Privacy Policy

Welcome to the Aptica European Services SL (hereafter called “AES”) Privacy Policy. We know your privacy matters to you; earning and maintaining your trust matters to us. An important part of our commitment to respecting your privacy is our promise to be transparent with you about our privacy practices and to clearly explain how we protect your privacy. At AES, our data handling practices are responsible and respectful of your privacy.

This notice describes what personal data we collect, how we will use this data and how we keep your data secure. For all other information regarding our services, please refer to our Terms & Conditions or cookies.

  1. Who controls your data?

The data controller for any personal data we hold about you is Aptica European Services SL, Calle Halcon Peregrino 28, Urb. Monte Halcones, 29678 Benahavis, Spain, a company with sole Shareholder.

We are responsible for ensuring that your data is held securely, that you are given accurate information about how your data is used, and that your rights regarding your data are respected.

  1. What personal data do we collect, when do we collect it and what is our legal basis for processing it?

We collect data from you when you visit our website: www.aptica.com. The data we collect includes your name, email address, telephone number and shipping/billing address, your date, month and year of birth, and information regarding your browsing and shopping behaviour. Data is collected when you place an order, register with us and browse our site. We also use it to deliver appropriate marketing communications, tailor your visit to our website and provide assistance via our After Sales Team. 

We must have a valid reason for processing your personal data and we may not collect, store or use data about you that is not compatible with that reason. The reasons for our use of your personal data are: Exercise of a Contract, our Legitimate Interests as a business, a Legal Obligation we are required to follow and Consent which you provide to us.

If you have given your consent to our use of your personal data, you are entitled to withdraw this consent at any time.

The data we process, and the legal basis we use to process it is detailed below:

CONTRACT

Purpose:

When you purchase a product from our website, we ask you for the personal data necessary to allow us to fulfil our contract with you including shipping your item and taking payment from you. Your personal data will also be used to manage your requests for customer service.

Personal Data Processed:

Contact details (name, address, postcode, phone number), financial details (credit and debit card details etc), delivery address.

CONSENT

Purpose:

For www.aptica.com direct marketing via email.

Personal Data Processed:

Name, email address, browsing and purchase history, date of consent.

Purpose:

Push notifications via our website and Social Media to suggest goods and services that may be relevant to you.

Personal Data Processed:

Products purchased, viewed, or placed in cart, name, device ID or IP address; language used to navigate and version of your use (country); information on the device and browser you use; date and time when you provided consent to receiving web push notifications; date of creation of the account; date of last visit to our site.

LEGITIMATE INTERESTS

Purpose: To monitor how our website and Social Media are used so that we are able to provide a tailored browsing experience, to help us improve the website and Social Media to make them more user-friendly and help you find products that could be of interest.

Personal Data Processed: Device information, IP address, analysis of website navigation via cookies, beacons and other technologies. For more information about how we use cookies please read our Cookie Policy.

Purpose: To monitor website and Social Media visitor behaviour patterns using third party services such as Adobe Analytics.

Personal Data Processed: Internet log information that is anonymized, so that individuals cannot be directly identified.

Purpose: When we send you an email in regard to your order, this being to confirm, inform you of any changes that might affect your order or inform the return of a product. Also, changes to AES’ terms and conditions.

Personal Data Processed: Name, email address and purchase history.

Purpose: When you save an item to your Shopping Bag, but don’t check out, we’ll send you an email service message to remind you that you haven’t checked out.

Personal Data Processed: Name, email address, item(s) saved in Bag.

Purpose: When you make a purchase on our website, we will use some of your personal data to carry out anti-fraud activities: we have a legitimate interest in carrying out this activity to prevent and prosecute any fraudulent activity.

Personal Data Processed: Name, billing and shipping address, email address, phone number, payment information, previous order history.

Purpose: When providing your personal data for email communication purposes you also consent to us using tracking technologies in the email to make sure the email has been delivered, that you have opened it and to monitor if you have clicked on any of the links. This information helps us to measure the value of our communications and to provide you with relevant content at the right frequency, in compliance with our Retention Policy.

Personal Data Processed: Email address and engagement with email and its content.

Purpose: To monitor and analyse the performance of product ranges and anticipate market trends (Business Intelligence).

Personal Data Processed: Whilst this is normally in anonymised form, occasionally, we will use personal data such as location and gender to analyse business performance.

Purpose: To collect information on our brand influencers and understand their impact.

Personal Data Processed: Publicly available data on your social network that includes name, username(s), posts, views, followers, shares, comments and bio descriptions and to which AES may add further information such as contact details (phone number, email and address), industry category, territory, age, gender, favourite products or other relevant information.

Purpose: We may use your data to establish or exercise our legal rights or to defend against any legal claims.

Personal Data Processed: Identification data and other personal data that may be relevant to the specific legal claim. 

LEGAL OBLIGATION

Purpose: When you make a purchase on our website, we are required to process your personal data to meet our legal obligations in accordance with the tax provisions, age of consent and other statutory rules which apply.

Personal Data Processed: Contact details, date of birth and details of your financial transaction with us.

Purpose: When we process your information in response to you exercising your data subject rights.

Personal Data Processed: Name, contact information, and purchase history, other information you have specifically requested.

  1. Who will process your data?

Your personal data will be processed by the internal staff of the AES who have been specifically trained and authorised for this processing.

Your personal data will also be transmitted to third parties that we use to provide our services; these parties have been rigorously assessed for the way in which they manage personal data and may only use your data for the exact purposes that we specify in the contract with them.  

The third parties in question belong to the following categories:

Companies such as payment service providers that help us to process your order.

Companies that help us to deliver your purchases such as couriers and parcel delivery companies who deliver your goods and act as Data Controllers for the duration of the delivery process.

Professional service providers, such as email delivery suppliers, IT software providers, marketing and research agencies, analytics companies and website hosts who help us to run our business.

Credit reference agencies, law enforcement and fraud prevention agencies, so we can help tackle fraud.

Governmental bodies and regulators to comply with our legal obligations.

Aggregated data that does not identify individuals is shared with internal teams, relevant service providers and brand partners for business planning purposes

We may also transfer your personal data to a buyer or potential buyer if our assets are acquired by another organisation. The purchaser will be required by law to use your personal data only as described in this Privacy Policy.

  1. Data transfer outside of the European Union

Some of the third parties listed in the previous section 'Who will process your data?' may be located in countries outside the European Union that nevertheless offer an adequate level of data protection, as established by specific decisions of the European Commission.

The lawful transfer mechanism of your personal data to countries that do not belong to the European Union and that have not been assessed, as offering adequate levels of protection will be performed only 1. After Standard Contractual Clauses have been put in place 1. If the transfer is necessary for the purchase of goods offered on our website or for registration on the website or use of services on the website 1. For the management of your requests.

  1. How long do we keep your data?

We keep your personal data for a limited period of time in line with our data retention policy. The specific retention period will vary according to the reason for processing your personal data. After this period, your data will be permanently erased or otherwise irreversibly rendered anonymous.

  1. Your rights

You have the following rights under data protection law:

The right to request a copy of the personal data that we hold about you.

The right to ask us to correct any flaws in the personal data we hold about you.

The right to withdraw your consent to marketing.

The right to object to our processing of your personal data on the basis of our legitimate interest.  

The right to request the deletion of your personal data in certain circumstances.

The right to data portability to transfer your data to another entity.

The right related to automated decision-making including profiling. We use profiling to make relevant and tailored recommendations to you. We do not use automated decision-making processes that would have a potentially damaging effect on you. But if we did, you have the right to obtain human intervention, express your point of view, obtain an explanation of the decision and challenge it.

To exercise any of these rights, you can sign into your account, contact our Customer Care team at admin@aptica.com.

  1. Security

We are committed to taking appropriate technical, physical and organisational measures to protect personal information against unauthorised access, unlawful processing, accidental loss or damage, and unauthorised destruction.

In particular, we use security measures that employ pseudonymisation or encryption of your data to ensure the confidentiality, integrity, and availability of your data as well as the resilience of the systems and services that process them. We have the ability to restore the availability and access to personal data in the event of a physical or technical incident. Furthermore, AES undertakes to test, verify and regularly evaluate the effectiveness of technical and organisational measures in order to ensure continuous improvement in the safety of processing.

  1. Changes to this notice

We keep our Privacy Policy under regular review in order to reflect changes in our services and in privacy regulation. This Privacy Policy was last updated on October 2023. We will contact you if we make significant changes in the Privacy Policy.