Hello visitor of our website.
We are a Spanish company, based in Barcelona. As such, our privacy policy, in accordance with Spanish and EU law, is listed below. At the moment, this is only in English. We are in the process of preparing it in Spanish as well, and we ask for your understanding and patience in the meantime. Should you have any questions regarding your privacy in relation to your visit here, please contact us at: info@barcelunettes.com, and we would be happy to assist you.
We are pleased that you are interested in our company. Data protection is a valuable asset, and we at Barcelunettes take your privacy and its protection very seriously. Additionally, the GDPR (General Data Protection Regulation) requires us to inform you clearly and understandably about the legal situation that has been in effect since May 25, 2018. Please take the time to read these lines; you will find the required explanatory text further down in the prescribed GDPR text.
Using our website is generally possible without providing personal data. However, certain services on our website may require the processing of personal data. If there is no legal basis for such processing, we generally obtain the consent of the affected person.
We currently use the following cookies on this site.
We currently use analysis tools on this site, such as Google Analytics or similar systems.
We are committed to presenting this information in a simple and easily understandable manner for you.
–––
Security and Protection of Your Personal Data
We consider it our primary duty to maintain the confidentiality of the personal data you provide and to protect it from unauthorized access. Therefore, we apply the utmost care and the latest security standards to ensure maximum protection of your personal data.
If you wish to contact us, you can reach us via the email address provided here or through traditional mail. Please note that internet-based data transmissions may have security gaps, which are beyond our control; therefore, absolute protection cannot be guaranteed. Affected individuals are free to contact us through alternative means, such as by phone or written correspondence sent to the provided address, to transmit personal data to us.
Responsible in the sense of the General Data Protection Regulation (GDPR), other applicable data protection laws in the EU member states, or other data protection regulations is:
(here our contact info)
Notice
The data controller, in accordance with the General Data Protection Regulation (GDPR), hereby explicitly states that any attempt by the litigation industry to profit from the current situation (introduction of the GDPR with all expected startup difficulties) will result in immediate legal action, and the matter will be promptly referred to the relevant bar associations.
There is no legal obligation to issue warnings. We view the engagement of third parties to issue warnings as an intrusion into the privacy of the data controller in accordance with the GDPR.
The data controller expressly opposes the transfer of publicly accessible data (such as names, telephone numbers, address details, or email addresses, which are also considered personal data under the GDPR) to third parties (e.g., for advertising purposes or other forms of processing).
Automatic data extraction by software is prohibited.
The data controller explicitly does not consent to the use or further processing of the data accessible here. There is no legitimate interest in the use or further processing of the accessible data.
In the event of any violations, the data controller will take immediate legal action.
Definitions
The legislator requires that personal data be processed in a lawful manner, in good faith, and in a way that is understandable to the data subject (“Lawfulness, Fairness, and Transparency”). To ensure this, we provide information about the legal definitions that are also used in this privacy policy:
- Personal Data
“Personal data” refers to any information relating to an identified or identifiable natural person (hereinafter referred to as the “data subject”); an identifiable natural person is one who can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more specific factors expressing the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
- Processing
“Processing” refers to any operation or set of operations performed with or without automated means in relation to personal data, such as the collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction of personal data.
- Restriction of Processing
“Restriction of processing” is the marking of stored personal data with the aim of limiting its future processing.
- Profiling
“Profiling” refers to any form of automated processing of personal data that involves using such data to evaluate certain personal aspects relating to a natural person, particularly to analyze or predict aspects concerning their work performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
- Pseudonymization
“Pseudonymization” is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separate and subject to technical and organizational measures that ensure that the personal data cannot be attributed to an identified or identifiable natural person.
- Filing System
“Filing system” refers to any structured set of personal data that is accessible according to specific criteria, whether centralized, decentralized, or organized by functional or geographical criteria.
- Controller
“Controller” is a natural or legal person, public authority, agency, or other body that alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union law or the law of Member States, the controller or the specific criteria for their designation may be provided for by Union law or the law of Member States.
- Processor
“Processor” is a natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller.
- Recipient
“Recipient” is a natural or legal person, public authority, agency, or other body to whom personal data is disclosed, whether or not they are a third party. Authorities that may receive personal data in the course of a specific investigation under Union law or the law of Member States are not considered recipients; the processing of such data by these authorities is carried out in accordance with applicable data protection provisions for the purposes of the processing.
- Third Party
A “third party” is a natural or legal person, authority, institution, or other body, other than the data subject, the controller, the processor, and persons who are under the direct authority of the controller or the processor and are authorized to process personal data.
- Consent
“Consent” of the data subject is any freely given, informed, and unambiguous indication of their wishes, by a statement or by a clear affirmative action, signifying agreement to the processing of their personal data.
Legality of Processing
The processing of personal data is only lawful if there is a legal basis for the processing. Legal bases for processing can be, according to Article 6(1)(a) – (f) GDPR, particularly:
11.1. The data subject has given consent to the processing of their personal data for one or more specific purposes;
11.2. The processing is necessary for the performance of a contract to which the data subject is a party, or to take steps at the request of the data subject prior to entering into such a contract;
11.3. The processing is necessary for compliance with a legal obligation to which the controller is subject;
11.4. The processing is necessary to protect the vital interests of the data subject or another natural person;
11.5. The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
11.6. The processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, provided that such interests are not overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, especially if the data subject is a child.
- Information on the Collection of Personal Data
12.1 Below, we inform you about the collection of personal data when using our website. Personal data includes, for example, name, address, email addresses, and user behavior.
12.2 When contacting us by email or via a contact form, the data you provide (your email address, possibly your name, and phone number) will be stored by us in order to answer your questions. We will delete the data collected in this context when it is no longer necessary for the storage, or restrict the processing if there are statutory retention obligations.
Collection of Personal Data When Visiting Our Website
When you use our website merely for informational purposes, meaning if you do not register or otherwise provide information to us, we collect only the personal data that your browser transmits to our server. To view our website, we collect the following data, which is technically necessary to display our website to you and to ensure its stability and security (the legal basis is Article 6(1)(f) GDPR):
- IP address
- Date and time of the request
- Time zone difference from Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Amount of data transmitted
- Website from which the request comes
- Browser
- Operating system and its interface
- Language and version of the browser software.
For technical reasons, particularly to ensure a secure and stable internet presence, data is transmitted to us by your internet browser or our webspace provider. These so-called server log files collect, among other things, the type and version of your internet browser, the operating system, the website from which you came to our internet presence (referrer URL), the website(s) of our internet presence that you visit, the date and time of each access, and the IP address of the internet connection from which the use of our internet presence occurs.
This data is temporarily stored but not combined with other data from you.
This storage is based on Article 6(1)(f) GDPR. Our legitimate interest lies in improving, stabilizing, functioning, and securing our internet presence.
The data will be deleted at the latest after seven days, unless further retention is required for evidentiary purposes. Otherwise, the data are exempt from deletion either in whole or in part until the final clarification of an incident.
Rights of the Data Subject
If your personal data is processed, you are considered a data subject under the GDPR, and you have the following rights against the controller:
Right to Information
You may request from the controller information on whether personal data concerning you is being processed. If such processing occurs, you can request the following information from the controller:
1.1. The purposes for which the personal data is processed;
1.2. The categories of personal data being processed;
1.3. The recipients or categories of recipients to whom the personal data concerning you has been or will be disclosed;
1.4. The planned duration of storage of the personal data concerning you or, if specific information is not possible, the criteria used to determine the storage duration;
1.5. The existence of a right to rectification or erasure of the personal data concerning you, a right to restriction of processing by the controller, or a right to object to such processing;
1.6. The existence of a right to lodge a complaint with a supervisory authority;
1.7. All available information about the origin of the data if the personal data was not collected from you;
1.8. The existence of automated decision-making, including profiling, according to Article 22(1) and (4) GDPR and meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you.
You have the right to request information on whether personal data concerning you is transferred to a third country or to an international organization. In this context, you may request to be informed about the appropriate safeguards in accordance with Article 46 GDPR related to the transfer.
Right to Rectification
You have the right to request from the controller the rectification and/or completion of personal data concerning you if the processed data is inaccurate or incomplete. The controller must promptly make the rectification.
Right to Restriction of Processing
Under the following conditions, you may request the restriction of processing of personal data concerning you:
3.1. If you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the data;
3.2. If the processing is unlawful and you oppose the erasure of the personal data and request the restriction of its use instead;
3.3. If the controller no longer needs the personal data for processing purposes but you require it for the establishment, exercise, or defense of legal claims; or
3.4. If you have objected to the processing according to Article 21(1) GDPR and it is not yet clear whether the legitimate grounds of the controller override your grounds.
If the processing of personal data concerning you has been restricted, such data may only be processed, apart from storage, with your consent or for the establishment, exercise, or defense of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest of the Union or a Member State. If the restriction of processing is lifted under the conditions mentioned above, you will be informed by the controller.
Right to Erasure
4.1. Obligation to Erase
You may request from the controller to erase personal data concerning you without undue delay if one of the following reasons applies:
4.1.1. The personal data concerning you is no longer necessary for the purposes for which it was collected or otherwise processed;
4.1.2. You withdraw your consent on which the processing is based according to Article 6(1)(a) or Article 9(2)(a) GDPR, and there is no other legal basis for the processing;
4.1.3. You object to the processing according to Article 21(1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing according to Article 21(2) GDPR;
4.1.4. The personal data concerning you has been unlawfully processed;
4.1.5. Erasure of the personal data concerning you is necessary to comply with a legal obligation under Union or Member State law to which the controller is subject;
4.1.6. The personal data concerning you was collected in relation to the offer of information society services according to Article 8(1) GDPR.
4.2 Information to Third Parties
If the controller has made personal data concerning you public and is obliged to erase it under Article 17(1) GDPR, the controller, taking into account available technology and implementation costs, will take reasonable measures, including technical measures, to inform data controllers who process the personal data that you, as the data subject, have requested the erasure of all links to this personal data or of copies or replications of this personal data from them.
4.3 Exceptions
The right to erasure does not apply where processing is necessary:
4.3.1. For the exercise of the right to freedom of expression and information;
4.3.2. For compliance with a legal obligation which requires processing under Union or Member State law to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
4.3.3. For reasons of public interest in the area of public health according to Article 9(2)(h) and (i) and Article 9(3) GDPR;
4.3.4. For archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes according to Article 89(1) GDPR, insofar as the right mentioned in Section A is likely to make it impossible or seriously impair the achievement of the objectives of that processing; or
4.3.5. For the establishment, exercise, or defense of legal claims.
5. Right to Notification
If you have exercised your right to rectification, erasure, or restriction of processing against the controller, the controller is obliged to notify all recipients to whom the personal data concerning you has been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right to be informed of these recipients by the controller.
6. Right to Data Portability
You have the right to receive the personal data concerning you that you have provided to the controller in a structured, commonly used, and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to whom the personal data was provided, where:
6.1. The processing is based on consent according to Article 6(1)(a) GDPR or Article 9(1)(a) GDPR or on a contract according to Article 6(1)(b) GDPR; and
6.2. The processing is carried out by automated means.
In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another, where technically feasible. This must not adversely affect the freedoms and rights of others. The right to data portability does not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
7. Right to Object
You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Article 6(1)(e) or (f) GDPR; this also applies to profiling based on these provisions. The controller will no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defense of legal claims. If the personal data concerning you is processed for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for such marketing purposes; this also applies to profiling to the extent that it is related to such direct marketing. If you object to the processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes. You have the option to exercise your right to object in relation to the use of information society services through automated means, where technical specifications are used.
8. Right to Withdraw Consent
You have the right to withdraw your data protection consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
9. Automated Decisions in Individual Cases, Including Profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision:
9.1. Is necessary for entering into or performance of a contract between you and the controller;
9.2. Is authorized by Union or Member State law to which the controller is subject, and which also lays down suitable measures to safeguard your rights and freedoms, and your legitimate interests; or
9.3. Is based on your explicit consent.
However, such decisions must not be based on special categories of personal data under Article 9(1) GDPR, unless Article 9(2)(a) or (g) applies and appropriate measures are in place to safeguard your rights and freedoms as well as your legitimate interests. In cases referred to in (1) and (3), the controller will implement appropriate measures to safeguard your rights and freedoms as well as your legitimate interests, including at least the right to obtain human intervention on the part of the controller, to express your point of view, and to contest the decision.
10. Right to Lodge a Complaint with a Supervisory Authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR. The supervisory authority with which the complaint has been lodged will inform the complainant about the progress and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.
SOCIAL MEDIA
We maintain online presences on social networks and platforms to communicate with customers, prospects, and users who are active there and to inform them about our services. When accessing these networks and platforms, the terms of service and data processing policies of the respective operators apply. Unless otherwise stated in our privacy policy, we process user data if they communicate with us within the social networks and platforms, e.g., by posting on our online presences or sending us messages.
Integration of Third-Party Services and Content
We use content or service offerings from third parties within our online offering based on our legitimate interests (i.e., interest in analyzing, optimizing, and operating our online offering economically in accordance with Article 6(1)(f) GDPR), to integrate their content and services, such as videos or fonts (hereinafter collectively referred to as “Content”). This always requires that the third-party providers of this content perceive the IP address of users, as they could not send the content to the users’ browsers without the IP address. The IP address is thus necessary for the display of this content. We strive to use only those contents whose respective providers use the IP address solely for delivering the content. Third parties may also use so-called pixel tags (invisible graphics also known as “web beacons”) for statistical or marketing purposes. By using pixel tags, information such as visitor traffic on the pages of this website can be evaluated. The pseudonymous information may also be stored in cookies on the users’ devices and may include technical information about the browser and operating system, referring websites, visit times, as well as other data on the use of our online offering, and can be linked with information from other sources.
Use of Social Media Plugins
- We currently use the following social media plugins: Facebook, LinkedIn, Instagram. We use the so-called two-click solution. This means that when you visit our site, no personal data is initially transmitted to the providers of the plugins. You can recognize the provider of the plugin by the marking on the box with its initial letter or logo. We provide you with the option to communicate directly with the plugin provider via the button. Only when you click on the marked area and thus activate it, does the plugin provider receive the information that you have accessed the corresponding website of our online offer. Additionally, data collected during your visit to our website is transmitted. According to the providers, in the case of Facebook, the IP address is anonymized immediately after collection in Germany. Thus, by activating the plugin, personal data about you is transmitted to the respective plugin provider and stored there (for US providers, in the USA). Since the plugin provider collects data mainly through cookies, we recommend that you delete all cookies through your browser’s security settings before clicking on the grayed-out box.
- We have no influence over the data collected and data processing operations, nor do we know the full extent of the data collection, the purposes of the processing, or the storage periods. We also have no information regarding the deletion of the data collected by the plugin provider.
- The plugin provider stores the data collected about you as usage profiles and uses them for purposes of advertising, market research, and/or tailoring its website to meet user needs. Such evaluations are carried out primarily (also for non-logged-in users) to display tailored advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles; to exercise this right, you must contact the respective plugin provider. Through the plugins, we provide you with the ability to interact with the social networks and other users, so that we can improve our offer and make it more interesting for you as a user. The legal basis for using the plugins is Article 6(1)(f) GDPR.
- Data transmission occurs regardless of whether you have an account with the plugin provider and are logged in there. If you are logged in with the plugin provider, your data collected by us will be directly associated with your existing account with the plugin provider. If you activate the button and, for example, link to the page, the plugin provider will also store this information in your user account and share it publicly with your contacts. We recommend logging out regularly from a social network, especially before activating the button, as this helps to prevent the assignment to your profile with the plugin provider.
- Further information on the purpose and scope of data collection and its processing by the plugin provider can be found in the privacy policies provided by these providers. There, you will also find additional information on your related rights and settings options to protect your privacy.
- Addresses of the respective plugin providers and URLs with their privacy notices:
- Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php further information on data collection:http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications, as well as http://www.facebook.com/about/privacy/your-info#everyoneinfo. Facebook has certified to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
- LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; http://www.linkedin.com/legal/privacy-policy.LinkedIn LinkedIn has certified to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
- Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland Facebook Ireland Limited is a company registered under the laws of the Republic of Ireland. File Number: 462932
- Instagram: https://help.instagram.com/519522125107875 https://help.instagram.com/581066165581870
By using the Facebook button on our website, you can access our presence at (hier link barcelunettes ). If you use this link directly, you agree to the terms of use of this provider.
For more information on how Facebook collects and uses data, your rights regarding this, and options to protect your privacy, please refer to Facebook’s privacy policy at https://www.facebook.com/about/privacy/.
Use of Facebook Plugins
Our website uses plugins from the social network facebook.com, operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). When you visit pages on our website with such a plugin, a connection to Facebook’s servers is established, and the plugin is displayed on the page through a notification to your browser. This transmits to Facebook’s servers which of our pages you have visited. If you are logged into Facebook while visiting our website, Facebook will assign this information to your personal Facebook user account. If you use the plugin functions (e.g., clicking the “Like” button, posting a comment), this information will also be associated with your Facebook account, which you can only prevent by logging out before using the plugin. If you do not want Facebook to associate the collected information directly with your Facebook profile, you must either log out of Facebook before visiting our website or block the loading of Facebook plugins on our pages by using a “Facebook blocker.” For more information on how Facebook collects and uses data, your rights regarding this, and options to protect your privacy, please refer to Facebook’s privacy policy: https://www.facebook.com/policy.php. https://www.facebook.com/about/privacy/
Within our online offering, we may integrate functions and content from the service Instagram, provided by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA. This may include content such as images, videos, or texts, as well as buttons through which users can express their liking for the content, follow the authors of the content, or subscribe to our posts. If users are members of the Instagram platform, Instagram can associate the access to the aforementioned content and functions with their profiles on Instagram. Instagram’s privacy policy: http://instagram.com/about/legal/privacy/.
Google reCAPTCHA
We integrate the reCAPTCHA function to detect bots, for example, when entering data into online forms, provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.
Google Maps
We integrate maps from the service “Google Maps,” provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Processed data may include IP addresses and location data of users, which are collected only with their consent (usually through the settings of their mobile devices). The data may be processed in the USA. Privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.
Google Fonts
This website uses fonts from google fonts, which are loaded from Google servers when the page is loaded.