NEW IN - DISCOVER NOW

Privacy Policy

Basic information on data protection

DATA CONTROLLER

THE HOFF BRAND, S.L. TAX I.D. (C.I.F.) B-54929237

PURPOSE

To enable us to manage our mutual relationship, to provide you with our sales services and to send you information and sales promotion material.

LEGITIMATE INTEREST

Execution of the contract and consent of the data subject.

RECIPIENTS

The data processor and assistant processors

Your data will only be shared with third parties to comply with the law.

RIGHTS

You have the right to access, rectify and delete your data and other rights as explained in the second layer of information.

ADDITIONAL INFO.

You can consult additional, more detailed information about the Privacy Policy and protection of your data of a personal nature.

Identity of the Data Controller

THE HOFF BRAND, S.L.

C/ Juan Herrera 39

03203 - Elche (Alicante) - Spain

E-mail: service@thehoffbrand.com

C.I.F. B-54929237

Registered with the Companies Registry of Alicante in volume 3941, book 0, sheet 114, section 8, page A-149,731

Information collected

You can access our website anonymously. We will process two types of data in your name if you decide to register on the Website:

Identification data. Basic contact information such as your name and surname, email address, postal address, telephone number, purchase order number, email address of the recipient of the purchase invoice and encrypted data related to your credit card or bank account will be collected if you register on the Website, make an online purchase, subscribe to our newsletter or respond to a survey.

Data generated by the system. Our service automatically stores metadata based on other types of information such as registration data including the contract start date and the date of the last invoice. The invoices issued in relation to the purchased products are stored for your convenience.

HOFF will keep you informed about important changes in our services such as implementation of additional functions only if you expressly subscribe to our newsletter to be sent by email.

Reason for collecting the data

We collect personal data for the following purposes:

  • To customise your experience (this information will help us to serve your individual needs better).

  • To improve our website.

  • To identify you as a party to a contract with us.

  • To set up a communication channel with you.

  • To enable us to issue valid VAT invoices and process transactions (HOFF reminds you that your information will not be sold, transferred, delivered and/or exchanged to any other entity without your express consent for any reason other than to provide the requested service).

  • To enable management of subscriptions to our communication channels with you.

  • To provide you with information about your choices and preferences as a user.

  • To send periodic emails (in this context, the email address you provide us with will be used to process orders and purchases, to send you information and updates related to your order and to send updates, product information, occasional news items, etc. about out company only if you have expressly consented to receive them. At all events, if you wish to unsubscribe from future emails you can cancel your consent through the pre-established channels for the purpose as indicated in this Privacy Policy).

Legal Basis

1. General Data Protection Regulation

This Privacy Policy is adapted to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data. Processing of your personal data is legally based on your express consent, the fact that such processing is required for execution of a contract to which you are a party or to carry out certain actions or measures when you so request before entering into the contract. If the processing is based on your express consent, you can withdraw the same at any time by contacting HOFF through the channels provided for the purpose in this Privacy Policy.

2. Obligation to provide the requested data

You must provide us with the required personal data in order to properly execute the contract for purchase and acquisition of our products.

If you fail to provide all the requested information we will not be able to provide you with our services/products.

3. Minors

HOFF scrupulously complies with the requirements stipulated in the aforesaid European legislation on the protection of minors’ data and we will never knowingly collect any information from persons under 14 years of age. The Website, the purchase of our products and the use of our services are expressly aimed at persons over 14 years of age.

How we protect your information

HOFF implements physical, technical and organisational measures to ensure the security of your personal data and to minimize the chances of accidental or illegal destruction, accidental loss, unauthorised use, alteration, unauthorised alteration, disclosure and/or access and any other illicit way of processing your data.

1. Availability

HOFF employs the tools required to ensure a high level of availability of the website services but cannot guarantee constant full availability. Physical security is maintained by HOFF’s subcontractors who meet industry standards for physical security and availability.

2. Integrity

All data transmission is appropriately encrypted in line with the best practice to protect your confidentiality and the integrity of your data of a personal nature. Consequently, all credit card information that you provide is transmitted by Secure Socket Layer (SSL) technology and is subsequently encrypted in our payment gateway service provider’s database to ensure that only the data can only be accessed by personnel duly authorised to access these systems.

3. Confidentiality

All HOFF personnel are subject to full confidentiality in relation to processing of your data of a personal nature. Furthermore, all subcontractors and assistant processors with access to your data must sign a strict non-disclosure agreement before they are allowed to work with HOFF.

Authorised personnel can only access your personal data through an encrypted connection. The IP address of the authorised personnel who access your data must be previously cleared in order to do so.

Any device used by HOFF to access your personal data is protected and has HOFF's corporate anti-virus program installed. In addition, any electronic device other than the usual equipment on which your data is temporarily stored must also be encrypted.

Consequently, all local devices that temporarily store personal data are under constant supervision and physically located in a locked cabinet.

HOFF declares that your personal data is never stored on mobile devices, such as USB pen drives, CDs or DVDs.

4. Transparency

HOFF will keep you informed at all times about changes in our procedures including practices, protocols and policies to protect the privacy and security of your personal data. You may demand to be informed where and how your personal data is being stored, protected and used at any time. Upon request, HOFF will provide summaries of any independent audits performed on our services provided that we can do so without incurring excessive costs that HOFF cannot bear.

5. Isolation

All access to personal data controlled by HOFF is blocked by default and protected by our “zero-trust privilege” policy. This means that access to personal data is restricted exclusively to individually-authorised personnel based on a “never trust, always verify, enforce least privilege” approach.

6. Ability to intervene

HOFF facilitates your rights of access, rectification, cancellation, blocking, opposition, limitation of processing, portability and opposition to automated decision-making and provides you with the option of objecting whenever we plan to make changes in our business practices and website policies. General responsibility for data security rests with HOFF’s Head of Security who trains and updates all staff on the security measures described in our Security Policy and in this Privacy Policy.

7. Notice of personal data breach/security breaches

A violation of personal data means that there has been a breach of the security of HOFF’s I.T. systems that has caused or may cause the destruction, alteration, loss, unauthorised disclosure or accidental or deliberate access to the personal data related to the provision of our services during transmission, storage or processing.

HOFF will notify you promptly if your data of a personal nature is compromised in any way provided that such notification is required by the currently applicable regulations. HOFF will also notify the competent authorities of the security breach within a maximum of 72 hours from the time it is detected. We will inform you of the scope of the violation, the data that has been compromised, the impact on the service and the mitigation plan and protection measures set up to limit the potential detrimental effects on your personal data if we are obliged notify you of the breach of the same due a security incident.

Recipients Disclosure of information to third parties

HOFF will not sell, transfer and/or exchange your data of a personal nature with unauthorised third parties. This does not include identified third parties or subcontractors that help us to manage this website and provide you with our services and which you have duly authorised. These trusted third parties may have access to personal data for information needs and are contractually bound to maintain the confidentiality of the information provided.

HOFF may have to reveal part of your personal information (data of a personal nature) when we are obliged to comply with the law, enforce the policies of our website or to protect the security of our systems. Your personal data may also be provided to other third parties for marketing, advertising or other purposes, but only with your express consent.

1. Trusted subcontractors/third parties

The subcontractors that process your data are supervised and audited.

HOFF supervises its subcontracted data processors to the best of our ability to ensure that they maintain the aforesaid standards and submit to audits to guarantee that they meet the data protection-related requirements stipulated in this document.

2. Legally required disclosure

HOFF undertakes not to disclose your personal data except when bound by the currently applicable regulations or a judicial order that requires us to provide the police or the law courts with any or all of your personal data in our power. HOFF will only disclose the specific data required by a binding judicial order or police requirement.

We will notify you immediately if we are compelled to disclose some or all of your personal data by judicial order or as required by the police and we will provide you with a copy of said request unless we are legally prohibited from doing so.

Links to third-party websites

HOFF may include or provide the option of using third-party products or services on the Website. The privacy policies of these third-party sites are separate from HOFF’s Privacy Policy and therefore HOFF declines all responsibility for the contest and activities of the linked websites. Despite this, in order to ensure the integrity of the Website we welcome any comment or reference regarding the regulatory compliance of third-party sites linked to ours.

Where we store your data

HOFF does not transfer, make back-up copies or recover any personal data stored in places outside the European Union.

1. Location of personal data

All your personal data is stored in databases and file repositories hosted on servers owned and operated by HOFF, the registered office of which is located in Elche, Alicante province, in Calle Juan de Herrera 39, 03203 - Parque Industrial, Elche / Elx (Spain), registered in the Companies Registry of Alicante in Volume 3941, Book 0, Sheet 114, Section 8, Page A-149731.

HOFF makes backup copies of the databases it manages through its trusted provider to enable restoration of the information at any time as required.

2. Installation software on the customer’s system in the cloud

You are not required to install software of any kind in order to use the Website. You can access it by means of a standard Internet browser.

Access assistance, data portability, migration and transfer

HOFF will inform you on request of whether we are processing your data of a personal nature or not at any time.

You have the right to receive, on request at any time, a full copy of all the personal data that we hold in your name that you can send to another data controller. Your data will be delivered to you in a widely-used format within 1 month, a period that may be extended to 2 months in the event of complex requests.

Request for rectification, restriction or erasure of personal data

1. Rectification

If the personal data held by HOFF concerning you is inaccurate or incomplete you have the right to obtain rectification without undue delay.

2. Restriction of processing of personal data

You have the right to request that processing of your personal data be restricted at any time for any of the following reasons:.

When you contest the accuracy of the personal data held by HOFF for a period that enables us to verify the accuracy of the same.

When processing of your personal data is illegal in accordance with the currently applicable legislation and you choose to restrict use of the data instead of deleting it.

When you require your personal data to establish, exercise or defend yourself against a legal claim despite the fact that HOFF will no longer process them and delete them even without your request.

3. Deletion

You may request the deletion of your personal data and HOFF must erase them without undue delay under any of the following circumstances:

When the personal data are no longer necessary for the purposes for which they were collected or processed.

If you withdraw your consent to processing of your data there will no longer be a legal basis on for the use of said data.

When you object to the processing because it is being used for direct marketing purposes.

When the personal data has been or is being illegally processed.

When the data must be erased to comply with a legal obligation at the European Union and/or national level.

4. Where to exercise these rights

You may exercise the aforesaid rights before The Hoff Brand S.L. by sending the corresponding request to our postal address: Calle Juan de Herrera 39, 03203 - Parque Industrial, Elche/Elx (Spain), registered in the Companies Registry of Alicante in Volume 3,941, Book 0, Sheet 114, Section 8, Page A- 149,731. You may contact us by email at the following address: service@thehoffbrand.com or by telephone on: (+34) 664 232 208.

Data storage and retention

1. Data retention policy

Data related to purchase and rental transactions that generate invoices will be kept until the end of the contractual relationship and subsequently during the legally required period. Configuration data and data generated by the system will be deleted immediately you cancel the user account.

2. Data retention to comply with legal requirements

Except for deletion reasons as set forth in the relevant clause, HOFF is bound by the data protection-related legislation to comply with the personal data retention periods laid down by law.

3. Return or deletion of data

Except for account information, HOFF will not retain any data following termination of the contract. You can request a copy of the data at any time before termination of the contract. You should not cancel your account until you have been provided with a copy of your personal data.

Accountability

HOFF records system updates, site configuration changes and access to provide an audit trail if unauthorised or accidental changes are made.

Cooperation

HOFF is always willing to cooperate with you in complying with the currently applicable data protection-related provisions, especially those aimed at ensuring effective exercise of the rights of access, rectification, deletion, cancellation, blocking, opposition to and limitation of processing, portability and opposition to automated decision-making and management of security incidents.

Conditions

We strongly recommend that you also display our General Contract Conditions, Legal Notice, How to Buy and Cookies Policy sections that regulate the use, waivers and limitations of liability that govern this Website and many other important aspects.

Consent and changes to our privacy policy

By accessing this Website, you implicitly accept this Privacy Policy without reservations. This Privacy Policy may be changed or amended at any time. Therefore, you are strongly advised to review it from time to time. HOFF will update the change log of the Privacy Policy whenever it is modified.

Complaints

If you consider that your rights with regard to the collection and processing of your personal data are being infringed, you can file a claim with the Spanish Data Protection Agency (AEPD):

Spanish Data Protection Agency

C/ Jorge Juan, 6

28001-Madrid

901 100 099

91 266 35 17

http://www.agpd.es


EN
EN