Privacy and Data Protection Policy

In compliance with current legislation, Biottonia-Essences (hereinafter, also referred to as “Website”) is committed to implementing the necessary technical and organizational measures, based on the level of security appropriate to the risks of the collected data.

Laws Covered by This Privacy Policy

This privacy policy is adapted to the current Spanish and European regulations regarding personal data protection on the internet. Specifically, it complies with the following laws:

  • Regulation (EU) 2016/679 of the European Parliament and Council, of April 27, 2016, concerning the protection of individuals in relation to the processing of personal data and the free movement of such data (GDPR).

  • Organic Law 3/2018, of December 5, on the Protection of Personal Data and Guarantee of Digital Rights (LOPD-GDD).

  • Royal Decree 1720/2007, of December 21, which approves the Development Regulation of Organic Law 15/1999, of December 13, on the Protection of Personal Data (RDLOPD).

  • Law 34/2002, of July 11, on Information Society Services and Electronic Commerce (LSSI-CE).

Identity of the Data Controller

The entity responsible for processing the personal data collected on Biottonia-Essences is: Biottonia Naturalcare S.L., with NIF: B04964839 and registered on 15/03/2021, in the Mercantile Registry of Badajoz, Document 1/2021/1706 Entry 53/933, with the following registration details: Volume 757, Book 0, Page 91, Section 8, Sheet BA-31581, Entry 11. Contact details are as follows:

  • Registered Address: Dehesa de San Amador, Polígono 8, parcela 96, 06110 Villanueva del Fresno (Badajoz), Spain.

  • Notification Address: Carretera de la Estación, 25, 06480 Montijo (Badajoz), Spain.

  • Contact Phone: +34 924 45 90 56

  • Contact Email: info@biottonia.com

Personal Data Registration

In compliance with the GDPR and the LOPD-GDD, we inform you that the personal data collected by Biottonia-Essences through the forms on our website will be included in our file and processed for the purpose of facilitating, expediting, and fulfilling the commitments established between the Website and the User or maintaining the relationship established through the forms the User fills out, or to respond to a request or inquiry. Additionally, according to the GDPR and LOPD-GDD, unless the exception in Article 30.5 of the GDPR applies, a record of processing activities is maintained, specifying the processing activities carried out and other circumstances established by the GDPR.

Principles of Personal Data Processing

The processing of personal data of the User will adhere to the following principles established in Article 5 of the GDPR and in Article 4 and subsequent articles of Organic Law 3/2018, of December 5, on the Protection of Personal Data and Guarantee of Digital Rights:

  • Lawfulness, fairness, and transparency: The User’s consent will always be required, with full transparency regarding the purposes for which the personal data is collected.

  • Purpose limitation: Personal data will be collected for specified, legitimate purposes.

  • Data minimization: Only the personal data necessary for the purposes of processing will be collected.

  • Accuracy: Personal data must be accurate and kept up to date.

  • Storage limitation: Personal data will only be kept for as long as necessary for the purposes of processing.

  • Integrity and confidentiality: Personal data will be processed in a manner that ensures its security and confidentiality.

  • Accountability: The Data Controller is responsible for ensuring that the above principles are adhered to.

Categories of Personal Data

The categories of data processed by Biottonia-Essences are limited to identifying data. Special categories of personal data as defined in Article 9 of the GDPR are not processed.

Legal Basis for Processing Personal Data

The legal basis for processing personal data is the consent of the User. Biottonia-Essences commits to obtaining the User’s express and verifiable consent for the processing of their personal data for one or more specific purposes.

The User has the right to withdraw their consent at any time. Withdrawing consent will be as easy as granting it. In general, withdrawing consent will not affect the use of the Website.

Purposes of Personal Data Processing

Personal data is collected and managed by Biottonia-Essences to facilitate, expedite, and fulfill the commitments established between the Website and the User or to maintain the relationship established through the forms the User fills out, or to respond to a request or inquiry.

Additionally, data may be used for commercial purposes such as personalization, operations, statistical activities, and marketing studies to improve content, functionality, and navigation on the Website.

Data Retention Periods

Personal data will only be retained for the minimum time necessary for its processing purposes and, in any case, for the following period: 3 years, or until the User requests its deletion.

Recipients of Personal Data

The User’s personal data may be shared with the following recipients or categories of recipients:

  • Company Name: Google Ireland, Ltd.

If the Data Controller intends to transfer personal data to a third country or international organization, the User will be informed at the time the personal data is obtained about the third country or international organization to which the data will be transferred and the existence or absence of an adequacy decision by the Commission.

Personal Data of Minors

In compliance with Articles 8 of the GDPR and 7 of Organic Law 3/2018, of December 5, on the Protection of Personal Data and Guarantee of Digital Rights, only individuals over the age of 14 may grant their consent for the lawful processing of their personal data by Biottonia-Essences. For minors under 14 years of age, parental or guardian consent is required for processing, and this consent will only be valid if authorized by the parents or guardians.

Data Security and Confidentiality

Biottonia-Essences commits to adopting the necessary technical and organizational measures to ensure the security of personal data and prevent its accidental or unlawful destruction, loss, alteration, or unauthorized access or disclosure.

The Website is secured with an SSL (Secure Socket Layer) certificate, which ensures that personal data is transmitted securely and confidentially, as data transmission between the server and the User is fully encrypted.

However, due to the inherent risks of the internet, Biottonia-Essences cannot guarantee complete protection against unauthorized access or fraudulent breaches. The Data Controller commits to promptly notifying the User of any security breaches that may result in a high risk to the rights and freedoms of individuals.

User Rights

The User has the following rights regarding their personal data, as recognized in the GDPR and the Organic Law 3/2018, of December 5, on the Protection of Personal Data and Guarantee of Digital Rights:

  • Right of access: The right to confirm whether Biottonia-Essences is processing their personal data and, if so, to access their specific personal data and information regarding its processing.

  • Right to rectification: The right to have inaccurate personal data corrected or completed.

  • Right to deletion (“right to be forgotten”): The right to request the deletion of personal data when it is no longer necessary, or if consent is withdrawn, or if the processing is unlawful.

  • Right to restrict processing: The right to request the limitation of processing in certain situations.

  • Right to data portability: The right to receive personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller.

  • Right to object: The right to object to the processing of personal data.

  • Right not to be subject to automated decisions: The right not to be subject to decisions based solely on automated processing, including profiling.

Third-Party Websites

The Website may include hyperlinks or links to third-party websites not operated by Biottonia-Essences. These third-party websites have their own privacy policies, and they are responsible for their own data files and privacy practices.

Complaints to the Control Authority

If the User believes there is an issue with how their personal data is being processed, they have the right to seek judicial protection and file a complaint with the relevant supervisory authority, particularly in the country where they reside or work. In Spain, the supervisory authority is the Spanish Data Protection Agency (www.agpd.es).

Acceptance and Changes to this Privacy Policy

The User must read and accept the terms regarding personal data protection in this Privacy Policy before proceeding. By using the Website, the User accepts the Privacy Policy.

Biottonia-Essences reserves the right to modify its Privacy Policy at any time. Any changes or updates to this policy will not be explicitly communicated to the User. The User is advised to periodically check this page to stay informed about any changes or updates.

This Privacy Policy was updated to comply with Regulation (EU) 2016/679 of the European Parliament and Council, of April 27, 2016, regarding the protection of individuals concerning the processing of personal data and the free movement of such data (GDPR) and Organic Law 3/2018, of December 5, on the Protection of Personal Data and Guarantee of Digital Rights.