At the BERNABE LEON TEJERA Group of Companies we are committed to ensuring that your personal information is protected and is not misused.
In this document we explain who is responsible for the treatment, for what purpose your personal information will be processed, the legitimacy for the treatment, how we collect it, why we collect it, how we use it, the rights that assist you and also explain the processes we have put in place to protect your privacy.
By providing us with your personal information and using our websites, we understand that you have read and understood the terms related to the personal data protection information that is exposed. The Companies of the BERNABE LEON TEJERA Group assume the responsibility of complying with current legislation on national and European data protection, and have the objective of treating your data in a lawful, loyal and transparent manner.
AREA OF APPLICATION
This document is applicable to all the companies of the BERNABE LEON TEJERA Group.
CONSIDERATIONS TO TAKE INTO ACCOUNT
WHO IS RESPONSIBLE FOR THE TREATMENT?
The definition of data controller is described in the General Data Protection Regulation, and is as follows:
RESPONSIBLE FOR THE TREATMENT” OR “RESPONSIBLE”
The natural or legal person, public authority, service or other body which, alone or jointly with others, determines the purposes and means of processing.
All the companies of the BERNABE LEON TEJERA group are in some way responsible for the processing of personal information that they carry out on their clients.
If you have any type of query, comment or concern, or if you wish to make a suggestion about how we use personal information, you can send an email to the Data Protection Officer of the BERNABE LEON TEJERA Group at the email address email@example.com .
INFORMATION ABOUT THE COMPANIES OF THE BERNABE LEON TEJERA
Innovation is one of the hallmarks of all the companies that make up the BERNABE LEON TEJERA. We constantly introduce innovations in fields as diverse as fashion and accessories, decoration and the home, technology, food and catering, and culture.
Business name BERNABE LEON TEJERA
Registered office: PUNTARENAS 6, MASPALOMAS, 35109, LAS PALMAS
Telephone: 693 769 503
FOR WHAT PURPOSE DO WE COLLECT YOUR PERSONAL INFORMATION?
The main reason why we collect your personal information is to facilitate and improve the service that you as a customer expect from us.
We collect your personal information to manage your purchases, orders or requests that you make to us, either in one of our shopping centers, stores, agencies, supermarkets or through our web pages or applications, by telephone or in a paper form.
Below, we include the main purposes that we have identified in the companies of the BERNABE LEON TEJERA Group:
Compliance with legal obligations, including, without limitation, Law 10/2010 on the Prevention of Money Laundering.
Management of the contracting of products or services offered by any of the companies of the BERNABE LEON TEJERA Group, including distance selling and management of shipments and returns.
Create and manage a personal account with a single registration to be used in the acquisition of products and services offered on any website of the companies of the BERNABE LEON TEJERA Group.
Channel requests for information, suggestions and customer complaints for their management and resolution.
Surveys to improve our services.
Market studies and commercial prospecting, reports on consumer habits, statistical data and market trends, in order to offer you products and services that may be of interest to you.
Carry out profiles and analyzes on the behavior of our clients when using our websites or applications, but only if you give us your consent.
Keep you informed about our latest products, offers, opportunities, etc. The channels we usually use are: email, postal mail, telephone, SMS, Push message, but only if you give us your consent.
Capture of images of people and vehicles for security reasons and help in emergency plans and evacuation of buildings.
Management for the refund of VAT for purchases by non-resident tourists in the European Community.
Personnel selection management.
HOW DO WE COLLECT INFORMATION ABOUT YOU?
We collect personal information about you through different means, in some cases you will contact us to share your personal information, and in other cases we collect your personal data using other means. Below we will explain the different ways in which we collect personal information about you and some examples in which we use such information.
INFORMATION YOU PROVIDE US
We collect personal information that you provide us through some of the BERNABE LEON TEJERA Group websites, email, mobile phone, when you contract a service, when you fill out a form, or others. In any case, at the time of collection you will be informed of the person responsible for the treatment, the purpose of the treatment, the recipients of the information, as well as the way to exercise the rights granted by current legislation on data protection.
For example: You may provide us with information when you contact our customer service, place a purchase order, register on our sites, update your preferences and account information, fill out a questionnaire, participate in a contest etc
Generally, the personal information that you provide us is: name and surname, address, ID, date of birth, email, contact telephone number and payment information. In very particular cases, and depending on the purpose and intended use of your data, data may be collected on personal, academic and professional characteristics, employment details, commercial information, social, economic and insurance circumstances, transfers of goods and services.
If you have never asked us to send you commercial communications, you can sign up for the different newsletters that we make available to you or by sending us an email to firstname.lastname@example.org
INFORMATION WE COLLECT FROM YOUR VISITS ON OUR WEBSITES
We collect and store limited personal information and anonymous aggregate statistics from all users who visit our websites, whether you actively provide us with such information or are simply browsing our websites. The information we collect includes the Internet Protocol (IP) address of the device you are using, the browser program you are using, your operating system, the date and time of access, the Internet address of the website from which you accessed our websites and also information about how you use our websites.
We use this information to know the loading time of our websites, how they are used, the number of visits to the different sections and the type of information that most attracts visitors. It also helps to identify if the web works correctly, and if we detect failures or errors in the operation, to solve them and improve the performance of our websites, in order to offer a better service to all users.
The use of social networks is becoming more frequent and in this sense the BERNABE LEON TEJERA Group is present in most of them, and it is another way of contacting you.
The information we collect through social media sometimes includes personal information that is available online and to the public. We always make sure that any information we use is correctly attributed to its source or made anonymous.
These social networks may have their own privacy policies, which will explain how they use and share your personal information. We recommend that you carefully review the privacy policies before using these social networks to make sure that you are happy with the way in which your personal information is collected and shared.
When using the APPs, Grupo BERNABE LEON TEJERA has a geolocation tool whose main purpose is to know your location to show you the closest establishment to your location. Having activated the geolocation function of the mobile device allows you to benefit from all the functionalities of the Applications. If you do not have geolocation activated, we will inform you and ask for permission beforehand with a notification.
This geolocation service will not be used to provide your location to third parties, except as required by law.
Most mobile devices provide users with the ability to disable location services. Most likely, such a possibility is located in the settings menu of the device. If you have questions about how to disable location services on your device, we recommend that you contact your mobile service operator or the manufacturer of your device.
To disable location services on your Android device, select Location Services in your phone’s settings menu. Most Android devices allow you to disable location services for your entire phone, such as GPS services and location services from other companies. Typically, when the box to enable location services is not checked, location services will remain disabled.
To disable location services on your iPhone device you can disable location services on all iPhone models from the Settings menu, selecting Location Services. To disable location services for the entire device, slide the bar until you see the option Off. To disable location services for a certain app, slide the bar next to each app name until you see Disable.
WHAT IS THE LEGITIMATION FOR THE PROCESSING OF PERSONAL INFORMATION?
For the treatment of your personal information we rely on legitimacy for several reasons:
For the fulfillment of a contract and/or commercial relationship.
To comply with different legal obligations.
For legitimate interest, for example, for security reasons, fraud prevention, to improve our services and products through market research, or to manage requests, queries or possible claims that may arise.
With your consent, for example, for the sending of personalized offers from the companies of the BERNABE LEON TEJERA Group.
TO WHOM CAN WE COMMUNICATE YOUR PERSONAL INFORMATION?
If you have given us your consent, the information you provide will be communicated to the BERNABE LEON TEJERA companies , to treat it for the purposes described above. Not all the purposes described entail a transfer of data, particularly considering that the data is collected directly by each of the Group companies.
In some cases, it is necessary for us to communicate the information you have provided to third parties in order to provide you with the requested service, for example, travel and hotel reservations, logistics, transport and delivery services, installers and/or assemblers, and renovations of the home etc
Likewise, there are companies that provide us with other types of services such as: information technology (information storage and processing), security services, financial services, audit services, etc.
These third parties only have access to the personal information they need to perform those services. They are required to keep your personal information confidential and may not use it in any way other than as requested by us.
In all cases, the companies of the BERNABE LEON TEJERA Group assume responsibility for the personal information you provide us, and we ask those companies with which we share your personal information to apply the same degree of protection of the information that we do.
Likewise, your personal information will be available to the Public Administrations, Judges and Courts, for the attention of the possible responsibilities arising from the treatment.
The personal information we collect resides in Spain, although it is possible that some Group companies have a presence in other countries and your personal information is collected in the country in which you reside.
In certain cases, services are contracted in Cloud Computing mode in the USA, making international data transfers. In these cases, the appropriate guarantees are adopted to protect your information regarding which you can obtain additional information by writing to email@example.com.
LINKS TO THIRD PARTY WEBSITES
In the event that we provide links to websites that are not operated or controlled by the companies of the BERNABE LEON TEJERA Group, you will be promptly informed since the companies of the BERNABE LEON TEJERA Group do not have any control over said sites nor are they responsible for the their content, nor do they have control over the way in which third parties collect and use your personal information, nor are they responsible for or offer any statement about third-party websites.
These websites may have their own privacy policies that explain how they use and share your personal information. We recommend that you carefully review the privacy policies before using these websites to ensure that you are happy with the way in which your personal information is collected and shared.
HOW LONG DO WE STORE YOUR PERSONAL INFORMATION?
We only store your personal information to the extent that we need it in order to use it according to the purpose for which it was collected, and according to the legal basis for processing it in accordance with applicable law. We will keep your personal information as long as there is a contractual and/or commercial relationship with you, or as long as you do not exercise your right to delete and/or limit the processing of your data.
In these cases, we will keep the information duly blocked, without giving it any use, as long as it may be necessary for the exercise or defense of claims or some type of judicial, legal or contractual responsibility may arise from its treatment, which must be addressed and for which its recovery is necessary.
HOW CAN YOU EXERCISE YOUR RIGHTS?
The data protection regulations allow you to exercise your rights of access, rectification, opposition, deletion, limitation of treatment, portability and not to be subject to individualized decisions before the data controller.
These rights are characterized by the following:
Your exercise is free
If the requests are manifestly unfounded or excessive (for example, repetitive), the controller may:
Charge a fee proportional to the administrative costs incurred.
Refuse to act.
Requests must be answered within a month, although, if the complexity and number of requests are taken into account, the term can be extended for another two more months.
The person in charge is obliged to inform you about the means to exercise these rights. These means must be accessible and this right cannot be denied for the sole reason that you choose another means.
If the request is submitted by electronic means, the information will be provided by these means when possible, unless the interested party requests that it be otherwise.
If the person in charge does not process the request, they will inform, no later than one month, of the reasons for their non-action and the possibility of claiming before a Control Authority.
You can exercise your rights directly or through your legal representative.
It is possible that the person in charge is the one who attends to your request on behalf of the person in charge if both have established it in the contract or legal act that binds them.
RIGHT OF ACCESS
The right of access admits that you can contact the data controller to find out whether or not your personal data is being processed.
Download the right of access form here
RIGHT OF RECTIFICATION
The right of rectification admits that you can obtain the rectification of your personal data that is inaccurate without undue delay from the person responsible for the treatment.
Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of an additional declaration.
In your request you must indicate what data you are referring to and the correction that must be made. In addition, when necessary, you must accompany your request with the documentation that justifies the inaccuracy or incompleteness of your data.
Download here the right of rectification form
RIGHT OF OPPOSITION
The right of opposition, as its name indicates, means that you can oppose the person responsible for processing personal data in the following cases:
When they are subject to treatment based on a mission of public interest or legitimate interest, including profiling.
When the purpose of the treatment is direct marketing, also including the aforementioned profiling.
Download here the opposition right form
RIGHT OF SUPPRESSION
The right of deletion may be exercised before the person in charge requesting the deletion of your personal data when any of the following circumstances occur:
If your personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed.
If the processing of your personal data has been based on the consent that you gave to the person in charge, and you withdraw it, provided that the aforementioned treatment is not based on another cause that legitimizes it.
The treatment of the person in charge was based on the legitimate interest or in the fulfillment of a mission of public interest, and other reasons have not prevailed to legitimize the treatment of your data.
To have your personal data subject to direct marketing, including profiling related to said marketing.
If your personal data has been processed unlawfully.
However, this right is not unlimited, in such a way that it may be feasible not to proceed with the deletion when the treatment is necessary for the exercise of freedom of expression and information, for the fulfillment of a legal obligation, for the fulfillment of a mission carried out in the public interest or in the exercise of public powers vested in the controller, for reasons of public interest, in the field of public health, for purposes of archiving in the public interest, scientific or historical research purposes or statistical purposes, or for the formulation, exercise or defense of claims.
The person in charge of the treatment will be obliged to block the data when it proceeds to its rectification or deletion.
The blocking of the data consists of the identification and reservation of the same, adopting technical and organizational measures, to prevent its treatment, including its visualization, except for the provision of the data to the judges and courts, the Public Prosecutor’s Office or the Competent Public Administrations, in particular the data protection authorities, for the requirement of possible responsibilities derived from the treatment and only for the limitation period thereof.
After this period, the data must be destroyed.
Download here the right of deletion form
RIGHT TO LIMITATION OF PROCESSING
This new right consists of obtaining the limitation of the processing of your data by the person in charge, although its exercise has two aspects:
You can request the suspension of the processing of your data:
When you challenge the accuracy of your personal data, during a period that allows the controller to verify it.
When you have objected to the processing of your personal data that the person in charge carries out based on legitimate interest or mission of public interest, while he verifies if these reasons prevail over yours.
Request the person responsible for the conservation of your data:
When the treatment is illegal and you have opposed the deletion of your data and instead request the limitation of its use.
When the person in charge no longer needs the personal data for the purposes of the treatment, but the interested party needs them for the formulation, exercise or defense of claims.
Download the limitation right form here
RIGHT TO PORTABILITY
The purpose of this new right is to further strengthen the control of your personal data, so that when the treatment is carried out by automated means, you receive your personal data in a structured, commonly used, machine-readable and interoperable format, and can transmit them to another person responsible for the treatment, provided that the treatment is legitimized on the basis of consent or in the framework of the execution of a contract.
However, this right, by its very nature, cannot be applied when the treatment is necessary for the fulfillment of a mission of public interest or in the exercise of public powers conferred on the person in charge.
Download here the right of portability form
WHERE CAN YOU EXERCISE YOUR RIGHTS?
In order to exercise your rights, BERNABE LEON TEJERA and its Group of companies make the following means available to you:
By means of a written and signed request addressed to BERNABE LEON TEJERA, Calle Hermosilla 112, 28009-Madrid, Ref. LOPD, and must attach a photocopy of the DNI or document proving the identity of the applicant.
Sending the completed and signed form together with a photocopy and/or scanned copy of the DNI or document proving the applicant’s identity to the email address firstname.lastname@example.org.
Calling the Customer Service phone number 693769503.
At the Customer Service Department of any of the shopping centers that BERNABE LEON TEJERA has.
You may file a claim with the Spanish Agency for Data Protection, especially when you are not satisfied with the response to the exercise of your rights, for more details you can consult the website www.agpd.es
HOW DO WE PROTECT YOUR PERSONAL INFORMATION?
We are committed to protecting your personal information. We use appropriate technical and organizational measures to protect your personal information and privacy, and we review such measures periodically. We protect your personal information by using a combination of both physical and computer or logical security controls, including access controls that restrict and manage how your personal information and personal data is processed, administered and managed. We also make sure that our employees are properly trained to protect your personal information. Our procedures indicate that we may require proof of identity before sharing your personal information with you.
In accordance with our guarantee of security and confidentiality, we are especially interested in providing you with the highest level of security and protecting the confidentiality of the personal information you provide to us. Therefore, commercial transactions are carried out in a secure server environment under SSL (Secure Socket Layer) protocol.
If at any time you have problems accessing any part of our website, it may be due to the model or version of your browser or the configuration of its options. If you need us to help you find the solution or if you have any questions regarding the operation of our purchase system, call us at 902 22 44 11. We will be happy to assist you.
The Internet is a medium that makes it possible to carry out commercial transactions through the network. Therefore, one of the main concerns on the part of users who use the Internet is the security of data on the network.
An Electronic Commerce transaction is understood as the entire process of carrying out a commercial agreement, including the contact between both parties: client and company. The aspects that every commercial transaction must meet must be:
The Authentication that guarantees the legal or physical personality with which we communicate.
Integrity, that is, that the content of the communication between both parties cannot be modified.
Confidentiality, which consists of the guarantee that no unauthorized person can know the content of the communication.
We are especially concerned about security and ensuring the confidentiality of the data provided by you. For this reason, in addition to being founding members of the @ECE (Spanish Association of Electronic Commerce) we are adhered to Confianza Online, a system for resolving possible disputes that may arise between consumers and companies in the field of Electronic Commerce and Advertising. Interactiva, supported by a large number of business associations, the National Consumer Institute, the Spanish Agency for Data Protection and the Ministry of Science and Technology.
ARE THE DATA OF MINORS PROCESSED?
The web pages of the BERNABE LEON TEJERA Group, the applications and the products are not normally directed at minors. Although on occasion we can carry out a campaign, such as the launch of consoles or video games, in which minors can show their interest. However, we do not deliberately collect any personal information from minors, except with the authorization of the parent or guardian.
If you are a minor, please do not attempt to register as a user of our websites, applications or products. If we discover that we have inadvertently obtained personal information from a minor, we will delete such information as soon as possible.
WHAT PRECAUTIONS SHOULD BE TAKEN INTO ACCOUNT?
These are some of the precautions that we advise our clients should take:
Do not provide anyone with the username or password.
Do not write it down in easily accessible places: computer, diary, etc.
Always use our SSL security system.
Always disconnect the browser session after having accessed a security zone or having entered the user name or password into the system.
Modifications to this data protection information
We will review and update the data protection information when there are changes in the legislation or in any of the procedures for the treatment of your personal information.
This data protection information was last reviewed and updated in October 2019.