General Data Protection Regulation
HastaSiempre tattoo works to ensure that your personal privacy is protected in accordance with the applicable data protection legislation, GDPR.
We therefore have a policy that determines how your personal data is processed and protected. Current privacy policy is always available on our website.

This privacy policy applies to our customers, suppliers and other users of the company’s services. You are welcome to contact us if you have any questions,
see contact details at the end of this policy.

Who is responsible for your personal data?
HastaSiempre tattoo, is responsible for personal data processing of personal data.

What is the processing of personal data?
Personal data is any kind of information that can be directly or indirectly attributed to a physically living person.

Processing of personal data is all that happens with these data. Every action taken with personal data is a processing, regardless of whether it is
performed automatically or manually. Examples of common treatments are collection, registration, organization, storage, processing, transmission and deletion.

What kind of personal information do we collect?
We collect personal information when your company / you register as a customer, when you place orders, contact us, subscribe to newsletters. It can, for example
include contact information such as telephone number and email address, organization number or social security number and payment information.

We also collect personal information when you visit our website by using our web site cookies that collect information on and from your browser.
For example, it may include different electronic identities (eg IP numbers) if they can be linked to a natural person.

We also retrieve personal data from other sources – e.g. publicly available corporate and personal registers, registers used for credit assessment, and from others
partners if necessary.

As a rule, we do not collect and process sensitive personal data.

What we use personal information for
In order to process data, there must be support in current data protection legislation, a so-called legal basis. This means that for our processing of your data to be legal, it is required that it be necessary to fulfill the agreement with you or to fulfill a legal obligation or that the processing of your personal data may be done after a balance of interests or you have given your consent to that particular treatment. In order to provide services and products, we need to process and manage your data. Below are examples of the purposes for which we process your data and with it support for whatever legal basis we do this.

To register as a customer / contact person.
To identify yourself as a customer or user.
To answer your questions and inform you about new, changed services / products / procedures.
To process and manage your orders, deliveries.
To create login information for e-commerce and other digital services.
To provide support services of delivered goods and products.
To provide other services, ensure their operation and remedy faults and incidents.
To handle customer service issues and complaints.
To contact you in case of problems with ordering and / or delivery.
To perform credit checks on companies that are registered as customers or are connected to new services.
To manage your invoices and payments.
Legal basis: performance of agreements
To send marketing offers as newsletters, (direct marketing.)
To conduct and manage participation in competitions.
To send surveys, market surveys that allow you to influence our offers and services.

Legal basis: legitimate interest and consent

To collect statistics and do analyzes so that we can develop our services and products and provide you with relevant offers and other information.
To test and improve systems that provide our services and products.
To prevent abuse or inappropriate use of our services and products.
To prevent, prevent and investigate crimes against the company.

Legal basis: legitimate interest and consent
To be able to fulfill the company’s statutory obligations.

Legal basis: legal obligation

How long do we store your personal data?
We will store your information for as long as it is required to fulfill the above purposes, or as long as we are required by law to do so.

We never store personal data any longer than we need to. Customer data is stored as long as you are a customer and thereafter as long as 24 months after the termination of the contractual relationship. Because we have a legitimate interest in preserving the data for as long as the majority of our customers’ buying cycle is usually two years. Exceptions apply to such documentation as must be stored longer by law, e.g. Accounting Act. In order to be able to offer you attractive market offers based on your needs, we save certain personal data, eg contact information, for 36 months.

Who has access to your personal information?
Personal data may be transferred to external parties who process personal data on behalf of the company and according to instructions from the company. Such external parties are personal data assistants and must always sign an assistant agreement with the company.

In different areas, we use other suppliers to deliver products and services. This means that they also need some information about you as a customer.
However, these parties may not use data about you for any purpose other than to provide the product / service or under the terms we specify. In some of these
HastaSiempre tattoo acts as personal data assistant and has signed an assistant agreement with the supplier.

Personal data may be transferred without assistance agreements to external parties with their own personal data responsibility when there is a legal basis or legal obligation for the transfer.
The transfer must then be documented and only necessary information must be transmitted.

We never sell or exchange your personal data with third parties. However, distribution of marketing materials and collection of statistics is sometimes handled jointly for us and other companies within our group.

Where is your personal data stored?
The data we collect is stored within the EU / European Economic Area (EEA), but can also be transferred and processed in countries outside the EU / EEA. All that
transfer of personal data takes place in accordance with current legislation.

What are your rights?
You have the right at any time to request written information about the personal data we hold about you. If these details are incorrect, you can request correction.
You can request that your personal data be deleted provided that the information is no longer needed for the purposes for which it was processed, if the processing
is based solely on your consent and you revoke this, if you oppose data processing that occurs after a balance of interests and there are no justified
reasons that outweigh your interest. Statutory requirements for personal data cannot be erased.

Some processing of data is based on the fact that we have your approval, so-called consent. You always decide which treatment you approve and if you want to withdraw your consent. Note In order to provide services and products, we need to process and manage your data. However, you are not required to provide your data to us.
If you choose not to do so, we may not be able to provide all of our products and services to you. You always have the right to withdraw your consent
use of personal data and refrain from targeted marketing. For persons under the age of 18, the guardian must submit the consent.

You have the right to have your personal data transferred (ported) for use elsewhere when technically possible. For this, it is also assumed that the treatment
is based on consent or that the treatment has been necessary for us to have been able to execute an agreement with you.

Security
It always involves a risk of disclosing personal data via the internet or telephone and we are constantly working to protect the privacy of our customers. No systems are fully protected for infringement. However, HastaSiempre tattoo has taken all reasonable technical security measures that may be required to protect personal data against unauthorized access;
change and destruction. Our security work includes protection of people, information, IT infrastructure and our premises. Particular attention is paid to information
security of your data to prevent, prevent and detect that it is spread to outsiders or is lost. Access to your data is only given to those who need it
it for their duties.

Reporting of infringement (complaint)
If you believe that your data is being processed in violation of applicable regulations, you should report it to us as soon as possible. You can also file a complaint with the Data Inspectorate.

If you have suffered damage because your data has been processed in violation of applicable law, you may be entitled to damages. You can then claim damages from us or bring damages
litigation in court. Such a request must be made in writing to us.

Contact Us
If you have any questions about this policy or would like to update, correct, delete data or otherwise exploit your rights please contact us by email
esperanzatattoos@gmail.com.

Personuppgiftsansvarig
HastaSiempre tattoo

This page has been translated by Google translate, we reserve the right for any translation errors.