logo

Basic Information on Data Protection

Controller

Indyk itl, S.L.

Purpose

Providing online services. Managing web users.

Sending commercial communications related to our services.

Legitimation

Express consent and legitimate interest.

Recipient

Data is not transferred to third parties, except legal obligation.

Rights

Access, rectification, and deletion of data, as

Data is not transferred to third parties, except legal obligation.

Additional Information

You can consult additional and detailed information on Data Protection in the annex clauses found at http://food.indyk.es/ca/avis-legal/index.htm

A Indyk itl, S.L. we strive to offer you the best possible experience through our products and services. In some cases, it is necessary to collect information to achieve this goal. We care about your privacy and believe that we should be transparent about it.

Therefore, in accordance with REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 (hereinafter, “GDPR”) on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and LAW 34/2002, of 11 July, on Information Society Services and Electronic Commerce (hereinafter, “LSSI”), Indyk itl, S.L. informs the user that, as the data controller, we will incorporate the personal data provided by users into an automated file.

Our commitment begins with explaining the following:

Your data is collected to improve the user experience, meeting your interests and needs.

We are transparent about the data we obtain about you and the reasons why we do so.

Our intention is to offer you the best possible experience. Therefore, when we use your personal information, we will always comply with the regulations, and when necessary, we will request your consent.

We understand that your data belongs to you. Therefore, if you decide not to authorize us to process it, you can request that we stop processing it.

Our priority is to ensure your security and handle your data in accordance with European regulations.

If you wish to obtain more information about the processing of your data, please refer to the different sections of the privacy policy below:

Who is responsible for processing your personal data?

Identity: Indyk itl, S.L.

Registered office: Costa d’ en Paratge 22, 2n., D-1

C.I.F. nº: B66000167

Email: indyk1@indyk.es

Indyk itl, S.L. . has appointed a Data Protection Officer or an internal contact person within its organization. If you wish to make an inquiry regarding the processing of your personal data, you can contact them via email at indyk1@indyk.es

What personal data do we collect?

The personal data that the user may provide:

• Name, address, and date of birth.

• Phone number and email address. • Location.

• Information regarding payments and refunds.

• IP address, date and time of accessing our services, internet browser used, and data about the device’s operating system.

• Any other information or data you choose to share with us.

In some cases, completing the registration form may be mandatory to access and enjoy certain services offered on the website; likewise, not providing the requested personal data or not accepting this privacy policy may result in the inability to subscribe, register, or participate in any promotions that require personal data.

Why and for what purposes do we process your data?

A Indyk itl, S.L. we process the information provided by interested parties for the following purposes:

• Managing orders or contracting any of our services, whether online or in physical stores. • Managing the sending of requested information.

• Developing commercial actions and carrying out the maintenance and management of the relationship with the user, as well as managing the services offered through the website and information tasks, including automatic evaluations, profiling, and customer segmentation tasks in order to personalize the treatment according to their characteristics and needs and enhance the online customer experience.

• Developing and managing contests, draws, or other promotional activities that may be organized.

• In some cases, it will be necessary to provide information to authorities or third-party companies for audit purposes, as well as to handle personal data from invoices, contracts, and documents to respond to customer claims or requests from Public Administrations.

We inform you that the personal data obtained as a result of your registration as a user will be part of the Register of Activities and Treatment Operations (RAT), which will be periodically updated in accordance with the provisions of the GDPR.

What is the legal basis for processing your data?

The processing of your data may be based on the following legal bases:

• Consent of the data subject for the contracting of services and products, through contact forms, requests for information, or subscription to newsletters.

• Legitimate interest for processing data of our clients in direct marketing actions, and express consent of the data subject for everything related to automatic evaluations and profiling.

• Compliance with legal obligations for fraud prevention, communication with Public Authorities, and third-party claims.

How long do we keep your data?

The processing of data for the purposes described will be maintained for the time necessary to fulfill the purpose of its collection (for example, for the duration of the commercial relationship), as well as for compliance with legal obligations arising from the processing of the data.

To whom are your data communicated?

In some cases, only when necessary, Indyk itl, S.L. will provide user data to third parties However, data will never be sold to third parties External service providers (such as payment providers or delivery companies with which Indyk itl, S.L. works) may use the data to provide the corresponding services, without prejudice to this, they will not use the information for their own purposes or for transfer to third parties.

Indyk itl, S.L. ensures the security of personal data when it is sent outside the company and ensures that third-party service providers respect confidentiality and have adequate measures to protect personal data. These third parties are obligated to ensure that the information is processed in accordance with data privacy regulations.

In some cases, the law may require the disclosure of personal data to public bodies or other parties; only the strictly necessary data will be disclosed for compliance with these legal obligations.

The personal data obtained may also be shared with other companies in the group.

Where are your data stored?

In general, data is stored within the EU. Data sent to third parties outside the EU will ensure that they offer a sufficient level of protection, either because they have Binding Corporate Rules (BCR) or because they have adhered to the “Privacy Shield” framework.

What rights do you have and how can you exercise them?

You can address your communications and exercise your rights through a request to the following email address: indyk1@indyk.es.

In accordance with what is established by the GDPR, you can request:

• Right of access: You can ask for information about the personal data we have about you. • Right of rectification: You can communicate any changes to your personal data.

• Right to erasure and to be forgotten: You can request deletion, subject to the blocking of personal data. • Right to restriction of processing: This implies the restriction of the processing of personal data.

• Right to object: You can withdraw consent for the processing of data, objecting to further processing.

• Right to data portability: In some cases, you can request a copy of personal data in a structured, commonly used, and machine-readable format for transmission to another controller.

• Right not to be subject to automated individual decision-making: You can request that decisions not be based solely on automated processing, including profiling, that produces legal effects or significantly affects you.

In some cases, the request may be rejected if you ask for data that are necessary to comply with legal obligations.

Likewise, if you have any complaints about the data processing, you can file a complaint with the data protection authority.

Who is responsible for the accuracy and truthfulness of the provided data?

The user is solely responsible for the accuracy and correctness of the data provided, releasing Indyk itl, S.L.

from any liability in this regard. Users guarantee and are responsible, in any case, for the accuracy, validity, and authenticity of the personal data provided, and undertake to keep them duly updated. The user agrees to provide complete and correct information on the registration or subscription form Indyk itl, S.L. . reserves the right to terminate contracted services with users if the data provided is false, incomplete, inaccurate, or not up-to-date.

Indyk itl, S.L. does not guarantee the accuracy of information not of its own creation and from other sources; therefore, it also assumes no responsibility for any potential damages that may arise from the use of this information.

reserves the right to update, modify, or delete the information contained on its web pages, and may even limit or deny access to this information. Indyk itl, S.L. is released from liability for any damage or harm that users may suffer as a result of errors, defects, or omissions in the information provided by Indyk itl, S.L. whenever it comes from sources outside of it.

Likewise, the user certifies that they are over 14 years old and possess the necessary legal capacity to provide consent regarding the processing of their personal data.

How do we treat personal data of minors?

In principle, our services are not specifically directed at minors. In principle, our services are not specifically directed at minors. However, in the event that any of them are directed at minors under fourteen years of age, in accordance with Article 8 of the GDPR and Article 7 of Law 3/2018, of December 5 (LOPDGDD), Indyk itl, S.L. will require valid, free, unequivocal, specific, and informed consent from legal guardians to process the personal data of minors. In this case, the DNI or other form of identification of the person providing consent will be required.

In the case of individuals over fourteen years old, data processing may proceed with the consent of the user, except in cases where the Law requires the assistance of legal guardians.

What security measures do we apply to protect your personal data?

Indyk itl, S.L. has adopted the legally required levels of security for the protection of personal data and endeavors to install other additional technical means and measures within its reach to prevent the loss, misuse, alteration, unauthorized access, and theft of personal data provided to Indyk itl, S.L..

Indyk itl, S.L. is not responsible for potential damages or harm that may arise from interferences, omissions, interruptions, computer viruses, telephone faults, or disconnections in the operational functioning of this electronic system, caused by reasons beyond the control of Indyk itl, S.L.; delays or blockages in the use of this electronic system caused by deficiencies or overloads in telephone lines or overloads in the Data Processing Center, the Internet system, or other electronic systems, as well as damages that may be caused by third parties through unauthorized intrusions beyond the control of Indyk itl, S.L. However, the user must be aware that Internet security measures are not impregnable.

Links to other websites

On the website http://www.indyk.es/ca/index.htm there may be links to other websites By clicking on one of these links and accessing an external website, the visit will be subject to the privacy policy of that website, with Indyk itl, S.L. disclaiming any responsibility for its privacy policy.

How do we use cookies?

uses cookies to optimize and personalize your navigation through it Cookies are physical information files stored on the user’s device, and the information collected through cookies is used to facilitate the user’s navigation on the portal and optimize the browsing experience. The data collected through cookies may be shared with their creators, but in no case will the information obtained by them be associated with personal data or data that can identify the user.

However, if the user does not wish for cookies to be installed on their hard drive, they have the option to configure their browser to prevent the installation of these files For more information, please consult our Cookie Policy at http://food.indyk.es/ca/avis-legal/

Can the privacy policy be modified?

This privacy policy may be modified We recommend that you review the privacy policy periodically.