s clear interest in our activities, which allows us to process this data in accordance with security requirements and use it to increase business for more effective operations.
We do not collect sensitive data such as ethnicity, religious beliefs, sexual life and orientation, political opinions and trade union membership, or health background, and genetic or biometric information in the course of our activities.
3, HOW DO WE COLLECT DATA?
We may collect personal information in ways that the user provides directly to us (for example, by placing an order or sending a message).
In addition, certain information is collected automatically when you use the site, for example by sending us a message or by sending us a form. “cookies” and similar technologies. These are only activated after the user has given his consent.
For more information, please see our Cookie Statement.
We receive certain information from external partners, such as analytics providers like Google (non-EU partner), advertising networks like Facebook™ (non-EU partner), and payment partners like PayPal (non-EU partner) and Barion.
4, OUR PRACTICAL STEPS ON DATA PROTECTION
It is of the utmost importance for gorgeousibiza.net to protect the privacy of its users and to comply with current legislation. Therefore, after conducting a privacy impact assessment on the site, we have compiled a list of the data collected, its necessity and legal basis, and its legal compliance.
- In order to protect the data provided in the forms and generated on the site, we use SSL certification throughout the site (Let’s Encrypt Authority X3 certification).
- To protect the site against attack, we use premium security software (iThemes Security Pro) to protect the so-called “security” of the site. “brute force and virus attacks against the stored data.
- Purchase and user data are stored in the site’s databases in encrypted form (pseudonymised) and cannot be read by external parties.
- In this privacy statement, we provide users with forms to request information about the processing of their personal data, to modify or delete their personal data.
- From time to time, in the course of our business, we may need to provide data to our service partners (such as hosting providers, courier companies, mailing software).
In such cases, we will always choose to ensure that they comply with the requirements of the GDPR regulation and, in the case of a US-based partner, participate in the EU-US Privacy Shield initiative and sign a data management contract with them, ensuring that the data is handled responsibly.
5, MARKETING COMMUNICATIONS
It is essential for the business to carry out marketing communications. The legal basis for the processing of data in this context is the expression of interest in our services or the explicit consent of users.
Under the European Union’s Privacy and Electronic Communications Regulations (PECR), we send marketing communications to our users if they have made a purchase from us or have expressly consented to receive marketing communications.
In all cases, we will provide a prominent means for you to opt-out and unsubscribe from these messages. You will find an unsubscribe link at the bottom of each email, or you can request to be removed from our database by contacting us at email address web@gorgeousibiza.net.
We may also send messages to unsubscribe from marketing communications, but only in relation to the fulfilment of orders.
6, NOTE REGARDING PERSONAL DATA
From time to time it is necessary to share certain personal information with certain of our partners in order to maintain normal business operations:
-IT service providers, and service providers that troubleshoot and maintain computer systems
-Consulting partners such as lawyers, accountants, bankers, insurance companies
-Government bodies that request reports on our activities
-Payment service providers who securely handle credit card data
-Delivery services that fulfil incoming orders to the specified delivery address
International data transfers
From time to time, we may need to share user data with partners outside the European Economic Area (EEA) in order to maintain our business.
In many cases, countries outside the EEA do not provide the same level of data protection, and European law prohibits the export of data unless the appropriate conditions are met.
Whenever personal data is transferred outside the EEA, we will take the following steps, in addition to those discussed in section 4, to ensure that the data is handled securely:
-We will only transfer data to countries that the European Commission considers appropriate from a data security perspective.
-Use only US-based services that are part of the EU-US Privacy Shield data security initiative.
If the above conditions are not met, we will seek the explicit consent of users to transfer data. Consent may be withdrawn at any time.
Links to external sites
This site may occasionally contain links to external sites, or may contain code snippets embedded within the site that provide functionality for external services.
Clicking on these links or using the embedded solutions may allow external partners to collect information about users.
While we do our best to screen partners appropriately, we have no control over their privacy practices and are not responsible for their privacy practices.
7, DURATION OF PROCESSING
We will only ever store users’ data for as long as we are required to do so by our legal/accounting/data obligations or for as long as is necessary for the operation of the service.
When deciding on the duration of storage, we take into account the volume, nature and sensitivity of the data and the potential impact of leakage in the event of a data breach.
For tax purposes, we need to retain customer billing and purchase data for at least 8 years to comply with our legal obligations.
In certain circumstances, we may use the data in an anonymised form for statistical purposes, in which case we will retain the data indefinitely without notice.
8, VISITOR’S RIGHTS
As a citizen of the European Union, the law known as the General Data Protection Regulation (GDPR) gives users of this site the following rights:
a, Access to personal data
Users of the site have the right to request a copy of the personal data held by Gorgeousibiza SL. The request will normally be granted free of charge within 14 days of the request.
In the event of repeated, abusive, unjustified requests, Gorgeousibiza SL. may charge a moderate fee for providing the data and may require additional time to provide the data.
Furthermore, Gorgeousibiza SL. will request proof of identity before providing the data to prevent misuse. To request personal data, please use the contact form below:
Data Request / Data Deletion / Data Restriction
CONTACT US
b, Change personal data
If personal data have been modified or incorrectly provided, users have the right to request that the data be amended. To amend your personal data, please contact us at web@gorgeousibiza.net e-mail address.
c, Request the deletion of personal data
Users have the right to request the deletion of all their personal data. The request will be granted free of charge within 14 days of the request. After deletion of personal data, the user account will be inaccessible, and any purchased materials will also become inaccessible, as the personal data associated with the user account is essential to access the service.
Gorgeousibiza SL. requests proof of identity before deleting personal data to prevent misuse. To delete personal data, please use the contact form above.
d, Request for restriction of processing of personal data
Users have the right to request to restrict the provision of their data to third parties (service partners). When submitting the request, the service partners to be restricted may be identified.
It is important to note that cooperation with certain service providers is essential for the functioning of the site (e.g. Stripe as payment service provider), so that in case of their restriction, the services of the site will become unavailable to the user.
Gorgeousibiza SL. requests proof of identity before restricting the transfer of personal data to prevent misuse. To restrict the transfer of personal data, please use the contact form above:
For the resolution of all disputes or questions related to this website or the activities carried out therein, Spanish legislation shall apply, to which the parties expressly submit themselves, and the Courts and Tribunals of the USER’s domicile or the place of fulfilment of the obligation shall be competent for the resolution of all disputes arising from or related to its use.
9, ANONYMISED DATA AND “COOKIES”
The gorgeousibiza.net site uses so-called “cookies” in e-mail messages and advertisements. “cookies” and similar technologies such as tracking codes, re-marketing tags, pixels, which are activated after the user’s consent.
These technologies help us to better understand users’ behaviour and interests, thus helping us to operate more efficiently and effectively.
Our aim is to make the use of gorgeousibiza.net as user-friendly and personal as possible. If a user wishes to opt-out of the collection of non-personal data by these technologies, they can do so in the ways set out below:
-by using the cookie warnings displayed on the website to disable their loading
-by disabling cookies in the browser
For more information about additional cookies and tracking codes on gorgeousibiza.net, please see our Cookie Statement.