🪨
Litofanias
FeaturesGalleryAbout
Log inSign up

GDPR

Updated: Dec 20, 2024

1

Data Controller

In compliance with the General Data Protection Regulation (GDPR) — Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 — and Spanish Organic Law 3/2018 on Personal Data Protection and digital rights guarantee (LOPD-GDD), Litofanias Artesanal informs you about the processing of your data.

Controller details

Carlos Alberto Torres PeregrinoLitofanias Artesanal
Contact email: soporte@lithofan.com
Registration base: Spain


2

Data Subject Rights

As a data subject, the GDPR recognizes the following rights that you may exercise at any time. To exercise them, send your request to soporte@lithofan.com clearly indicating which right you wish to exercise. We respond within a maximum of 30 calendar days (Art. 12 GDPR), extendable by 2 additional months in complex cases.

👁️

Access

Know what personal data we process about you

✏️

Rectification

Correct inaccurate or incomplete data

🗑️

Erasure

Delete your data when no longer necessary

⏸️

Restriction

Limit processing in certain circumstances

📦

Portability

Receive your data in structured, machine-readable format

🚫

Objection

Object to processing based on legitimate interest
Arts. 15–22 GDPR. If your request is rejected, we will inform you of the reasons and your right to complain to the supervisory authority.

4

International Data Transfers

As a general rule, your data is processed within the European Economic Area (EEA). Transfers to third countries only occur when adequate safeguards as provided for in Chapter V GDPR are guaranteed. Currently only one international transfer exists:

Google LLC (USA)

Service:

Google Analytics 4

Mechanism:

SCC (Dec. 2021/914) + EU-US DPF

Certification:

EU-US DPF certified

Note: The previous Privacy Shield was invalidated by the CJEU on July 16, 2020 (case C-311/18, Schrems II) and is not applicable.

5

Security Measures (Art. 32 GDPR)

We apply technical and organizational measures appropriate to the risk of processing in accordance with Art. 32 GDPR, taking into account the state of the art, implementation costs and the nature, scope, context and purposes of processing. This includes: pseudonymization and encryption of personal data; ability to ensure ongoing confidentiality, integrity, availability and resilience of processing; ability to restore availability and access to data in the event of an incident; and a process for regularly testing, assessing and evaluating the effectiveness of measures.


6

Data Protection Officer and Complaints

Given the scale and nature of processing (small artisan business, no large-scale processing of special category data), there is no legal obligation to appoint a DPO under Art. 37 GDPR. However, you may direct any data protection queries to:

Privacy contact

Email: soporte@lithofan.com
Competent supervisory authority: Spanish Data Protection Agency (AEPD)aepd.es

You have the right to lodge a complaint with the AEPD if you believe that the processing of your data does not comply with applicable regulations. You may also contact the supervisory authority of your habitual residence, place of work or place of the alleged infringement.


7

Policy Updates

This GDPR policy may be periodically updated to reflect changes in our data processing practices, regulatory changes or the introduction of new services. We will notify you of material changes through a prominent notice on the website or by email. The current version will always be available at lithofan.com/legal/rgpd with the date of last update.

Cookie PolicyTerms of Service