Skip to content
Edit Content

Privacy Policy

I. PRIVACY AND DATA PROTECTION POLICY

In accordance with current legislation, Vereness (hereinafter also referred to as the Website) is committed to adopting the necessary technical and organizational measures appropriate to the level of security required for the risk associated with the collected data.

Laws incorporated into this privacy policy:
This privacy policy is adapted to current Spanish and European regulations on the protection of personal data on the internet. Specifically, it complies with the following regulations:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR).
  • Organic Law 3/2018, of December 5, on the Protection of Personal Data and Guarantee of Digital Rights (LOPD-GDD).
  • Royal Decree 1720/2007, of December 21, which approves the implementing regulation of the repealed Organic Law 15/1999.
  • Law 34/2002, of July 11, on Information Society Services and Electronic Commerce (LSSI-CE).

Identity of the Data Controller:
The data controller of personal data collected through Vereness is Juan Manuel García Cayetano, NIF/CIF: 75880427T. Address: C. López de Ayala, 44. 06480. Montijo. Badajoz. Spain. Phone: +34 655140893. Email: info@vereness.com

Registration of Personal Data:
In compliance with GDPR and LOPD-GDD, we inform you that the personal data collected through the forms on the Vereness website will be included and processed in our file in order to facilitate, expedite, and fulfill the commitments established between Vereness and the User, or to maintain the relationship reflected in the forms the User fills out, or to respond to a request or inquiry.
Unless the exception provided in Article 30.5 of the GDPR applies, a record of processing activities is maintained specifying, according to its purposes, the processing activities carried out and other relevant circumstances.

Principles applicable to personal data processing:
The processing of User data will be subject to the following principles, as outlined in Article 5 of the GDPR and Articles 4 and following of Organic Law 3/2018:

  • Lawfulness, fairness, and transparency: User consent will be required with clear prior information on the purpose of data collection.
  • Purpose limitation: Data will be collected for specific, explicit, and legitimate purposes.
  • Data minimization: Only data strictly necessary for the intended purpose will be collected.
  • Accuracy: Data must be accurate and kept up to date.
  • Storage limitation: Data will be stored only as long as necessary for processing.
  • Integrity and confidentiality: Data will be processed securely and confidentially.
  • Accountability: The Controller is responsible for ensuring compliance with these principles.

Categories of personal data:
The only types of data collected by Vereness are identification data. No special categories of data (as defined in Article 9 of the GDPR) are processed.

Legal basis for data processing:
The legal basis for processing is the User’s consent. In the case of purchases, the legal basis is the performance of a contract and compliance with legal obligations. Vereness undertakes to obtain explicit and verifiable consent before processing User data.
Users may withdraw their consent at any time without affecting the use of the Website.

Purposes of data processing:
Personal data is collected and managed by Vereness to facilitate the fulfillment of commitments with the User, manage inquiries, or maintain the relationship reflected in submitted forms. This includes the management of orders, payments, invoicing and the shipment and delivery of purchased products.
Data may also be used for commercial, operational, and statistical purposes, as well as to improve content, user experience, functionality, and Website performance.

Users will be informed at the time of data collection about the specific purposes of processing.

Data retention periods:
Personal data will be retained only as long as necessary to fulfill the purposes for which it was collected. Data will be retained during the ongoing business relationship or until the User requests deletion, in compliance with legal obligations.

Recipients of personal data:

User data may be shared with the following:

 
  • Google Analytics (Google LLC, USA) – for website usage analytics. More info: https://policies.google.com/privacy?hl=en
  • Google Ads (AdWords) – for conversion tracking and ad personalization. More info: https://policies.google.com/privacy?hl=en
  • Stripe Payments Europe, Ltd. – for secure online payment processing. More info: https://stripe.com/en/privacy
  • Sered – for website hosting and maintenance. More info: https://sered.net/
  • Shipping and logistics companies – for items delivery. By default, UPS is used (including its affiliates or logistics partners in the destination country). Alternatively, GLS or Correos España (and their respective affiliates or logistics partners in the destination country) may be used upon explicit request by the buyer before completing the purchase process.
If data is to be transferred to a third country or international organization, Users will be informed accordingly. International transfers are carried out under appropriate safeguards in accordance with the GDPR.
 

Minors’ personal data:
In accordance with Articles 8 of the GDPR and 7 of Organic Law 3/2018, only individuals over 14 years of age may lawfully give consent. For minors under 14, parental or guardian consent is required.

Data confidentiality and security:
Vereness implements appropriate technical and organizational measures to ensure the security of personal data. The Website uses SSL (Secure Socket Layer) encryption.
While Vereness cannot guarantee total internet invulnerability, it commits to informing the User without undue delay in the event of a high-risk data breach.

All personal data will be treated as confidential. The Controller will ensure confidentiality is upheld by employees, partners, and third parties.

User rights under GDPR and Spanish Law:Users may exercise the following rights:

  • Access: Confirm whether Vereness processes their data and access that data.
  • Rectification: Request correction of inaccurate or incomplete data.
  • Erasure (Right to be Forgotten): Request deletion of data when it is no longer necessary or lawfully processed.
  • Restriction of Processing: Request limitation under certain conditions.
  • Data Portability: Receive their data in a structured, commonly used format and transmit it to another controller.
  • Objection: Oppose the processing of their personal data.
  • Automated Decision-Making: Not be subject to decisions based solely on automated processing, including profiling.

Requests should be sent to the Controller with the subject line “GDPR – https://vereness.com”, including:

  • Full name and ID (or authorized representative and authorization document).
  • Clear explanation of the request.
  • Notification address.
  • Date and signature.
  • Supporting documentation, if applicable.

Requests can be sent to postal address: C. López de Ayala, 44. 06480. Montijo. Badajoz. Spain or email: info@vereness.com

Links to third-party websites:
The Website may contain links to third-party websites. These are not operated by Vereness, and such third parties are responsible for their own privacy practices.

Complaints to the Supervisory Authority:
If the User believes that their data is being mishandled or that regulations are being violated, they have the right to file a complaint with a supervisory authority, particularly in their country of residence, place of work, or where the violation allegedly occurred. In Spain, the relevant authority is the Spanish Data Protection Agency: https://www.aepd.es/ 

II. ACCEPTANCE AND CHANGES TO THIS PRIVACY POLICY

It is essential that Users have read and agree with the conditions regarding personal data protection contained in this Privacy Policy, and that they consent to the processing of their data. Use of the Website implies acceptance of this Privacy Policy.

Vereness reserves the right to modify this Privacy Policy at its sole discretion, or due to legislative, jurisprudential, or doctrinal changes by the Spanish Data Protection Agency.
Changes or updates will not be explicitly notified. Users are encouraged to review this page periodically.

This Privacy Policy was last updated to comply with Regulation (EU) 2016/679 and Organic Law 3/2018 on personal data protection and digital rights.