1
In compliance with the General Data Protection Regulation (GDPR) — Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 — and Spanish Organic Law 3/2018 on Personal Data Protection and digital rights guarantee (LOPD-GDD), Litofanias Artesanal informs you about the processing of your data.
Controller details
Carlos Alberto Torres Peregrino — Litofanias Artesanal
Contact email: soporte@lithofan.com
Registration base: Spain
2
As a data subject, the GDPR recognizes the following rights that you may exercise at any time. To exercise them, send your request to soporte@lithofan.com clearly indicating which right you wish to exercise. We respond within a maximum of 30 calendar days (Art. 12 GDPR), extendable by 2 additional months in complex cases.
👁️
Access
Know what personal data we process about you✏️
Rectification
Correct inaccurate or incomplete data🗑️
Erasure
Delete your data when no longer necessary⏸️
Restriction
Limit processing in certain circumstances📦
Portability
Receive your data in structured, machine-readable format🚫
Objection
Object to processing based on legitimate interest3
Each personal data processing activity we carry out is backed by a specific legal basis in accordance with Art. 6 GDPR:
Account and order management
Google Analytics cookies
Tax and commercial records
Customer support communications
4
As a general rule, your data is processed within the European Economic Area (EEA). Transfers to third countries only occur when adequate safeguards as provided for in Chapter V GDPR are guaranteed. Currently only one international transfer exists:
Google LLC (USA)
Service:
Google Analytics 4
Mechanism:
Certification:
EU-US DPF certified
5
We apply technical and organizational measures appropriate to the risk of processing in accordance with Art. 32 GDPR, taking into account the state of the art, implementation costs and the nature, scope, context and purposes of processing. This includes: pseudonymization and encryption of personal data; ability to ensure ongoing confidentiality, integrity, availability and resilience of processing; ability to restore availability and access to data in the event of an incident; and a process for regularly testing, assessing and evaluating the effectiveness of measures.
6
Given the scale and nature of processing (small artisan business, no large-scale processing of special category data), there is no legal obligation to appoint a DPO under Art. 37 GDPR. However, you may direct any data protection queries to:
Privacy contact
Email: soporte@lithofan.com
Competent supervisory authority: Spanish Data Protection Agency (AEPD) — aepd.es
You have the right to lodge a complaint with the AEPD if you believe that the processing of your data does not comply with applicable regulations. You may also contact the supervisory authority of your habitual residence, place of work or place of the alleged infringement.
7
This GDPR policy may be periodically updated to reflect changes in our data processing practices, regulatory changes or the introduction of new services. We will notify you of material changes through a prominent notice on the website or by email. The current version will always be available at lithofan.com/legal/rgpd with the date of last update.