0

Privacy Policy

 

1. Data Controller

The data controller responsible for the processing of personal data collected on the DermMatch Europe website is:

DermMatch Europe
Address: C/ 9 de Octubre, nº 1, 46110 Godella (Valencia), Spain
E-mail: info@dermmatcheu.com

The website and this policy must clearly identify the data controller.

2. Purpose of this Policy

The purpose of this Privacy Policy is to inform users of the DermMatch Europe website about how their personal data is collected, used, stored, and protected, in accordance with the applicable data protection regulations, in particular Regulation (EU) 2016/679 (GDPR).

3. Personal Data Collected

We may collect the following categories of data:

  • identification data: first name, last name;

  • contact data: e-mail address, telephone number, postal address;

  • order and billing data: products ordered, amount, payment method, information required for shipping;

  • customer service data: content of messages sent through the contact form or by e-mail;

  • technical and browsing data: IP address, device type, browser, pages visited, cookies and other tracking tools, within the limits of the preferences expressed by the user where required.

The GDPR requires that data subjects be informed about the categories of data processed, the purposes of the processing, and how it is carried out.

4. Purposes of Processing

The user’s personal data may be processed for the following purposes:

  • to manage orders, payments, shipments, and deliveries;

  • to provide customer support and respond to requests;

  • to manage returns, complaints, and after-sales requests;

  • to send information relating to an order;

  • to send, where permitted by law or where the user’s consent has been obtained where required, commercial communications about our products and services;

  • to improve the functioning of the website, security, and user experience;

  • to comply with legal, tax, accounting, and regulatory obligations.

This policy must clearly specify the purposes pursued by the processing.

5. Legal Bases for Processing

Depending on the case, the user’s data is processed on the basis of the following legal grounds:

  • performance of a contract or implementation of pre-contractual measures, especially for the management of orders, payments, deliveries, and requests related to purchases;

  • compliance with a legal obligation, especially in accounting, tax, or data retention matters;

  • legitimate interest of DermMatch Europe, for example to improve customer service, protect the website, or prevent fraud;

  • user consent, where required, especially for certain cookies or marketing communications.

This policy must also indicate the legal basis for the processing.

6. Mandatory or Optional Nature of Providing Data

When certain data is necessary to process an order, respond to a request, or provide a service, providing such data may be mandatory. If such data is not provided, we may be unable to process the user’s request or properly provide the requested service.

It is appropriate to indicate whether the provision of data is mandatory or optional, as well as the consequences of not providing it.

7. Data Recipients

The user’s personal data may be disclosed, within the necessary limits, to the following recipients:

  • the internal teams of DermMatch Europe;

  • technical providers involved in website hosting, maintenance, and IT management;

  • payment service providers;

  • carriers and logistics providers;

  • accounting, tax, legal, or administrative advisors;

  • competent authorities, where required by law.

Data subjects must be informed about the recipients or categories of recipients of their data.

8. Retention Period

Personal data will be retained for no longer than necessary for the purposes for which it is processed, without prejudice to any legal obligations that may require a longer retention period.

For guidance purposes:

  • data relating to orders and invoices will be retained for the period required by the applicable accounting and tax regulations;

  • data relating to contact requests will be retained for the time necessary to manage the request;

  • data used for marketing purposes will be retained for a period appropriate to the commercial relationship and applicable legal obligations;

  • cookies and tracking tools will be retained according to their nature and the applicable rules.

This policy must also indicate the retention period or the criteria used to determine it.

9. Rights of Data Subjects

In accordance with the applicable regulations, the user has the following rights, within the limits provided by law:

  • right of access;

  • right to rectification;

  • right to erasure;

  • right to restriction of processing;

  • right to object;

  • right to data portability;

  • right to withdraw consent at any time, where processing is based on consent;

  • right to provide instructions regarding the fate of their data after death, where provided for by the applicable regulations.

The GDPR specifically recognises the rights of access, rectification, erasure, restriction, objection, and portability.

10. Exercising Your Rights

The user may exercise their rights by contacting us through:

By e-mail: info@dermmatcheu.com
By post: C/ 9 de Octubre, nº 1, 46110 Godella (Valencia), Spain

To protect personal data, an identity document may be requested where necessary to verify the identity of the data subject.

Data subjects must also be informed of how to exercise their rights.

11. Complaint to the Supervisory Authority

If the user considers, after contacting us, that their rights have not been respected or that the processing of their data does not comply with the applicable regulations, they may lodge a complaint with the competent supervisory authority, in particular with the Spanish Data Protection Agency (AEPD) or with the competent authority of their place of residence.

12. Data Security

DermMatch Europe adopts appropriate technical and organisational measures to protect personal data against destruction, loss, alteration, unauthorised disclosure, or unauthorised access.

Data security forms part of the general obligations established by the GDPR.

13. Cookies and Tracking Tools

The website may use cookies and other tracking tools to ensure its proper functioning, measure audience traffic, improve the user experience, and, where applicable, provide personalised content or advertising.

Where required, the installation or reading of certain cookies will be based on the user’s consent. For more information, please consult our Cookie Policy.

General policies should be distinguished from the specific policy relating to cookies and tracking tools.

14. Data Transfers

If any of our providers is located outside the European Economic Area or processes data from a third country, we will ensure that such transfers are carried out in accordance with the applicable regulations, including through appropriate safeguards where necessary.

The GDPR regulates transfers of data outside the EU/EEA.

15. Changes to this Policy

DermMatch Europe may modify this Privacy Policy at any time to take into account legal, regulatory, technical, or business changes. The most recent version will be the one published on the website.

16. Contact

For any questions related to this Privacy Policy or the processing of personal data, you may write to us at: info@dermmatcheu.com

Start typing and press Enter to search

View more
Shopping Cart

No products in the cart.

0
Place an order