Privacy, Cookies & Data Processing Policy

At outffocus., we prioritize the protection of personal data and ensure compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and the Spanish Organic Law 3/2018 on Personal Data Protection and Digital Rights Guarantee (LOPDGDD).

Data Controller

The responsible party for data processing is:

Miguel Ángel Melero González
RIO CUEVAS 2-A, SEGUNDO I
05400 ARENAS DE SAN PEDRO, ÁVILA, Spain
Phone: 635152070
DNI: 02899526P
Email: info@outffocus.com

Principles of Data Processing

• Lawfulness, Fairness & Transparency: Data is processed lawfully, fairly, and transparently.
• Purpose Limitation: Data is collected for specified, explicit, and legitimate purposes.
• Data Minimization: We collect only the data strictly necessary.
• Accuracy: Data is kept up to date and corrected if necessary.
• Storage Limitation: Data is kept only for the required period.
• Integrity & Confidentiality: Appropriate security measures protect personal data.

Personal Data We Collect

• Identification data: Name, surname, email, postal address, phone number.
• Transaction data: Order history, payment details (processed securely).
• Marketing data: Newsletter subscriptions, preferences.
• Technical data: IP address, browser type, cookies.

Legal Basis for Data Processing

• Performance of a contract: To fulfill purchases and manage orders.
• Consent: For marketing communications and analytics tracking.
• Legal obligation: Compliance with tax and legal requirements.
• Legitimate interest: Fraud prevention, website security.

Data Retention

• Transaction data: Retained for up to 6 years for tax compliance.
• Marketing data: Retained until the user withdraws consent.
• Customer inquiries: Retained for up to 2 years.

Data Sharing & Third Parties

We may share data with the following service providers:

• Shopify: E-commerce platform.
• Klaviyo: Email marketing automation.
• Google Analytics: Website analytics.
• Payment Processors (Shopify Pay, PayPal, Visa, etc.): Secure transactions.

All third-party services comply with GDPR and ensure data protection.

User Rights

Under GDPR, users have the right to:

• Access: Request a copy of their personal data.
• Rectification: Correct inaccurate or incomplete data.
• Erasure: Request deletion of personal data.
• Restriction: Limit data processing under certain conditions.
• Data portability: Obtain data in a structured format.
• Objection: Object to specific types of data processing.

To exercise these rights, contact us at info@outffocus.com.

Security Measures

We apply industry-standard security measures, including encryption, access control, and secure data storage, to protect against unauthorized access or data breaches.

International Data Transfers

Some services (Shopify, Klaviyo, Google Analytics) may involve data transfers outside the EU. These transfers comply with GDPR through Standard Contractual Clauses (SCCs).

Social Media & External Links

We operate profiles on platforms such as Facebook, Instagram, and Pinterest. Users should refer to their respective privacy policies for data handling practices.

Filing a Complaint

If you believe your data protection rights have been violated, you can file a complaint with the Spanish Data Protection Agency (AEPD) via www.aepd.es.

Cookies

For information on cookies used on our website, please refer to the relevant section in this document.