Privacy Policy

INTRODUCTION

At www.ninalo.com, responsible for Multi Liberty SL, we are committed to ensuring that your personal data is protected and is not subject to misuse.

In this document we explain who is the data controller, for what purpose your personal data is processed, the legality of the processing, how we collect it, why we collect it, how we use it, what your rights are and we also explain the processes we have in place to protect your privacy.

If you provide your personal data and use our websites, we assume that you have read and understood the terms and conditions protecting your personal data. Multi Liberty SL is responsible for compliance with applicable national and European data protection legislation and strives to process your data in a legal, fair and transparent manner.

This document applies to Multi Liberty SL

CONSIDERATIONS TO TAKE INTO ACCOUNT

WHO IS RESPONSIBLE FOR DATA PROCESSING?

The definition of “data controller” is described in the General Data Protection Regulation and reads as follows:

“DATA PROCESSOR” OR “DATA CONTROLLER” IS MEANT.

The natural or legal person, public authority, service or other body which, alone or jointly with others, determines the purposes and means of the processing.

Ninalo is responsible for the processing of personal data provided by its customers.

If you have any questions, comments or concerns, or would like to make suggestions regarding the use of your personal data, please email the Privacy Officer at info@ninalo.com .


Information about Ninalo

We are constantly launching new products in areas as diverse as fashion and accessories, decoration and furnishings, and pet accessories.

Company name: Multi Liberty SL

Head office: Calle cruces de san juan, 47. 35015 - Las Palmas de Gran Canaria, Spain.

TAX IDENTIFICATION NUMBER: B27852839.

Email: info@ninalo.com

Website: www.ninalo.com

FOR WHAT PURPOSE DO WE COLLECT YOUR PERSONAL DATA?

The main reason why we collect your personal data is to facilitate and improve the service you expect from us as a customer.

We collect your personal data to process purchases, orders or requests you make on our websites or in our applications, even if some of the above services are temporarily inactive.

These are the main purposes that we have identified in Ninalo:

Comply with legal obligations, including but not limited to Law 10/2010 on the Prevention of Money Laundering.
Manage the purchase of products or services offered by www.ninalo.com, including distance selling and management of shipping and returns.

The creation and management of a personal account with a unique registration that can be used to purchase products and services offered on www.ninalo.com.

Transmission of customer questions, suggestions and complaints in order to manage and resolve them.

Surveys aimed at improving our services.
Market and marketing research, reports on consumer habits, statistical data and market trends in order to offer you products and services that may be of interest to you.
Profiling and analyzing our customers' behavior when they use our websites or applications, but only if you give us permission to do so.
To keep you informed about our latest products, offers, opportunities, etc. We generally use the following channels: email, telephone, SMS, push notifications, but only if you give us your consent.
▪ Administration for the reimbursement of VAT on purchases made by tourists who are not residents of the European Community.

HOW DO WE COLLECT INFORMATION ABOUT YOU?

We collect personal information about you in different ways. In some cases, you contact us to provide us with your personal information, and in other cases, we collect your personal information through other means. Below we explain the different ways we collect your personal information and give some examples of how we use this information.

HOW DO WE COLLECT INFORMATION ABOUT YOU?

We collect personal information about you in different ways. In some cases, you contact us to provide us with your personal information, and in other cases, we collect your personal information through other means. Below we explain the different ways we collect personal information about you and some examples of how we use this information.

INFORMATION YOU PROVIDE TO US.

We collect personal information that you provide to us through certain Ninalo websites, by email, by mobile phone, when you order a service, or by other means. In each case, you will be informed, at the time of collection, of the owner, the purpose of the processing, the recipients of the information and how to exercise your rights under applicable data protection legislation.

Example: You may provide us with information when you contact our customer service, place an order, register on our websites, update your preferences and account details, complete a questionnaire, enter a competition, etc.

Typically, you will provide us with the following personal information: First and last name, address, identification number, date of birth, email address, telephone number and payment data. In very specific cases and depending on the purpose and use of your data, we may collect data on personal, academic and professional characteristics, employment data, commercial information, social, economic conditions and insurance and the transfer of goods and services. You also consent to the transfer of data to financial institutions for the processing of consumer deferred payment purchase contracts.

If you have never requested that we send you promotional communications, you can subscribe to the various newsletters that we make available to you or send us an email at info@ninalo.com.

INFORMATION WE COLLECT WHEN YOU VISIT OUR WEBSITE.

We collect and store limited personal information and anonymous aggregate statistics about all users who visit our website, whether you actively provide us with this information or are simply visiting our website. The information we collect includes the Internet Protocol ("IP") address of the device you are using, the browser software you are using, your operating system, the browser software you are using, your browser system. operation, the date and time of your visit to the site.

The IP address of the device you are using, the browser software you are using, your operating system, the date and time of access, the internet address of the website from which you accessed our websites, and information about how you use our website.

We use this information to determine how long our website loads, how it is used, the number of visits to different parts of our website and what type of information attracts the most visitors. This also allows us to determine whether the website is functioning properly and, if we discover any errors or bugs in the operation of the website, we can correct them and improve the performance of our website to better serve all users.

This information is collected using cookies. For more information, see the cookie policy.

SOCIAL NETWORKS

It is increasingly common to use social networks and, in this sense, Ninalo is present in most of these networks, which is another way to connect with you.

The information we collect through social media sometimes contains personal information that is online and publicly available. We always ensure that the information we use is correctly attributed to its source or anonymized.

These social networks may have their own privacy policies explaining how they use and share your personal information. We recommend that you carefully read the privacy policies of these social networks before using them to ensure that you are comfortable with how your personal information is collected and shared.

MOBILE PHONE

If you are using your mobile phone, www.ninalo.com has a geolocation function whose main objective is to detect your location to show you the nearest room. If you have activated the geolocation function on your mobile device, you can use all the functions of the applications. If geolocation is not activated, we will inform you and ask for your prior consent through a warning message.

This location-based service will not be used to share your location with third parties, unless required by law.

Most mobile devices allow the user to turn off location services. This function is usually found in the device settings menu. If you have any questions about how to turn off location services on your device, we recommend contacting your wireless carrier or device manufacturer.

To turn off location services on your Android device, select Location Services in your phone's settings menu. On most Android devices, you can turn off location services for the entire phone, such as GPS services and third-party location services. If you do not check the box to enable location services, they generally remain disabled.

You can turn off location services on your iPhone by going to the "Settings" menu and selecting "Location." To turn off location services for the entire device, swipe down until you see the Turn off option. To turn off location services for a specific app, swipe down next to the app name until you see the Turn Off option.

WHAT IS THE LEGAL BASIS FOR PROCESSING PERSONAL DATA?

We process your personal data on a lawful basis for a number of reasons:

Execute a contract and/or a business relationship.
To comply with various legal obligations.
For reasons of legitimate interest, for example for security reasons, fraud prevention, to improve our services and products through market research or to deal with requests, questions or complaints.
With your consent, for example to send you personalized offers from www.ninalo.com.

WHOM CAN WE SHARE YOUR PERSONAL DATA WITH?

If you have given us your consent, the data you provide will be shared with Ninalo to be processed for the purposes described above. Not all purposes described above require the transfer of data. In some cases it is necessary for us to transfer the data you provide to third parties in order to provide the requested service, such as logistics, transport and delivery services, installers and/or fitters, home renovators , etc.

There are also companies that provide us with other types of services, such as: Information technology (information storage and processing), security services, financial services, auditing services, etc.

These third parties only have access to the personal data they need to provide these services. These third parties only have access to the personal data they need to provide these services. They are required to keep the personal data that you provide to them.

The confidentiality of your personal data and not using it for purposes other than those requested by us.

In all cases, Ninalo is responsible for the personal data you provide to us and we require that the companies with which we share your personal data apply the same level of data protection as we do.

Likewise, your personal data will be made available to government authorities, judges and courts in order to clarify any liability arising from their processing.

INTERNATIONAL TRANSFER

The personal data we collect is located in France, although some Group companies may operate in other countries and your personal data may be collected in your country of residence.

In some cases, cloud computing services are contracted in third countries, resulting in international data transfers. In these cases, there are appropriate guarantees to protect your data, about which you can obtain more information by writing to info@ninalo.com.

Our store is hosted by Shopify International Limited. It provides us with the e-commerce platform that allows us to sell our services and products to you.

Your data is stored in Shopify's database and data storage system and in the general Shopify application. Your data is stored on a secure server protected by a firewall.

If you make your purchase through a direct payment gateway, Shopify stores your credit card information. This information is encrypted in accordance with the Payment Card Industry Data Security Standard (PCI-DSS). Information relating to your purchase transaction is stored for as long as necessary to complete your order. Once your order is completed, the information relating to the purchase transaction is deleted.

All direct payment gateways adhere to the PCI-DSS standard, which is administered by the PCI Security Standards Council, a joint effort of companies such as Visa, MasterCard, American Express and Discover.

PCI-DSS requirements ensure the secure processing of credit card data by our store and its service providers.

LINKS TO THIRD PARTY WEBSITES

In the event that we provide links to websites that are not operated or controlled by Ninalo, you will be informed immediately, as Ninalo has no control over these websites and is not responsible for their content, nor has no control over how others collect and use your personal information, and is not responsible for and does not explain third party websites.

These websites may have their own privacy policies explaining how they use and share your personal information. We recommend that you read their privacy policies carefully before using these websites, to ensure that you are comfortable with how your personal information is collected and shared.

COOKIE POLICY

www.ninalo. com uses cookies to provide a better service and browsing experience. We want the cookies we use to be clear and concise, and we explain below what a cookie is, what it is for, the types of cookies we use, their purpose and how you can enable or disable them if you wish it.

WHAT IS A COOKIE AND WHAT IS IT FOR?

A “cookie” is a small file stored on the user’s computer, tablet, smartphone or other device, containing browsing information.

Setting cookies for all of our users helps us improve the quality of our website. This lets us know which pages are useful, which are not, and which can be improved.

Cookies are essential for the proper functioning of the Internet. They offer many benefits by providing interactive services and facilitating the navigation and usability of our website. Under no circumstances can cookies damage your computer. Rather, the fact that they are active helps us detect and correct errors.

WHAT TYPES OF COOKIES DO WE USE? DEPENDING ON THEIR MANAGEMENT

Personal cookies

These are cookies sent to your computer from our own devices or domains from which we provide the service you have requested.

Third-party cookies

These are cookies sent to your computer from a computer or domain that is not managed by us, but by another company with which we work.

DEPENDING ON THEIR DURATION OF ACTIVITY

Session cookies

These are temporary cookies that remain in your browser's cookie file until you leave the website, and none of these cookies are stored on your computer's hard drive. The information obtained from these cookies is used to analyze web traffic patterns. Ultimately, this allows us to provide a better experience by improving content and user experience.

Persistent cookies

They are stored on your hard drive and are read by our website each time you visit. A persistent cookie has a specific expiration date. Once this date has passed, the cookie stops working. We generally use these cookies to facilitate purchasing and registration services.

DEPENDING ON THEIR OBJECTIVE

Technical cookies

These cookies are necessary for navigation and the proper functioning of our website. They enable, for example, traffic management and data transfer, access to protected areas, the order purchasing process, the use of security functions, content storage for video transfer or sharing content on social networks.

Personalization cookies

These cookies allow you to access the service with predefined characteristics based on certain criteria, such as the language, the type of browser you use to access the service, the regional configuration from which you access the service, etc.

Cookies for analytical purposes

These cookies make it possible to quantify the number of users and statistically analyze the use of the services offered by users. To do this, your browsing behavior on our website is analyzed in order to improve our services. We also use analytical cookies for device recognition and fraud prevention in certain transactions with the Financiera El Corte Inglés shopping card and for all transactions financed by this entity.

Cookies for advertising purposes

These cookies allow us to efficiently manage the advertising spaces that may be included on our website.

Behavioral advertising cookies

These cookies store information about user behavior obtained through continuous monitoring. They allow us to understand your browsing behavior on the Internet and to show you advertisements related to your browsing profile.

COOKIES USED

We describe the cookies used on our website below:

_session_id, a unique session ID that allows Shopify to store information about your session (referrer, homepage, etc.).

_shopify_visit, without data storage, persists for 30 minutes since the last visit. Used by our website provider's internal statistical tracking tool to track the number of visits.

_shopify_unique, without data storage, expires at midnight (depending on the visitor's location) of the following day. Calculation of the number of visits to a store per individual customer.

_shopify_cart, unique identifier, kept for 2 weeks, stores information about your cart.

_secure_session_id, storefront_digest unique session identifier, unique identifier, undefined if the store has a password, used to determine if the current visitor has access.

HOW LONG DO WE KEEP YOUR PERSONAL DATA?

We only retain your personal data for as long as necessary to fulfill the purpose for which it was collected, in accordance with applicable law. We keep your personal data for as long as we have a contractual and/or commercial relationship with you, or as long as you do not exercise your right to delete it and/or limit its processing.

In this case, we will retain the appropriately protected data without using it for as long as it is necessary to assert or defend claims or could give rise to processing, judicial, legal or contractual claims that need to be addressed and for which recovery is necessary.

HOW CAN YOU EXERCISE YOUR RIGHTS?

In accordance with the data protection regulations, you can exercise your rights of access, rectification, opposition, erasure, limitation of processing, portability and not to be subject to an individual decision taken by the controller of treatment.

These rights are characterized by the following characteristics.

HOW CAN YOU EXERCISE YOUR RIGHTS?

In accordance with the data protection regulations, you can exercise your rights of access, rectification, opposition, deletion, limitation of processing, portability and not to be subject to an individual decision taken by the person responsible for the data protection. treatment.

These rights are characterized by the following characteristics.

They can be exercised free of charge. If the requests are manifestly unfounded or excessive (e.g. repeated requests), the controller may charge a fee corresponding to the administrative costs. Refuse to act. Requests must be processed within one month, but this deadline may be extended by two months depending on the complexity and number of requests. The data controller must inform you of the means to exercise these rights. These means must be accessible, and you must not be denied the exercise of these rights simply because you choose another means. If the request is made electronically, the information is provided electronically as much as possible, unless the requester expressly requests another form. If the data controller does not comply with the request, he must inform the data subject within one month of the reasons for his non-compliance and of the possibility of lodging a complaint with the supervisory authority. You can exercise your rights directly or through your legal representative.

The data controller may process the request on behalf of the data subject if both parties agree to this in an agreement or legal document binding them.

PERMISSION TO ACCESS

The right of access allows you to contact the data controller to find out whether your personal data is processed or not.

RIGHT OF RECTIFICATION

The right to rectification allows you to ask the data controller to rectify your inaccurate personal data without undue delay.

Taking into account the purposes of the processing, you have the right to request that incomplete personal data be completed, including by means of a supplementary declaration.

In your request, you must indicate which data is affected and what correction must be made. In addition, your request may possibly be accompanied by documents proving the inaccuracy or incompleteness of your data.

RIGHT OF OPPOSITION

The right to object, as its name indicates, allows you to object to the processing of your personal data by the data controller in the following cases:

When the processing is based on a mission of general interest or on a legitimate interest, including profiling. When the processing is carried out for direct marketing purposes, including the profiling mentioned above.

RIGHT TO DELETION

The right to erasure can be exercised in the following cases, by asking the data controller to delete your personal data:

If your personal data is no longer necessary for the purposes for which it was collected or otherwise processed. If the processing of your personal data is based on the consent you have given and you have withdrawn that consent, unless the processing is based on another legal basis. If the processing carried out by the controller was based on a legitimate interest or the performance of a task of general interest, and if your interests or fundamental rights and freedoms override this legitimate interest. To use your personal data for direct marketing purposes, including profiling in relation to such marketing. If your personal data has been processed illegally. However, this right is not unlimited. It is possible to waive erasure if the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for the performance of a mission of interest public in the exercise of public authority, for purposes of public interest in the field of public health, for archiving purposes in the public interest, for purposes of scientific or historical research or for statistical purposes, or for the exercise or defense of legal rights.

The data controller is obliged to block the data when it is corrected or deleted.

Data blocking consists of the identification and reservation of data, as well as the implementation of technical and organizational measures to prevent their processing, including their visualization, with the exception of their making available to judges and courts , the public prosecutor's office or the competent authorities, in particular the data protection authorities, for the fulfillment of any responsibilities arising from the processing, and only during the limitation period for these responsibilities.

At the end of this period, the data must be destroyed.

RIGHT TO LIMITATION OF PROCESSING

This new right allows you to obtain the limitation of the processing of your data by the data controller, and its exercise has two aspects:

If you contest the accuracy of your personal data, for a period allowing the data controller to verify it. If you object to the processing of your personal data by the controller based on a legitimate interest or the performance of a task in the public interest, assessing whether these grounds override yours. The data controller must keep your data:

If the processing is unlawful and you object to the deletion of your data and instead request the restriction of their use. If the controller no longer needs the personal data for the purposes of the processing, but you need them to exercise, defend or establish claims.

RIGHT TO PORTABILITY

This new right aims to strengthen control over your personal data, allowing you, in the event of automated processing, to receive your personal data in a structured, commonly used and machine-readable format, and to transmit them to another data controller, provided that the processing is based on consent or the performance of a contract.

However, this right does not apply when the processing is necessary for the performance of a mission of public interest or for the exercise of public authority entrusted to the controller.

WHERE CAN YOU EXERCISE YOUR RIGHTS?

To exercise your rights, Ninalo, SL offers you the following possibilities:

Send the duly completed and signed form, accompanied by a photocopy and/or scanned copy of your identity card or document proving your identity, to the email address info@ninalo.com. You can also file a complaint with the Spanish Data Protection Agency, especially if you are not satisfied with the response to your request. For more details, please visit the website www.agpd.es.

HOW DO WE PROTECT YOUR PERSONAL DATA?

We do everything possible to protect your personal data. We use appropriate technical and organizational measures to protect your personal data and privacy, and we review these measures regularly. We protect your personal data by combining physical, IT and logical security controls, including access controls that restrict and manage how your personal data and information is processed, stored and managed. We also ensure that our employees receive the necessary training to protect your personal data. Our procedures indicate that we may ask you for identification before sharing your personal data.

As part of our security and privacy guarantee, we attach great importance to providing you with the highest level of security and protecting the confidentiality of the personal information you provide to us. Therefore, business transactions are carried out in a secure server environment using the Secure Socket Layer (SSL) protocol.

If you have problems accessing any part of our website at any time, it may be due to the model or version of your browser or its settings. If you would like us to help you resolve this issue, or if you have any questions about how our shopping system works, please contact us at info@ninalo.com. We will be happy to help you.

The Internet is a means of carrying out commercial transactions via the network. This is why one of the main concerns of Internet users is online data security.

An e-commerce transaction is the entire process of creating a commercial contract, including communication between the two parties:

The customer and the company. The aspects that all business transactions must respect are:

Authentication, which guarantees which legal or natural person we are communicating with. Integrity, which means that the content of the communication between the two parties should not be changed. Confidentiality, which ensures that unauthorized persons do not have knowledge of the content of the communication. The security and confidentiality of the data you provide to us is of great importance to us.

HOW IS CHILDREN’S DATA PROCESSED?

The website www.ninalo. com and its products are generally not aimed at children, although we may occasionally run a campaign that may be of interest to children. However, we do not knowingly collect personal data from children without the consent of their parents or guardians.

If you are a minor, do not attempt to register as a user on our website. If we discover that we have accidentally received personal information from a minor, we will delete that information as soon as possible.

WHAT PRECAUTIONS SHOULD I TAKE?

Here are some precautions that we recommend to our customers:

Do not share your username and password. Do not write them in easily accessible places: computer, diary, etc. Always use our SSL security system. Always log out of your browser after accessing a secure section or entering your username or password into the system.

Responsive customer service

Our customer service is available to you Monday to Friday from 9 a.m. to 6 p.m.

Secure payment

We use the latest SSL encryption technologies to secure your payments

Home delivery

Receive your order in 7 to 12 days at your home & track your order in real time

Satisfaction Guarantee

We offer a 30-day money-back guarantee on all our products.