Date of last update: 04/06/2019 www.minilandgroup.com
DETAILS OF THE DATA CONTROLLER
PURPOSES OF THE PROCESSING OF YOUR DATA
At www.minilandgroup.com your personal data is processed for the following purposes:
- Contact: to respond to requests received for information on the products and services offered, including the technical service, as well as to answer any type of question sent by users.
- Employment: to carry out internal staff selection processes, both current and future.
- Store: to manage the details of registered users in order to provide the services offered through the shop: childcare accessories such as baby video-monitoring, food, health and well-being products. The processing includes, but is not limited to: registration of new users, product purchase, goods transport service, customer care, claims and post-sale service.
- Blog: to receive news of publications made on MINILAND’s blog for those users who have subscribed to it.
- Newsletter and offers: to receive news on MINILAND, MINILAND BABY, MINILAND EDUCATIONAL and the childcare sector, as well as exclusive offers and promotions for members and customers.
- Profiling: through analysis of your activity as a user in our store (browsing, purchases, comments in the blog, etc.) your data may be processed automatically for profiling in order to customise the products, offers and communications.
- Transactional: For the correct management and follow-up of orders made in the online store, including recovering abandoned shopping carts.
TERM FOR DATA RETENTION
At www.minilandgroup.com your personal data is processed for the following periods of time:
- Contact: the data will be retained until the user asserts their right to have their data erased.
- Employment: the data will be retained until the user asserts their right to have their data erased. Curriculum information will be retained by our company for a maximum period of one year.
- Store: the data will be retained in accordance with the applicable legislation in commercial law (when purchases have been made electronically). Failing this, the data will be retained until the user asserts their right to have their data erased.
- Blog: the data will be retained until the user asserts their right to have their data erased.
- Newsletter and offers: the data will be retained until the user asserts their right to have their data erased.
- Profiling: the data will be retained until the user asserts their right to have their data erased or not to be subject to automated decisions.
- Transactional: the data will be retained until the user asserts their right to have their data erased.
LEGITIMACY OF THE PROCESSING
Contact: the legal basis for processing is the consent of the user for their data to be processed for the purposes indicated, by contact through the methods provided on the web page and the contact forms.
Employment: the legal basis for processing is the consent of the user, who provides their curriculum details through the methods provided on the web page.
Store: the legal basis for processing is the performance of a contract to manage the electronic purchase process, under legal obligations in the sphere of electronic commerce (Royal Legislative Decree 1/2007, of November 16 and other complementary regulations, Code of Commerce.) We also inform you that during the purchasing process you will be asked for the data needed to process your order. If you refuse to provide this data, this will prevent you from continuing with the process.
Blog: the legal basis for processing is the consent of the user, who subscribes to receive news on the blog, through the blog subscription form.
Newsletter and offers: the legal basis for processing is the consent of the user, who subscribes to receive the Newsletter, through the contact form.
Transactional: the legal basis for processing is the consent of the user for their order to be processed.
RECIPIENTS OF YOUR DATA
The personal data collected will never be transferred to third parties or made public, except in circumstances where your consent has been given, where you participate voluntarily or because of express legal obligations. These recipients are: Tax administration, Banking Institutions, Public Administration with competence in this area, in matters relating to electronic commerce.
We only share your personal information with certain companies who provide services to our company: auditors, consultants, carriers, website development and support companies and email marketing companies. Similarly, for the management of orders made using the purchase process on the web page, your information is provided to REDSYS, as the entity accredited for Internet payment methods, which has a secure and confidential system in place when the user purchases the products. Any communication at the time of making a payment is exclusively between the user and REDSYS, and MINILAND only receives confirmation from REDSYS of the result of the purchase process. HUBSPOT is also used for communication between MINILAND and users, as well as to send the newsletter.
We require that any company with which we might share your personal information also protects this data in accordance with this policy, limits the use of your personal information to provision of the service, and signs the relevant contracts on data access according to the current regulations on data protection. We also inform you that if your data is transferred internationally outside of the European Economic Area we require those companies that receive the data to have “insurance” in place either through international agreements, or membership of the EU-US Privacy Shield.
EXERCISE OF RIGHTS
Individuals may exercise their data protection rights (access, rectification, objection, erasure, automated decisions, restriction on processing, portability) by sending an email to firstname.lastname@example.org, or by post to PG. IND. LA MARJAL (C/ LA PATRONAL 8-10) – CP 03430, ONIL, ALICANTE (SPAIN) Documentation must be provided to prove the identity of the applicant (copy of the back of the National Identity Document, or equivalent). We will reply within a maximum time of 30 days from receipt of the e-mail or letter, although this period may be extended by a maximum of 2 months if necessary.
In any case, you can petition the Data Protection Agency to grant you access to that information through their web page.