Privacy policy - Star Care

Privacy policy conditions

Managing your personal data and everything related to your privacy is of maximum importance to us. Before explaining how we go about doing it and what our privacy policy consists of, we want to tell you about some of our commitments to you which govern our conduct:

1.- Legality, transparency and clear language

In addition to scrupulously complying with the law, we are also committed to being transparent with you and explaining what data we need and what we will be using it for, in simple and comprehensible terms.

If at, any time, there is a significant change to our privacy policy, we will inform you and, if that change affects how we process your data or its purpose, we will ask for your consent again before we do anything. In addition, we will only ask you for the data that we really need in order to deal with your request.

This Privacy Policy constitutes our referential framework in relation to managing your personal data and it applies to all websites managed by us (Star TIC Innovación, S.A.) and to all of our interactions with you.

Definitions of key terms

It is important that you understand some of the key terms mentioned throughout our privacy policy:

Data of a personal nature: any information relating to identifiable natural persons or enabling their identification.

User: the owner of the data.

Data controller: the person who determines the purposes and means of processing the user’s data before obtaining their consent and who assumes the responsibility for compliance with the General Data Protection Regulation (GDPR) and the LOPDGDD.

Interactions: some examples of interactions are when you visit our website or when you request us to contact you through our contact form. These interactions could result in data of a personal nature being processed.

Personal data processing: the operations or technical procedures whether automated or otherwise, which enable the collection, recording, storage, use, production, modification, restriction or cancellation, transfer or communication of data.

Consent: any freely given, unambiguous, specific and informed indication of the user’s wishes, by which they consent to the processing of their data.

Third parties: any natural or legal person who is external to Star TIC Innovación, S.A. and other than the user.

Data processor: the legal person, public authority, service or other body which provides a service to the controller and processes personal data on their behalf.

Transfer or communication of data: any revelation of data made to a third party.

Restriction: the identification and storage of personal data for the purposes of preventing its processing, except by the Public Administrations, Judges and Courts in order to attend to potential liabilities arising from the processing during the limitation period of said liabilities. The cancellation of the data will lead to its restriction and erasure.

Erasure: the physical elimination of the restricted personal data once the period of limitation (retention period) has ended.

Data controller

All personal data processed by Star TIC Innovación, S.A. in relation to this Privacy Policy is the responsibility Star TIC Innovación, S.A. with offices at C/ Estrasburgo, 8, 28232 Las Rozas de Madrid, (Madrid) España and corporate tax ID A84676519, which assumes the role of “Data controller” as set out by (EU) Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter GDPR) and Organic Law 3/2018 of 5 December on the protection of personal data and guarantee of digital rights (hereinafter LOPDGDD).

What information we may collect from you and for what purpose

The personal data collected will depend on the type of interaction you have with us. In general, it will be data which you have voluntarily provided and which is characterised by having:

  1. A limited nature (we won’t ask you for more information than is strictly necessary for the purpose indicated).
  2. A specific purpose for which they are to be processed.
  3. A lawful basis that allows for such processing, which may consist of:
  • Your express and freely given consent, which can be revoked at any time.
  • The execution of a contract between yourself and Star TIC Innovación, S.A..
  • The legitimate interest of Star TIC Innovación, S.A. that may consist of:

Producing statistics to better understand your needs and provide you with a better service, as well as to adapt our products, applications or website (among other things) to them.

Enabling the functioning of our website using technical and functional cookies.

Complying with the obligations and legal requirements involving the processing of personal data.

We may also collect information which is not necessarily of a personal nature using technology such as cookies on our website (see Use of tools for automatic data collection), without you being personally identified under any circumstances, and always subject to the conditions set out in our Cookies Policy.

Finally, we will process your data on occasion as a consequence of a request from a third party acting as data controller.

These are the main interactions that you may have with us:

Web browsing

Personal information

None. Statistical information about the use of our website and information gathered using cookies (browser, date and time of connection, etc.). See Cookies policy

Purpose

Enabling smooth browsing, adapted to your needs as a user.

Lawful basis for processing

Consent of the interested party.

You sign up to our newsletter or you agree to receive marketing communications

Personal information

Email

Purpose

Sending you marketing and/or corporate information and informing you of news and promotional campaigns from Star TIC Innovación, S.A. and other related companies if you have previously given your consent. We will also use your email address to contact you if there is an issue with an order.

Lawful basis for processing

Consent of the interested party.

You request our contact through the contact form

Personal information

First name and surname, email and phone nº.

Purpose

Attending your contact request.

Lawful basis for processing

Consent of the interested party.

We may use your personal data or information resulting from its combination for other purposes related to the above stipulations or to offer you products, services or personalised value proposals, but only with your consent and within the framework set out by our Privacy Policy. .

We do not use your personal data for automated decision-making that could adversely affect you or have legal consequences for you.

How long do we retain your data

We retain your data for the time necessary to meet the purpose for which it was collected, taking the legitimacy of the processing into account. If the same type of personal data is used for two or more different purposes, we will apply the longer storage limitation period and we will only allow access to those that need it in order to carry out their duties.

  • For purposes related to the execution of the contract for the sale or use of a product, we will retain your personal data for as long as the contractual relationship remains valid or for as long as it is necessary to meet our contractual obligations, and for eight years afterwards in order to be able to deal with queries or requests for assistance. Where it concerns the provision of a service, the storage limitation period shall be four years from its inception.
  • For purposes relating to marketing activities and commercial or corporate communication, we will retain your data for a period of five years from the last date that we obtained your consent. If you revoke it, we will restrict the personal data related to these purposes so that it cannot be used and we will delete it when one year has passed.
  • For purposes related to the analysis and improvement of the user experience involving the use of personal data, we will retain your data for a maximum period of five years from obtaining your consent.
  • For purposes connected with the fulfilment of our legal obligations, we will retain your data for the period specified by the specific applicable law (tax, trading, etc.) in each case.

Once the maximum storage limitation period has ended, we will delete your personal data as stipulated by the GDPR, meaning it shall be restricted, made anonymous, pseudonymised or totally erased.

How we protect your data

The data security principle requires that the necessary technical and organisational measures be adopted to ensure the security of the personal data and to prevent its alteration, loss or unauthorised access and processing.

At Star TIC Innovación we have taken as a reference the measures established in Title VIII of the Development Regulation of the Organic Law on Data Protection, approved by Royal Decree 1720/2007, of 21 December. On the basis of this and the provisions of the GDPR and the LOPDGDD, we have established additional measures that improve the control of the processes and the security of our privacy management model, by applying the best available practices. Your data is hosted on reliable servers and is protected by strict policies and security measures and, periodically, we submit to independent external audits to check the robustness of our management model and to explore opportunities for improvement.

Transfer and/or communication of the information to third parties

We may share personal data with service providers and authorised third parties for legitimate activities and purposes (for example, those which are necessary for the operation of processes or the provision of products and services provided by other companies, contracted by Star TIC Innovación, S.A. and who can assume the role of “Data processor”).

This communication may be bidirectional and shall always be protected by the existence of a contract that regulates it.

Some of these activities are:

  • Carrying out commercial activities, marketing and other advertising campaigns.
  • Operational and contractual relationship with our business partners (distributors, retailers, technical support, etc.).
  • Operational and contractual relationship with our subsidiaries and any commercial representatives we may have.

On selecting the companies that provide us with these services, we have taken into account, among other factors, their compliance with the GDPR and the LOPDGDD (and they are actually susceptible to be audited by our team). They carry out the processing of personal data on the basis of the indications that we specify in writing in a contract and always in accordance with the provisions of the GDPR and the LOPDGDD. For example, you will never receive their marketing communications nor will they do anything with your data outside of the agreement with Star TIC Innovación, S.A and at the same time, in line with the purpose of collecting your data at the time that you gave us your consent.

If the processing of this personal data were to take place outside of the list of countries of members of the European Economic Area, it would be made on the basis of contractual clauses approved by the European Commission.

Remember that we may transfer your data to third parties when it is required for the fulfilment of our legal obligations (tax, trading, etc.) or at the request of a legal authority.

Use of tools for automatic data collection

We use cookies, pixel tags and web beacons on our websites or in certain digital communications and we also allow other companies to do so that provide services to us relating to marketing and web analytics. These technologies enable us to improve the quality and the personalisation of the content that you access, to optimise our communication and ultimately, to offer you with a better user experience.

  • Cookies: Small data files that the internet server sends to the device you are using to access our website. They can be proprietary or third-party cookies (such as those arising from the use of the Google Analytics tool), they are only associated to your browser and do not themselves provide personal data. Cookies cannot harm your device and are very useful to us for identifying and resolving errors, and offering you a better user experience. You can read more in our Cookies Policy.
  • Pixel tags: Pixel tags are tiny images with a unique identifier, which work in a similar way to cookies and serve to measure a specific activity. This technology allows us to track specific actions and to find out the users’ preferences and interest in the products.
  • Web beacon: a transparent graphic image of 1 pixel x 1 pixel that can be integrated into digital content, videos and emails. For example, we use this technology when we respond to an email you have sent requesting technical assistance in order to know if you have read it.

Processing of children’s data

Our products, services and promotional campaigns are largely designed for and directed at adults. We will only collect and process your personal data if you are at least 14 years of age, which is the threshold set under the current Spanish legislation on data protection to determine whether you are under age or not. We will delete any personal data entered by any minor under the age of 14 years who does not comply with this condition within a limited time period. If you are aware of any personal data entered by a minor under the age of 14 years, please write to us at legal@startic.es so that we can proceed to remove it from our database.

Your responsibility

As a user, you are responsible for the veracity, accuracy, validity and authenticity of the data that you provide to Star TIC Innovación, S.A.. You are also responsible for the information that you provide to us regarding third parties, from whom you are obliged to obtain their consent.

Star TIC cannot be held responsible for any violation of third-party rights by one or more users via their activities on our websites, such as protegeanuestrosheroes.org, mascarillasegura.com y starcare.es.

On occasion, for certain services, we must include a link to a third-party website (for example, for the joint provision of services with a partner which has its own privacy policy and may come to act as as data controller) and, where applicable, they will be responsible for obtaining your consent. The same applies to social networking services such as (Facebook, Twitter, Instagram or YouTube), which have their own conditions of use and privacy policies, which generally include the use of cookies, pixels, web beacons and other automatic data collection technologies.

What are your rights and how to exercise them

Right to be informed: You have the right to obtain clear and easy-to-understand information about how we use your personal data and what your rights are. We give you this information in this policy.

Right of access and rectification: you have the right to obtain information about the personal data that we have and to request that we complete or rectify them when they are inaccurate, incomplete or out of date. To exercise this right, write to us at legal@startic.es and attach a copy of your ID, recognized digital certificate or official document that allows you to verify your identity. If you have a user and account, you can correct them yourself.

Right to erasure/to be forgotten: You have the right to request that we delete or remove your personal data, as long as it is possible and the company has no legal or legitimate reasons for keeping it. To exercise this right, write to us at legal@startic.es and attach a copy of your national ID or official document to enable the verification of your identity.

Right to restrict processing: The processing of your data will be subject to limitations (we can continue to store it but without using it) when any of the following circumstances apply: 1) you have requested verification of the accuracy of the data that we hold, 2) you have objected to the processing, 3) we no longer require your data for the purposes of processing or 4) the processing is unlawful.

Right to data portability: You have the right to request that we transfer your personal data to another data controller where possible. To exercise this right, write to us at legal@startic.es and attach a copy of your national ID or official document to enable the verification of your identity.

Right to withdraw your consent and the right object to direct marketing: You can withdraw your consent to the processing of your personal data at any time, and you can unsubscribe from our direct marketing communications. You can do this by clicking on the link “Unsubscribe” link that you will find in any email or communication that we send you, or by writing to us legal@startic.es.

Right to file a complaint with a control authority: If you believe that we have not respected your rights, you can file a complaint with the Spanish Data Protection Agency (www.agpd.es). We encourage you to contact our data protection officer in the first instance by writing to us at legal@startic.es so that we can assist you.

How to contact us

If you have any questions on how we use your personal data, you can contact our data protection officer:

Star TIC Innovación, S.A.

C/ Estrasburgo, 8, 28232

Las Rozas de Madrid

Data controller

legal@startic.es

Changes to our Privacy Policy and applicable legislation

We may update our privacy policy at any time, and if this involves substantial changes that could affect your rights, we will inform you using the notifications system of your device, by email or by publishing an informative notice on one of our corporate information channels. Even so, we recommend that you review our policy periodically. If you continue to use our services once the change has been communicated, this implies that you are familiar with the terms set out in the new privacy policy.

Our policy and procedures for managing personal information have been created in accordance with the requirements of the General Data Protection Regulation and the LOPDGDD, which constitutes our referential framework.

Date of application: 22 of june 2020.