1. WHO WE ARE
1GiftWeb is committed to protecting and respecting your privacy. This Privacy Policy aims to provide you with information on how we collect and process any personal information, for example, information about the Customer (as defined below) that allows the Customer to be identified (hereinafter referred to as “data”), in accordance with applicable data protection legislation, including EU Regulation No. 2016/679, the General Data Protection Regulation (hereinafter “GDPR”). This version of the Privacy Policy is effective from May 25, 2018. When we collect or process your data, it is important that you read this Privacy Policy, as well as any other privacy policies we may provide to you from time to time, so that you can understand how and why we use your data.
1GiftWeb is licensed to operate the portal https://1giftweb.com and the virtual store residing on it. Therefore, it can perform the operations of information and sale of the products displayed on the portal, in accordance with the conditions expressed in the different usage sections described here, without rejecting or omitting the rules and conditions governed by the current Trade Law of Spain.
1GiftWeb is a platform for purchasing digital and physical products. The Company takes necessary measures to implement advanced policies and procedures regarding data protection and to update them occasionally to protect customer data and accounts. Your data is protected by the legal, administrative, and technical measures we take to ensure the privacy, integrity, and accessibility of the data. To prevent security incidents with your data, we use a mixed organizational and technical approach based on the results of the annual risk assessment. The Company will not disclose any private information about its current and/or former Customers unless the Customer approves such disclosure in writing, or unless such disclosure is required under applicable law, or required to verify the Customer’s identity, or required for the 1GiftWeb management program to fulfill its contractual obligations concerning any agreement made with the Customer. Customer information is processed only by Company employees and/or trusted third parties who are necessary for providing our services, such as handling specific Customer Accounts. All such information will be stored on physical and electronic storage media in accordance with applicable legislation.
2. USE OF DATA
2.1 We may collect, use, store, and transfer different types of data about you, which we have grouped as follows:
– Identity Data, which includes name, surname, and patronymic (if available), date of birth, gender, passport, personal identification number, driver’s license number, and a copy of the photo.
– Contact Data includes billing address, email address, and phone numbers.
– Technical Data includes Internet Protocol (IP) address, login data, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, as well as other technologies on the devices you use to access the Website App, and information related to the use of cookies stored on your device.
– Profile Data includes details related to the account, username and password, transactions you have made, your interests, preferences, comments, and/or information we have received through your interactions with us during the provision of our services.
– Marketing and Communication Data includes your preferences regarding the advertising we may send you, as well as your communication preferences.
– Special Categories of Data/Sensitive Data, which includes information about your annual income, biometric data, and/or criminal convictions if such information is required at any time.
– Compliance Data includes information related to your education, employment status, investment experience, and data obtained from suitability tests for using the platform.
– Location Data includes information about your actual location when interacting with our website (for example, the set of parameters that determine the regional settings of your interface, i.e., country of residence, time zone, and language of the interface).
2.2 Aggregated Data includes statistical or demographic data for any purpose. Such data may be derived from your data, although by law, they may not be considered personal data as they do not reveal your direct or indirect identity. An example of such aggregated data could be if we aggregate your usage data to calculate the percentage of users who access a specific feature of the website and/or service/product preferences. However, if 1GiftWeb combines Aggregated Data with other data in such a way that the final result could somehow identify the data subject, 1GiftWeb will treat the combined data as personal data and will process it in accordance with the provisions stated here.
3. DATA PROCESSING
The processing of your data is carried out by 1GiftWeb in accordance with the principles of legality, fairness, and transparency, always respecting the purpose of data processing and the principle of data minimization, as well as accuracy and limited storage, as well as integrity, confidentiality, and accountability.
4. REASONS FOR DATA COLLECTION
Generally, 1GiftWeb collects and processes Personal Data for the following reasons:
A. To formalize your contract with us,
B. To comply with legal obligations, including, among others, the Markets in Financial Instruments Directive II (MiFID II) as it may be amended, as well as the Law of 2007 for the Prevention and Suppression of Money Laundering and Terrorist Financing, No. 188 (I)/2007, as it may be amended regularly (referred to hereinafter as the MiFID Law), as well as the Law for the Prevention and Suppression of Money Laundering and Terrorist Financing of 2007, 2010, 2012, and 2013, as amended regularly (hereinafter referred to as Anti-Money Laundering Law/s), and/or
C. To safeguard your legitimate interests.
5. DATA RETENTION
The Customer acknowledges that 1GiftWeb will store all or part of the data related to the Customer’s account, as well as in relation to transactions, in the event of a dispute between the Customer and the Company.
6. DATA UPDATES
The Customer is responsible for updating any information provided to us in case of any changes. Although we strive to keep your data updated and to review and inspect all the information you have provided, we may not always be able to do so without your assistance. The Customer acknowledges that 1GiftWeb has no obligation or responsibility regarding any review or inspection of the aforementioned information.
3. HOW YOUR PERSONAL DATA IS COLLECTED
We use different methods to collect data about you and from you, including:
1. Direct Interactions: You provide us with Identity and Contact Data via the internet through the website and/or by filling out online forms and/or by contacting us via email or otherwise. You may provide data when you wish to:
a. Register to create a user account;
b. Subscribe to our publications and ongoing updates;
c. Request to receive advertising material and promotions;
d. Participate in a contest, promotion, or survey; and/or
e. Provide feedback or contact us.
2. We need to collect the above data to (i) provide you with our services efficiently, (ii) comply with our legal and regulatory obligations, which include, among other things, (a) preventing fraud and money laundering and/or (b) conducting suitability assessments.
3. If you do not provide the data when requested, we may not be able to perform the contract we have with you or are trying to enter into with you (for example, to provide you with our services). In this case, we may have to cancel a service you have with us, but we will notify you if that is the case at the time. It is important that the information we hold about you is accurate and current. Please keep us informed if your data changes during your relationship with us.
4. Automatic Technologies or Interactions
When using our services, your device automatically transmits its technical characteristics to us. Place (a set of parameters that determine the regional settings of your interface, i.e., country of residence, time zone, and language of the interface) and is used to provide you with the best possible service on our platform. The use of information about your IP address, browser and operating system information, date and time of access to the site, as well as the addresses of the requested pages, allows us to provide you with optimal functionality on our web, mobile, and/or desktop applications, as well as to monitor your behavior to improve the efficiency and usability of our Services. Any use of analytics tools will be for the purpose of tracking the performance of our website and the source of user marketing, in order to optimize our advertising costs and provide users with a better experience. You may request, at any time, that we refrain from carrying out such transmissions (to the extent possible and in accordance with any of our legal obligations) by sending your request to the data protection officer, for which you can use our contact details provided below. We will respond to your request within 30 business days.
5. COOKIES
A cookie is a small amount of data that often includes a unique identifier sent to your computer or device browser from a website’s computer and is stored on your device’s hard drive to track site usage. A website can send its own cookie to your browser if your browser settings allow it; however, to protect your privacy, your browser will only allow a website to access the cookies it has already sent to you, not those sent by other websites. Many websites do this every time a user visits their site in order to track Internet traffic flows. When you visit our website, 1GiftWeb does not store your cookies to add an extra layer of confidentiality in the transmissions; however, stored cookies can determine the path you have used on our website and may be used to identify anonymously frequent users, as well as the most popular pages among customers, which may require you to restart your browser or manually delete stored cookies