Privacy policy

1. Introduction

1.1. Welcome to the Privacy Policy of CENTRIS EVENTS S.L. (‘Centris Events’ or ‘we’ or ‘us’).

1.2. We consider the protection of your privacy to be very important. We are obliged to use, and we use, your personal data in accordance with Organic Law 3/2018 of 5 December on the Protection of Personal Data and Guarantee of Digital Rights (the ‘LOPDgdd’), the General Data Protection Regulation 2016/679 of 27 April 2016 (the ‘GDPR’) and Law 34/2002 of 11 July on information society services and electronic commerce (the ‘LSSI’).

1.3. We want to keep you informed, respect your privacy and give you control over what happens to your personal data and what you share with us.

1.4. Our Privacy Policy is primarily intended to let you know what personal data we collect, how we process it, as well as to inform you about your rights.

1.5. Please take the time to read our Privacy Policy and Cookie Policy to learn about your rights.

2. Data controller

CENTRIS EVENTS S.L. 

TAX ID: B66848896
Address: Plaza del Ángel 2, 2º, 08002 Barcelona, Spain
E-mail: store@brunchelectronik.com
Data Protection Officer (DPD): FRANÇOIS JOZIC - NIE X09918319Y (Data Controller) and Elena Codina Moll - DNI 38119896H (Data Processor). 

3. What personal data do we collect and how do we collect it?

3.1. Personal data shall mean any information relating to an identified or identifiable natural person. An identifiable natural person is any natural person whose identity can be established, directly or indirectly, by means of an identifier, such as a name, an identification number, location data, an online identifier or one or more factors specific to physical, physiological, genetic, mental, economic, social or cultural identity.

3.2. We currently collect and process the following personal data from users of our website:

• personal identifiers and contact details (e.g. name and e-mail address)
• cookies, subject to the consent of the users of the website, where required
• other personal data that you voluntarily disclose to us when you use our website or services at any time or that is generated in the course of our communications; and your interactions with us and your activity in those interactions.

3.3. We may also process personal information when we interact with users on a social network, such as photos, videos, user name, profile, posts or other information that users post publicly.

4. How do we collect your personal data?

4.1. We will collect your personal data directly from you when you: 

• you purchase products marketed by Centris Events.
• you contract with us to request information or for the provision of a service.
• submit a request by email, telephone or online.
• participate in promotional activities.
• subscribe to our newsletters or mailing lists.
• agree to use our services.
• visit our website.
  
  

 

5. What do we use your data for? What are our legal bases?

Purpose	Legal basis
To provide you with our services and/or products To provide you with the products and/or services you request from us.	Art. 6.1.(b) GDPR The need to offer and provide you with the services and/or products you request from us. Therefore, the legal basis is the performance of a (pre-)contract.
Provide assistance To respond to your requests for information, including customer service and support, including through a chatbot.	Art. 6.1.(f) GDPR Our legitimate interest to implement customer service and support for the benefit of our community.
Social media Manage our social media profiles (e.g. TikTok, Instagram and Facebook) and interact with other users.	Art. 6.1.(f) GDPR Our legitimate interest to manage our social media profiles and interact with other users.
Legal obligations We will also process your data to comply with our legal obligations (tax, accounting, money laundering, etc.), as well as to fulfil your rights.	Art. 6.1.(c) GDPR The need to comply with our legal obligations and to allow you to exercise your rights.
e-Marketing To send you electronic marketing communications and newsletters. Please note that you can object at any time by sending an email to store@brunchelectronik.com, or by following the instructions contained in each communication.	Art. 21.1 LSSI + Art. 6.1.(a) RGPD (non-customers) or Art. 21.2 LSSI (customers) If you are a customer, we may rely on the exception to consent set out in art. 21.2 of the LSSI to send you electronic communications about our products and services. If you are not a customer, we will only send you this information if you give us your consent.
Customer satisfaction surveys To send you satisfaction surveys about our products and services.	Art. 6.1.(f) GDPR Legitimate interest to conduct surveys about our business in order to improve our products and services.
Anonymisation We will irreversibly anonymise your personal data so that it is no longer personal data in order to improve our products and services.	Art. 6.1.(f) GDPR Without prejudice to the fact that this is also a security measure, we will anonymise your data based on our legitimate interest for the above-mentioned purpose.
Analysis To perform analysis of aggregated data (not directly associated with any individual).	Art. 6.1.(a) RGPD+ Art. 22 LSSI and Art. 6.1.(f) RGPD Consent to the installation and use of non-technical cookies as explained in the Cookies Policy. The further processing of this data will be based on the legitimate interest to improve our products and services.
Retargeting and social media advertising To display advertisements during your use of our website, services, your browsing and social media interaction based on your interests through the use of cookies.	Art. 6.1.(a) RGPD + Art. 22 LSSI (installation of cookies and collection of information) and Art. 6.1.(f) RGPD (processing of cookie information) Consent to the installation and use of non-technical cookies as explained in the Cookies Policy. The further processing of this data will be based on the legitimate interest to improve our products and services.

6. With whom will your data be shared?

6.1. We may share this information with:

Group entities: We will share your data with affiliated companies within our group (in accordance with existing commissioning agreements with such entities) for operational purposes and, where intra-group data sharing is controller to controller, we will rely on legitimate interest for such sharing to take place for the purpose of managing intra-group administrative matters.

Suppliers: We will provide access to your personal data to those suppliers who require it to provide services to us, such as cloud storage providers, accountancy, customer service management platforms or marketing agencies, as well as any other third parties who assist us in the organisation and/or management of the sale of products and services. Before we share any of your personal data with our third party providers, where they act as our (sub)processors, we will require them to sign a commissioning contract in accordance with Art. 28 GDPR, with confirmation that your data will be kept secure. This means that, in such cases, we determine the purpose and manner in which your data is to be processed, and that the (sub)processor will only be authorised to process your data in accordance with the instructions and security rules that we indicate to them.

Payment service providers: These providers will act as data controllers, as they determine which personal data should be processed and the means for the successful execution of a payment. Our main provider is PayPal, but we may use other providers. These providers are supervised by the relevant national (regulatory) authorities and institutions as regulated payment service providers. Where such providers do not act as data controllers, we will execute the relevant commissioning contract in accordance with Art. 28 of the GDPR, as set out above in relation to suppliers/processors.

Other: We will share your personal data with third parties if we are required to do so by law, by an administrative or judicial authority, or in the public interest or for public order, such as to comply with anti-money laundering and anti-terrorism regulations, tax or social security obligations.

6.2. Finally, in the event of a restructuring, merger, spin-off or sale of the company, we may transfer all of your personal information to the third party arising from such transaction on the basis of legitimate interest in accordance with article 21 of the LOPDgdd.

7. How do we protect your personal data?

7.1. We take all reasonable and appropriate technical and organisational measures to protect the security of your personal data in the course of our business, taking into account the risks associated with the processing activities being carried out. Technical safeguards include, for example, restricted access, encryption, anti-virus software and regular testing and evaluation.

8. Do we carry out international transfers?

8.1. We take all reasonable and appropriate technical and organisational measures to protect the security of your personal data in the course of our business.

8.2. We do not carry out international transfers of data. We will store all your personal data within the EU. To exercise your right of access, modification or deletion, please send an email to datos@brunchelectronik.com.

8.3. In the event that in the future we need to contract with a service provider, for example, an IT provider, whose servers are located outside the European Economic Area (EEA) and therefore an international transfer of data is necessary, we will execute all necessary contractual agreements or other measures with any recipient of your information to ensure that your personal data will be equally protected.

9. How long will we keep your personal data?

9.1. We keep the information we collect only for as long as is necessary for the purpose for which we collected it. We may also collect your information to process any complaints about our products and/or services. We will then delete your information. Our retention periods are determined in accordance with legal requirements.

9.2. Before the final deletion of personal data, we will keep it properly blocked, in order to comply with the legal obligation provided for in article 32 of the LOPDgdd.

10. How do we deal with children's privacy?

10.1. Our platform/website is designed and intended for adults. We understand the importance of taking extra precautions to protect the privacy and safety of children.

10.2. If you become aware that a minor has, in breach of this Privacy Policy, signed up to receive email newsletters or otherwise provided their personal data, please notify us at store@brunchelectronik.com. If we become aware that a minor user has provided personal data without parental permission, we will delete all personal data provided by such user as far as possible and as soon as practicable.

11. What are your rights?

11.1. In principle, there is no charge for exercising your rights, although a fee may be charged where requests are unfounded, excessive or repetitive. If you exercise any of the data protection rights listed below, we have one month to respond to you, although we will do our best to provide you with a response in less than one month. In any case, in accordance with applicable data protection regulations, please note that this period may be extended by an additional 2 months, if necessary.

11.2. Pursuant to the GDPR and the LOPDgdd, we inform you that you may exercise the following rights:

Right to withdraw consent - You may withdraw your consent at any time by contacting us at store@brunchelectronik.com.

Right of access - You have the right to ask us for copies of your personal data.

Right of rectification - You have the right to ask us to rectify personal data that you believe to be inaccurate. You also have the right to ask us to complete information which you consider to be incomplete.

Right to erasure - You have the right to ask us to delete your personal data in certain circumstances, for example, if your personal data is no longer necessary for the purposes for which it was collected or if you withdraw your consent.

Right to restrict processing - In certain circumstances, you have the right to ask us to restrict the processing of your personal data, for example, if you believe that the information we are processing is inaccurate or unlawful.

Right to object - You have the right to object to the processing of your personal data only if we process such personal information on the basis of legitimate or public interest.

Right to portability - You have the right to request that we transfer the personal data you have provided to us directly to another organisation, or to you, if we process such information on the basis of consent or performance of a contract.

Right not to be subject to a decision based solely on automated processing - You have the right to request not to be subject to a decision based solely on automated processing that produces legal effects concerning you or similarly significantly affects you, if the legal requirements are not met.

Without prejudice to other means of redress, you also have the right to lodge a complaint at any time with the supervisory authority competent according to your place of residence. In the case of Spain, this would be the Spanish Data Protection Agency (AEPD). You can consult the different supervisory authorities by contacting us at [email protected]. In any case, before initiating any complaint, please contact us by e-mail to try to resolve any discrepancy or dispute amicably.

12. How to contact us

12.1. You can contact us at store@brunchelectronik.com, whether you wish to make a request or complaint or if you have any questions about how we handle your personal data.

13. How do we keep this Privacy Policy up to date?

13.1. We may need to update this Privacy Policy in the future. If we make any material changes to the way we collect, process and/or share the personal data you have provided to us, we will notify you before such changes take effect, for example, by posting a prominent notice on our website.

13.2. We encourage you to periodically review this page for the latest information on our privacy practices.

This Privacy Policy was last updated in August 2024.