– TSB –
PRIVACY POLICY
Last update: November 2019
This Privacy Policy is a Statement where we explain what information and personal data we collect, store, use, process, assign, transfer and/or delete concerning you, for what purposes we process your data, what legal basis legitimates us or allows us to do so, what your rights are and how to exercise them before us or before the respective control authority, if applicable. Our principles are very clear. In THE SEWING BOX COMPANY you are in control of your personal information and we will never sell to third parties or take advantage of your personal data in an illegitimate or unfair way. This means that we will always use the information you provide us for the strict and legitimate purposes of our business and always in a transparent manner and trying not to undermine or violate any right or interest that affects you.
This Privacy Policy has been prepared in accordance with the principles and rules approved by Regulation (EU) 2016/679, of April 27, known as the General Data Protection Regulation or “GDPR”, as well as following the guidelines of the supervisory authority (Spanish Data Protection Agency) on the matter.
We consider it very important to provide you with this information and that you read and understand it, so we have tried to use clear, simple and transparent language, minimizing the use of legal formulas.
WHO IS RESPONSIBLE FOR THE PROCESSING OF YOUR PERSONAL INFORMATION AND DATA?
Data of the Data Controller:
Name of owner/responsible party: THE SEWING BOX COMPANY
Address: Avd Republica Argentina 24 2 planta 41011 Seville
Email: info@thesewingboxmag.com
Phone: +34 954 184 200
NIF/CIF: B90268798
Mercantile Registry Registration Data: Last data of registration in the Mercantile Registry Sheet SE-109798 Volume 6203 Folio 203 Registration 1
Facebook stewardship
THE SEWING BOX COMPANY has inserted the Facebook “like” button in certain content on its website. The activation of this button means that, when the user accesses the website of THE SEWING BOX COMPANY, data such as IP address, browser settings or information relating to cookies and similar technologies used on this website are automatically transferred to Facebook.
According to the general interpretation on the “like” button issued by the Court of Justice of the European Union (Judgment of July 29, 2019, on case C-40/17), THE SEWING BOX COMPANY would be co-responsible with Facebook because it decides to include the “like” button on the website and facilitates the processing, even if THE SEWING BOX COMPANY does not have access to the personal data transmitted to Facebook. However, THE SEWING BOX COMPANY’s liability would be limited to the part of the processing in which it intervenes, i.e. the collection of data and their transmission to Facebook. For the purposes and further processing carried out by Facebook, only Facebook is responsible.
WHY DO WE PROCESS YOUR PERSONAL DATA?
THE SEWING BOX COMPANY will process personal data obtained as a result of the use of this website for these purposes:
User contact management and customer service.
Management of the contractual relationship arising from the purchase of products from the online store.
Management, where appropriate, of commercial communications, including by electronic means.
Analysis of user behavior on the website in order to improve the usability of the service or our advertising campaigns, using cookies.
WHAT IS THE LAW IN FORCE THAT ENTITLES US TO PROCESS YOUR PERSONAL DATA?
The contractual relationship (art. 6.1 letter b of the GDPR)
We will normally process your personal data on the basis that such processing is necessary for the management of the contract that binds us with our users/customers (the contract of sale of products in our online store) or for the implementation of pre-contractual measures (at the request of the data subjects).
Consent of the data subject (6.1 letter a of the RGPD)
We will request your express, prior, free, informed and unequivocal consent for the use of analytical, social and advertising cookies (see Cookies Policy).
Likewise, we will expressly ask for your consent before sending you commercial communications by electronic means.
Legitimate interests of the data controller (6.1 letter f of the GDPR)
We will use this legal basis to process the personal data you use to contact THE SEWING BOX COMPANY through the functionalities and forms offered on this website (especially via email), to the extent that we do not cause undue risk or prejudice to your rights and interests. Extract from the judgment of weighting of legitimate interest: Such processing is necessary to achieve the objectives of the company, in particular, to communicate electronically with its customers, prospects and other contacts. Likewise, users are interested in being able to contact the company by these means and it is within their reasonable expectations that such processing of contact data will be carried out. In addition, art. 19 of the LOPDGDD presumes that the processing of contact data, including those of individual entrepreneurs and liberal professionals, is covered by a legitimate interest (art. 6.1 letter f of the RGPD).
WHAT PERSONAL DATA DO WE PROCESS THROUGH THE FUNCTIONALITIES OF THIS WEBSITE?
THE SEWING BOX COMPANY collects as little personal data as possible in order to be able to provide the relevant service, in compliance with the requirements of the data minimization principle of the GDPR.
Such data are those collected in the data collection forms contained in this website and those collected through cookies and similar technologies.
The web forms collect data necessary to manage the contact with the user or to be able to manage the shipment of purchased products, as well as to issue the corresponding invoice. These are the following categories of data:
Identification data: Name, surname, NIF.
Contact information: Address or place of shipment, email, telephone.
In order to send commercial communications by electronic means to the corresponding subscriber, we will collect the following categories of data:
Identifying information: Name or nickname (alias).
Contact information: email.
Through cookies or other similar technologies, certain data are collected, such as the IP, the identification of the user’s device or certain navigation or security parameters, necessary to offer you the full functionality of this website or the fulfillment of the purposes expressed in our Cookies Policy.
None of the data processed by THE SEWING BOX COMPANYon this website are sensitive or have a significant impact on your privacy or your rights and freedoms. In particular, no special category data is collected on our website.
THE SEWING BOX COMPANY, at the time of collecting personal data through this website, will inform about which of your personal data are mandatory in order to provide the corresponding services (usually by marking them with the asterisk symbol).
Your refusal to provide the mandatory data will make it impossible to provide you with the corresponding service or to meet your request as interested party, unless THE SEWING BOX COMPANY, depending on the specific circumstances of each case, decides otherwise.
In order to ensure that the information contained in our processing system is always up to date and error-free, we ask you to inform us as soon as possible of any changes and corrections to your personal data.
TO WHOM WILL WE GIVE YOUR DATA?
THE SEWING BOX COMPANY will not transfer the data collected through the functionalities provided on this website to any other company or organization. Only when a rule of European Union law or Spanish law so provides, THE SEWING BOX COMPANY will transfer your data by legal obligation to the appropriate public administrations, the competent authorities, as well as, where appropriate, to judges and courts.
When processing your personal data on behalf of THE SEWING BOX COMPANY, our company will only choose suppliers (processors) that offer sufficient guarantees to implement appropriate technical and organizational measures, so that the processing is in accordance with the requirements of the current data protection regulations (RGPD and LOPDGDD) and that the defense of the data subject’s rights is guaranteed.
IN WHICH CASES COULD YOUR PERSONAL DATA BE TRANSFERRED TO A THIRD COUNTRY OUTSIDE THE EUROPEAN ECONOMIC AREA?
The following international data transfers are foreseen:
Some cookies used by THE SEWING BOX COMPANY (as specified in the Cookie Policy) or the Facebook “like” button, may transfer certain data, such as your IP or certain navigation parameters or settings of your device or terminal, to the following companies: Facebook, Google and Tawk.to, based in the United States of America.
When you sign up for our newsletter or mailing list, THE SEWING BOX COMPANY sends communications to your email using the Mailjet tool, based in the United States of America.
As you know, international transfers of personal data to the United States of America are legitimized by an adequacy decision of the European Commission of July 12, 2016 approving the Privacy Shield (Privacy Shield).
WHAT CRITERIA DO WE USE TO DETERMINE HOW LONG WE WILL KEEP YOUR PERSONAL DATA?
We will keep your personal data as long as they are necessary to fulfill the purposes for which they were collected or for the fulfillment of the contractual relationship, as well as during the prescription periods of any legal actions that may arise.
We will also keep your data as long as you revoke your consent, or as long as you do not request the deletion of such data, or the limitation or opposition to the treatment.
HOW WILL WE ASSIST STAKEHOLDERS IN EXERCISING THEIR RIGHTS AND WHAT ARE THOSE RIGHTS?
THE SEWING BOX COMPANY will always facilitate the exercise of your rights relating to the protection of personal data, through procedures and forms that will be visible, accessible and simple.
Whenever appropriate, THE SEWING BOX COMPANY will make it possible to submit applications by electronic means.
Specifically, you can send us your request by attaching a copy of your ID card to the postal address (see Identity of the Responsible Party at the top of this Policy) or by e-mail, with a scanned copy of your ID card, to the address info@thesewingboxmag.com. info@thesewingboxmag.com
The exercise of the rights will be free of charge. In cases where manifestly unfounded or excessive requests are made, especially if they are repetitive, THE SEWING BOX COMPANY may charge a fee to compensate for the administrative costs of complying with the request or refusing to act. This fee may not imply any additional income for THE SEWING BOX COMPANY, but must correspond to the actual cost of processing the request.
THE SEWING BOX COMPANY shall inform the interested party about the actions derived from its request within one month (this period may be extended to two months in the case of particularly complex requests, and the interested party shall be notified of this extension within the first month).
If THE SEWING BOX COMPANY should decide not to comply with a request, it must inform THE SEWING BOX COMPANY of this, giving reasons for its refusal, within one month of its submission.
And these are your rights as a data subject or holder of personal data:
Right of access: you have the right to obtain from THE SEWING BOX COMPANY confirmation of whether or not personal data concerning you are being processed. THE SEWING BOX COMPANY will, where appropriate, provide a copy of the personal data being processed.
Right of rectification: you have the right to obtain without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of an additional declaration.
Right of deletion: you have the right to obtain without undue delay the deletion of personal data concerning you. When the circumstances set out in Article 17.1 of the GDPR occur, THE SEWING BOX COMPANY will be obliged to delete your data without delay.
Right to data portability: you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format and to transmit it to another data controller without being prevented from doing so by THE SEWING BOX COMPANY, when the processing is based on your consent and, moreover, is carried out by automated means.
Right to restriction of processing: where the processing of your personal data has been restricted by virtue of a request from you, such data may only be processed, with the exception of their storage, with your consent or for the formulation, exercise or defense of claims, or for the protection of the rights of another natural or legal person, or for reasons of substantial public interest. You have the right to obtain the limitation of the processing of your personal data when one of the circumstances provided for in Article 18.1 of the GDPR is met.
Right to object: you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you based on the legitimate interests of THE SEWING BOX COMPANY or third parties. Where the processing of personal data is for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you. In the event that you object to the processing of your data for direct marketing purposes, such personal data will cease to be processed for such purposes immediately.
We remind you that whenever the legal basis for the processing of data is your consent, you have the right to revoke such consent always and in any case, and as easily as you gave it.
You also have the right to file a complaint with the respective supervisory authority, usually the Spanish Data Protection Agency, if you have not been satisfied by THE SEWING BOX COMPANY in the exercise of your rights. For more information, you can go to the website of the same at this link.
Finally, you have the right not to be subject to a decision by THE SEWING BOX COMPANY based solely on automated processing, including profiling, that produces legal effects or similarly significantly affects you.
WHAT SECURITY WILL TSB APPLY TO THE PROCESSING OF YOUR PERSONAL DATA?
User privacy, professional secrecy and personal data security are key principles and firm commitments in THE SEWING BOX COMPANY’s actions and interaction with personal data.
Taking into account the state of the art, the costs of implementation, and the nature, scope, context and purposes of the processing, as well as the risks of varying likelihood and severity to the rights and freedoms of natural persons, THE SEWING BOX COMPANYwill implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk.
Such technical and organizational measures will be aimed at reducing and minimizing the risks of loss, misuse, alteration, unauthorized access, or disclosure of such personal information concerning you.
Para brindarte más seguridad, esta página web tiene instalado un certificado SSL (Secure Socket Layer) que hace que la comunicación de información entre usted y THE SEWING BOX COMPANY viaje cifrada, lo que otorga al sitio web la condición de sitio confiable, auténtico y seguro.
MODIFICATION OF THE PRIVACY POLICY
In order to effectively implement at THE SEWING BOX COMPANY the principle of proactive and ongoing compliance with data protection regulations, as well as to comply with the duty of transparency, we may amend this Privacy Policy from time to time.
We therefore recommend that you review this Policy frequently. Nevertheless, THE SEWING BOX COMPANY will use its best efforts to communicate to data subjects any significant changes to this Privacy Statement that impact the rights and interests of such data subjects.
MORE INFORMATION ABOUT PRIVACY
To clarify any doubts, questions or concerns raised or unresolved by reading this Privacy Statement, you can contact THE SEWING BOX COMPANY at the following e-mail address: info@thesewingboxmag.com or at the postal address of the Data Controller outlined at the beginning of this Policy. info@thesewingboxmag.com or at the postal address of the Data Controller outlined at the beginning of this Policy.
