Siroko.com

Legal notice

Our privacy policy and terms of use

LEGAL NOTICE AND PRIVACY POLICY FOR WWW.SIROKO.COM

OWNER OF THE WEBSITE

Pursuant to Article 10 of Law 34/2002, of July 11, on Information Society Services and Electronic Commerce, we hereby inform you that the entity in charge of the website, where various applications are available for download, is:

Company name: SIROKO SOLUTIONS S.L.
TAX ID: B52537651
Registered office: PLAZA 6 DE AGOSTO Nº6, 2º 33203 - GIJÓN (Asturias)
Phone number: 984 49 37 44 / 671 08 12 26
E-mail address: [email protected]

OFFICIAL REGISTRIES:

Official Mercantile Registry of Asturias, Volume 3646, Book 1, Page 83, Section 8th, Sheet AS-37176
Trademarks registered before the SPTO (Spanish Patent and Trademark Office) or other Industrial Property Registries: EM3577871 and EM3731183, EM15177249 and EM17940312, US86933189 and US88092486.

POLICIES AND PROTOCOLS IMPLEMENTED BY WWW.SIROKO.COM:

Digital Disconnection Policy for employees.
Protocol for Preventing Sexual Harassment in the Workplace.
Protocol for Preventing and Acting Against Harassment in the Workplace.
Communication and Information Channel Established in Compliance with Law 2/2023 of February 20, and Response Protocol for Reports.
Equal Opportunity Plan agreed upon and registered with the Registry and Deposit of Collective Bargaining Agreements and Collective Labor Agreements and Equality Plans, with file number 33/11/0152/2024.

LEGAL REGULATIONS APPLICABLE TO THE DIFFERENT SALES ACTIVITIES AND AFTER-SALES SERVICE TO CONSUMERS AND USERS

Law of Information Society Services and Electronic Commerce. Law 34/2002 of July 11, 2002.
European Regulation EU 679/2016 of April 28, General Data Protection Regulation (EU) and Organic Law 3/2018 of December 5, 2018 on Protection of Personal Data and Guarantee of Digital Rights.
European ePrivacy Directive, alongside the GDPR.
Royal Legislative Decree 1/2007 of November 16, 2007 on Consumers and Users, regulating the relationship with consumers in retail sales contracts for online transactions.
Royal Decree-Law 7/2021, of April 27, regulating the VAT treatment of electronic commerce and establishing the rules for taxation of the deliveries of goods and services to community end consumers for EU members.
Legislation and regulations for the protection of Intellectual and Industrial Property Rights.
Application of certain processes pursuant to the EU Artificial Intelligence Act (Regulation (EU) 2024/1689 of the European Parliament and of the Council of June 13, 2024 establishing harmonised rules on artificial intelligence).
Royal Decree 1055/2022, of December 27, 2002, on Packaging and Packaging Waste.
Law 7/ 2022 on Waste and Contaminated Soils for a Circular Economy.

WEBSITE PROPERTY OF SIROKO SOLUTIONS S.L.:
www.siroko.com

1. PRIVACY POLICY OF WWW.SIROKO.COM

1.1. CONTACT DETAILS OF THE DATA PROCESSOR

Company name: SIROKO SOLUTIONS S.L.
TAX ID: B52537651
Registered office: PLAZA 6 DE AGOSTO Nº6, 2º 33206 - GIJÓN (Asturias)
Phone number: 984 49 37 44 / 671 08 12 26
E-mail address: [email protected]

1.2. DATA PROTECTION OFFICER (D.P.O.) CONTACT DETAILS

Martin Lopez Escartín, lawyer ICAM 103516 with office for notifications at HONOS ABOGADOS S.L.P. in Langreo St. nº2, 1ºD, 33206, Gijón, Asturias. Telephone number 608781399 and e-mail address [email protected]

1.3. INFORMATION REGARDING DATA PROCESSING ACTIVITIES THROUGH OUR WEBSITE.

INTRODUCTION

Before submitting any personal data through the forms or fields provided on our website, users must carefully read and understand the following information to ensure compliance with the principles governing our entity's data processing practices.

If any term is unclear, we are available to assist you.

Our organization fully respects and upholds the fundamental right to privacy. We proactively protect personal data. Personal data is unique to each individual. When you provide your personal data to our organization, you entrust them to us, and our commitment is to handle them lawfully, fairly, transparently, and, most importantly, with strict confidentiality. We also ensure that our organization implements all necessary security measures to prevent the loss or theft of personal data during processing.

We process your data on an equal basis, without discrimination or distinction based on race, sex, language, religion, political opinion, national or social origin, economic status, birth, or any other characteristic. We do so without regard to your legal or international status in the country or territory to which you are subject.

In our organization, we provide you with access to and control over your personal data at all times, as well as the ability to exercise your rights.

PURPOSES OF THE DATA PROCESSING ACTIVITIES THROUGH OUR WEBSITE:

1.- DATA FROM NON-ESSENTIAL COOKIES (USERS)
You can find the purposes of the data provided by cookies in the COOKIES POLICY section (https://www.siroko.com/es/i/cookies-policy), which contains detailed information on the purpose, legal basis (consent), duration of retention, and the applicable legislation regarding cookies. In the POP-UP displayed upon accessing our website, the various purposes of data processing are clearly outlined, allowing you to choose whether to ACCEPT, REJECT, or MANAGE your cookie preferences.

2.- DATA FROM THE CONTACT AND HELP SECTIONS
In the CONTACT section (https://www.siroko.com/es/i/contacto) and the HELP section (https://www.siroko.com/es/i/ayuda), we request data to provide users with the information or answers they seek. To achieve this, we only ask for the strictly necessary data in the form. In the contact section, you can also select a purpose from a drop-down menu, where you have the option to revoke your consent as a legal basis for certain data processing conducted through this means.

3.- CUSTOMER and USER DATA (JOIN SIROKO)
The purposes of this data processing are as follows:

a) Processing the order placed by a customer during registration when making a purchase through our website, including the option to specify an alternative billing or delivery address. We will share the necessary data with data processors, including transportation companies and partners collaborating with Siroko Custom, to ensure the successful delivery of your purchase made through the website.
b) Managing the AFFILIATES program, which allows users who register - regardless of whether they have purchased any products - to enjoy benefits when making a purchase (details of which are available on the website).
c) Managing CHARGES and applying advantages or benefits on purchases of products made through the website.
d) In instances where you request the purchase of a SIROKO GIFT CARD or use the SIROKO WALLET as a payment method as a customer on www.siroko.com, we will request your customer and/or user data for this process.
e) Managing the tracking of your orders and the return and refund processes for Siroko products. We collect the buyer's information and order details through a form to streamline the information process in the event of delivery issues.

Customer and user data shall be transferred to Techpump Solutions S.L., which acts as a data processor, providing administrative and financial management services for Siroko Solutions S.L.

4.- EMPLOYEE RECRUITMENT THROUGH THE "WORK WITH US" BUTTON
We process your personal data to fill specific vacant positions within the organization. To facilitate this, we connect our button to the employee recruitment system implemented by our HR Department (https://www.techpump.com/#open-positions), where you can view available positions and submit your applications. To achieve this, we request certain data necessary to evaluate whether you meet the profile our company requires. We also collect contact information and inform you that this process may involve selection tests, interviews, skill assessments, reference checks, and notifications about new positions that align with your profile. If you are offered the position, we may use your personal data to prepare recruitment documents or job proposals for your review.
The data is managed by the entity Techpump Solutions S.L., as Data Processor, in order to carry out employee recruitment tasks.

5.- SENDING NEWS AND UPDATES VIA E-MAIL (USERS AND/OR CUSTOMERS)
We obtain your email address to send you updates, offers, and any other information that www.siroko.com wishes to communicate. We request that you specify your gender so that we can tailor the news we send you to better match your interests.

6.- DATA FROM WHISTLEBLOWING CHANNEL (LAW 2/2023 OF FEBRUARY 2)
To fulfill the legal obligation of channeling information from individuals who, based on the facts outlined by the law, submit reports through this internal channel, we will manage this information externally through data processors, in accordance with Article 6 of Law 2/2023 of February 20.

LEGITIMACY FOR EACH OF THE PROCESSES:

1.- DATA FROM NON-ESSENTIAL COOKIES (USERS)
The purposes of the data provided by cookies can be found in the COOKIES POLICY section, where you will find detailed information on the purpose and duration of the cookies, along with additional information regarding this processing and the features of each browser to delete any cookies you do not wish to keep.

In the POP-UP displayed upon accessing our website, the various purposes of data processing are presented, giving you the option to ACCEPT, REJECT, or MANAGE your cookie preferences. You can find all the information at the following link: (https://www.siroko.com/es/i/cookies-policy). If you accept cookies, the legitimacy is based on your consent (Article 6, 1(a) of the GDPR), while only the necessary cookies are justified by the legitimate interest of the Data Controller. To revoke your consent, please refer to section 1.5 of this notice and follow the outlined steps. You can also indicate this in the CONTACT section by selecting "OTHER INQUIRIES" from the drop-down menu and specifying your request to withdraw your consent. Alternatively, if the process is complicated, please inform us so we can assist you in removing it from your computer.

2.- DATA FROM THE CONTACT AND HELP SECTION
The legitimacy is based on your consent, in accordance with Article 6.1(a) of the GDPR. By completing the contact and/or help forms with the requested data and taking action to submit them, you are engaging in a voluntary and free act in which you explicitly express your consent.

3.- CUSTOMER and USER DATA (JOIN SIROKO)
For CUSTOMERS, the legitimacy for data processing is established under Article 6(1)(b) of the GDPR, which applies when you are a party to a distance sales contract, including transactions involving the SIROKO GIFT CARD and SIROKO WALLET.
For USERS, the legitimacy in the "JOIN SIROKO" section is based on consent, in accordance with Article 6(1)(a) of the GDPR.
For communications regarding news and updates from www.siroko.com, the legitimacy is provided by Article 21.2 of Law 34/2002 of July 11, 2002, as well as the consent of the user and/or customer. This may be carried out as long as the customer or user has not expressed a desire to withdraw their consent to continue receiving electronic communications from www.siroko.com.
It is possible that the individual making the purchase is not the same person to whom the product is intended. In this case, you are required to have authorization to share the necessary information for shipping the product purchased by the customer.
It is important to note that for the delivery of your purchase made through our website, the items will be delivered by logistics providers, to whom you will need to provide the necessary data to facilitate the delivery and fulfill the contract.

4.- EMPLOYEE RECRUITMENT THROUGH THE "WORK WITH US" BUTTON
The legitimacy for processing is based on your consent, in accordance with Article 6(1)(a) of the GDPR. By accepting the privacy policy specifically related to personnel selection, you consent to the processing of your personal data, which includes submitting your information to a tool managed by a different entity acting as a data processor.

5.- SENDING NEWS AND UPDATES VIA E-MAIL (USERS AND/OR CUSTOMERS)
Legitimacy is based on consent, in accordance with Article 6(1)(a) of the GDPR. In accordance with Article 21 of the LSSI-CE (Spanish Law on Information Society Services), this consent must be given voluntarily by checking a box or through a prior relationship as a customer.

6.- DATA FROM WHISTLEBLOWING CHANNEL (LAW 2/2023 OF FEBRUARY 2)
The legitimacy is based on legal compliance, as outlined in Article 6(1)(c) of the GDPR. This is due to the entity being a obliged subject under Article 2 of Law 2/2023 of February 20, and serves as a means to communicate facts or actions that may involve an alleged criminal act, as well as a mechanism to report information related to other protocols implemented within the entity, in accordance with Section III of the Preamble of the Law, thereby legitimizing the collection of data.

In the case of the Whistleblowing Channel, it is stated that the information is received by a Data Processor in accordance with Article 6 of Law 2/2023 of February 20. The information and data will be handled by the data processor, who acts under the instructions of the data controller and in compliance with the legal requirements established by law.

To provide additional information, we present the following table, which fairly and transparently outlines the essential aspects of data processing along with the information required under Article 13 of the GDPR, thereby complying with the principles set forth in Article 5 of the GDPR.

INFORMATION ABOUT DATA PROCESSING THROUGH THE WEBSITE.

DATA CONTROLLER

SIROKO SOLUTIONS S.L.
PLAZA 6 DE AGOSTO Nº6, 2º 33203 - GIJÓN (Asturias)

D.P.O. (Data Protection Officer)

Martin Lopez Escartín, lawyer ICAM 103516 with office for notifications at HONOS ABOGADOS S.L.P. in Langreo St. nº2, 1ºD, 33206, Gijón, Asturias. Telephone number 608781399 and e-mail address [email protected]

INTERNATIONAL DATA TRANSFER

International data transfers will occur solely to fulfill the distance sales contract. Exception from Article 49(1)(c) may apply if it is deemed "necessary for the conclusion or performance of a contract between the Data Controller and another natural or legal person, in the interest of the data subject," thereby meeting the NECESSITY criterion.

RECIPIENTS OF DATA TRANSFERS AND DATA PROCESSORS

No data will be transferred unless it is necessary to comply with the requested service.
In the case of CUSTOMER data: They will be transferred to transportation companies for the purpose of delivering the purchases made.
The data will also be shared with Techpump Solutions S.L., which provides administrative, management and financial services, and technological support, acting as a Data Processor in accordance with Article 28 of the GDPR.
In the case of CURRICULUM DATA: It will be transferred to TECHPUMP SOLUTIONS S.L. as a data processor solely for the purpose of the employee recruitment process, utilizing the link to the designated tool. To this end, interviews, meetings, and candidate assessments may be conducted.
In the case of the WHISTLEBLOWING CHANNEL: For the management of non-anonymous information received, access will be granted to the data processors HONOS ABOGADOS S.L.P. and RJA DIGITAL S.L.

RIGHTS

The right to request access to personal data pertaining to the individual concerned.
The right to request the rectification or erasure of personal data.
The right to request the restriction of data processing.
The right to object to data processing.
The right to data portability.
The right to opt-out of advertising.
The right to not be subjected to automated individual decision-making.

ADDITIONAL INFORMATION

If you deem it necessary, you can file a complaint at any time with the Spanish Data Protection Agency (Agencia Española de Protección de Datos - AEPD), C/ Jorge Juan, 6. 28001 - Madrid (www.aepd.es)

DATA RETENTION PERIOD

CUSTOMERS: For the duration of the business relationship. They are retained for a period of four years following the last sale, remaining available for the tax authorities.
USERS: For the duration of the services requested in the contact or help forms.
COOKIES: Established in the cookie policy, in accordance with the specifics of each cookie.
JOB APPLICANTS: For a maximum of 2 years.
USERS RECEIVING NEWSLETTERS: The data is retained and reviewed annually, and any emails that fail to deliver are promptly removed from our records.
WHISTLEBLOWING CHANNEL: The data is retained for the duration specified in Law 2/2023 of February 20, which allows for a maximum retention period of 10 years, or for the duration set by law in the event of legal proceedings being initiated.
You can request the withdrawal of your consent for any data processing based on your consent by sending an email to [email protected] or by using the contact form, clearly stating your intention and request.

WHERE TO EXERCISE YOUR RIGHTS

Request our forms to exercise your rights at: [email protected]

SECURITY MEASURES

We implement security measures to protect the integrity of the data we collect from you, following a thorough risk analysis to minimize potential risks as effectively as possible. We conduct regular reviews and cybersecurity audits to ensure the proper protection and secure handling of the data.
We establish contractual agreements in compliance with Article 28 of the GDPR to govern our relationship with data processors, outlining clear instructions and security measures to safeguard the integrity and protection of the data.

PROTOCOLS FOR INCIDENTS OR SECURITY BREACHES

As part of our proactive responsibility, we implement all reasonably necessary technical and organizational security measures to protect your information. All our personnel follow a well-established protocol to respond to any potential data loss, ensuring that the necessary measures and communications are implemented promptly to minimize risks and consequences, while acting in a coordinated and efficient manner.

TYPE OF DATA WE REQUEST

All data requested in our forms is essential for fulfilling the specified purpose. If you choose not to complete a mandatory field, it may hinder our ability to fulfill the intended purpose (e.g., processing a remote sale or purchase).

USE OF ARTIFICIAL INTELLIGENCE TOOLS IN DATA PROCESSING

We utilize artificial intelligence tools to enhance customer service processes, including handling returns and complaints related to purchases and sales, with the aim of streamlining these procedures.
Regarding the data you have provided for the execution of your distance sales contract, you can request that our entity cease using your data in artificial intelligence tools for the specified purposes by sending an email to our Data Protection Officer at [email protected].
For data received through the employee recruitment link provided by Techpump Solutions S.L., artificial intelligence tools are utilized by the data processor to expedite the data analysis processes.

1.4 WITHDRAWAL OF CONSENT-BASED PROCESSING LEGITIMACY. (Article 6, 1º (a) of Regulation (EU) 2016/679 of April 28)

You can WITHDRAW YOUR CONSENT for any data processing conducted on this website that relies on consent for its legitimacy by sending an email to [email protected].

For data collected through NON-ESSENTIAL COOKIES, you can either send an email to [email protected] or delete them in the "Cookies Policy" section by following the deletion methods provided for each browser. If you require assistance, please don't hesitate to send us an email, and we will be happy to help you.

1.5 INFORMATION ABOUT YOUR RIGHTS

The data protection regulations grant you the right to exercise your rights before the data controller. Here is a detailed breakdown of each right individually.

All rights are characterized by the following:

They can be exercised at no cost.
If requests are clearly unfounded or excessive (repetitive), the Data Controller may: Charge a fee proportional to the administrative costs incurred; Refuse to act. Responses must be provided within one month, which may be extended by an additional two months considering the complexity and number of requests.
The Data Controller is obligated to inform you about the methods available for exercising these rights. These methods must be easily accessible, and your right to exercise them cannot be denied simply because you opt for a different method.
If the Data Controller does not comply with the request, they must inform you within one month at the latest of the reasons for their inaction and the option to file a complaint with a supervisory authority.
You may exercise these rights either personally or through a legal representative or an authorized party. In some cases, the Data Processor may respond to your request on behalf of the Data Controller, if this arrangement has been specified in the contract or legal agreement between them.

The rights are outlined in Regulation (EU) 2016/679 of April 28, specifically in Articles 15 to 22, as well as in the Organic Law 3/2018 of December 5, 2018.

a) RIGHT OF ACCESS

The right of access allows you to contact the data controller to determine whether your personal data is being processed and, if so, to receive the following details:

A copy of your personal data that is being processed
The purposes for which your data is being processed
The categories of personal data to be processed
The recipients or categories of recipients to whom your personal data have been or will be disclosed, especially those located in third countries or international organizations
The anticipated duration for which the personal data will be retained, or if a specific retention period cannot be determined, the criteria applied to establish the retention duration
The data subject has the right to request the data controller to rectify or erase their personal data, restrict the processing of such data, or object to the processing thereof
The right to file a complaint with a supervisory authority
If the personal data have not been collected directly from you, you have the right to be informed about any available information regarding its source
You have the right to be informed about the existence of automated decision-making processes, including profiling, as well as meaningful information regarding the logic involved, the significance of such processing, and its intended consequences for you as the data subject
If the personal data are transferred to a third country or to an international organization, you have the right to be informed of the appropriate safeguards under which the transfers are carried out

b) RIGHT TO RECTIFICATION

Exercising this right entitles you to request the immediate rectification of any inaccurate personal data from the data controller without undue delay.

Considering the purposes of the processing, you have the right to have incomplete personal data completed, which may include the submission of an additional declaration.

In your request you should indicate which data you are referring to and the correction to be made. In addition, when necessary, your request must be accompanied by documentation to justify the inaccuracy or incompleteness of your data.

c) RIGHT TO ERASURE

You may exercise this right before the data controller by requesting the erasure of your personal data when any of the following circumstances apply:

If your personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed
If you withdraw consent on which the processing is based, and where there is no other legal ground for the processing
If you have objected to the processing of your personal data by exercising your right to object in the following circumstances:
- If the processing by the data controller was grounded in legitimate interests or in the execution of a task carried out in the public interest, and no other justifying reasons exist to validate the processing of your personal data
- If your personal data are used for direct marketing, including profiling in connection with such marketing
If your personal data have been unlawfully processed
If your personal data must be erased in order to comply with a legal obligation under Union or Member State law that applies to the data controller
If the personal data were obtained in relation to the provision of information society services as specified in Article 8(1) (which outlines the conditions for processing data of minors in connection with information society services)

d) RIGHT TO RESTRICTION OF PROCESSING

This newly established right allows you to request the limitation of the processing of your data by the data protection officer, and its exercise involves two principal aspects:

You have the right to:

Obtain the restriction of the data processing:

If you dispute the accuracy of the personal data, for a period sufficient to enable the data controller to verify it
If you have objected to the processing of your personal data by the controller on the basis of legitimate interest or public interest mission, while the controller verifies whether these grounds override yours

Ask the data controller to retain your data:

If the processing is unlawful and you have objected to the erasure of your data and instead request the restriction of its use
If the controller no longer needs the personal data for the purposes of the processing, but the data subject needs them for the formulation, exercise or defense of claims

e) RIGHT TO DATA PORTABILITY

This right is designed to ensure that you are not subject to decisions that are based solely on the processing of your personal data, including profiling, which have legal effects or significantly impact you in a similar manner.

Profiling refers to any method of processing your personal data that assesses personal characteristics, particularly through the analysis or prediction of aspects related to your job performance, financial status, health, personal preferences or interests, reliability, or behavior.

However, this right shall not apply:

If your data is necessary for the conclusion or execution of a contract between you and the data controller
If the processing of your data is based on your previously given consent

In these two above-mentioned scenarios, the data controller is obligated to ensure your right to obtain human intervention, articulate your viewpoint, and contest the decision.

Such processing is permitted under Union or Member State law, provided that appropriate measures are implemented to safeguard the rights, freedoms, and legitimate interests of the data subject.

Furthermore, these exceptions do not apply to special categories of data as defined in Article 9(1), unless Article 9.2. (a) or (g) is applicable and the requisite safeguards mentioned in the preceding paragraph have been established.

f) THE RIGHT TO OPT-OUT OF ADVERTISING

If you have voluntarily and freely given us your consent to send you electronic advertising communications, or if this is based on Article 21.2 of the LSSI (Spanish Law on Information Society Services) Law 34/2002 of July 11 due to your status as a client of www.siroko.com, you may express your wish to no longer receive advertising from our company and revoke your consent by sending an email to [email protected].

For more information about your rights, please visit the following link to the Spanish Data Protection Agency (Agencia Española de Protección de Datos - AEPD): https://www.aepd.es/derechos-y-deberes/conoce-tus-derechos

1.6 HOW TO CLAIM YOUR RIGHTS

You can reach out to our Data Protection Officer (D.P.O.) at [email protected] to request the necessary forms we have prepared to simplify the process of exercising your rights. You may also do so by sending a request to our postal mail if you deem it necessary.

www.siroko.com ensures that all employees are regularly informed and trained on the procedures for handling requests related to the exercise of data subjects' rights. We have established a protocol to ensure proper response to all rights requests we may receive.

If deemed necessary, you may contact the Spanish Data Protection Agency (Agencia Española de Protección de Datos - AEPD). On their website, accessible through the following link, you can find and use the form to claim your rights: (https://www.aepd.es/derechos-y-deberes/conoce-tus-derechos).

Furthermore, if our entity fails to comply with data protection regulations, you have the right to file a complaint with the Spanish Data Protection Agency.

2. BASIC PRINCIPLES OF OUR PRIVACY POLICY.

This legal notice is governed by the PRINCIPLES OF LAWFULNESS, FAIRNESS, AND TRANSPARENCY as outlined in the GDPR. It is drafted to ensure clarity and understanding for all individuals who access this website. If you have any questions regarding its complexity, please do not hesitate to contact us for clarification.

2.1 DATA CONFIDENTIALITY

All data submitted through electronic forms will be processed in accordance with current personal data protection regulations and will remain confidential for all employees of our company who handle this information.

To ensure proactivity, all employees receive training on data protection regulations and data governance. Upon joining the entity, each employee receives a document outlining essential information about data processing practices and the standards required to ensure data security compliance. Employees also receive training on how to handle requests related to citizens' rights and how to respond in the event of a security breach that may result in data loss.

Furthermore, to ensure and mitigate potential risks, confidentiality agreements are executed with employees, collaborators, and service providers who have access to or process data on behalf of the Data Controller, establishing them as Data Processors.

2.2 INFORMATION ABOUT DATA PROTECTION PRINCIPLES AND OUR DATA PROCESSING PRACTICES ON THIS WEBSITE.

PRINCIPLE OF TRANSPARENCY IN DATA PROCESSING

Pursuant to this principle, information provided to data subjects regarding the conditions of processing operations that affect them, as well as responses to their rights requests, must be delivered in a concise, transparent, intelligible, and easily accessible manner, using clear and simple language.

Particularly complex language that includes references to legal texts should be avoided.

The informational clauses must clearly and comprehensibly convey the relevant content, ensuring it is accessible to all individuals, regardless of their prior knowledge or expertise on the subject.

In line with this principle, we have previously informed you about all processing activities conducted on the data collected through the website.

PURPOSE LIMITATION OF DATA PROCESSING

All data processing activities outlined in this Privacy Policy pertain to those conducted via our website, and we only process data for the purposes described herein.

DATA STORAGE LIMITATION

As indicated in the data processing table, all data is subject to a maximum retention period. We have established protocols for reviewing and securely disposing of any data that is no longer in use due to the expiration of this retention period.

DATA INTEGRITY AND CONFIDENTIALITY

In section 2.1, we emphasize the importance of maintaining complete confidentiality regarding the data we process at www.siroko.com.

Additionally, we have established policies and protocols to ensure that the data we process are handled with all applicable protective measures. Our staff is actively trained to safeguard this data, and we conduct periodic checks to verify the effectiveness of our measures, identify potential new risks, and adapt our practices accordingly.

DATA ACCURACY

To adhere to this principle, we require that all data provided through forms be truthful and accurate whenever we request such information. At any time, you may request the rectification of your data if you need to exercise this right.

Certain data requested in our forms are mandatory, and we ensure that we only collect the minimum necessary to achieve the intended purpose, avoiding any excessive data collection. If you choose not to provide some of this information, it may hinder your ability to access our services, as the absence of specific required data may prevent us from fulfilling certain purposes.

DATA MINIMISATION

In all our data processing activities, we adhere to the principle of data minimization by only processing the data necessary to provide our services. We do not request excessive information, and we proactively consider this principle in each processing instance.

2.3 INFORMATION ON DATA RETENTION

All data is retained solely for the purposes outlined or as required by law. We do not keep any information that is not necessary for the entity's compliance obligations.

2.4 DURATION OF DATA RETENTION

We retain the data solely for the essential duration, and you can consult the information table on this page to confirm the specific retention periods for each data processing activity.

Data collected for the purpose of sending commercial communications via email: The retention period begins when the user enters their email address in the designated field for this purpose or when the customer completes a remote purchase. This period continues until the user or customer requests the withdrawal of consent and cancellation of the service by sending an email. It is also reviewed periodically, and any data that is not received by the applicant is deleted.
Customer Data: Data is stored for a maximum of 4 years.
IP data: Maximum 1 year.
User data uploaded to pages and social networks: The data is retained from the moment the user provides consent until they explicitly express their desire to withdraw that consent and discontinue their participation.
Cookies Data: As specified in the cookie policy and/or set by the user.

The user may revoke consent for the processing of their data at any time.

3. USERS' RESPONSIBILITY FOR USAGE AND CONTENT

Accessing the websites and utilizing the information and content contained within them is solely the user's responsibility.

The use of information, images, content, and/or products described and accessible through this platform shall be governed by applicable national or international laws, as well as the principles of good faith and lawful usage by Users, who shall bear full responsibility for their access and proper use.

Users are required to make reasonable use of the services or content, in accordance with the principle of good faith and in compliance with applicable laws, moral standards, public order, good practices, and the rights of third parties or SIROKO SOLUTIONS S.L., and in line with the intended purposes and capabilities of the services. SIROKO SOLUTIONS S.L. disclaims any direct or indirect liability for consequential damages or loss of profits resulting from the misuse of services or content by Users or third parties.

4. USER STATUS

Accessing and navigating the platform, as well as the submission of data through certain forms that do not involve a distance purchase or sale, confers the status of User.

It constitutes full and unconditional acceptance of all provisions contained in this Legal Notice, as published by SIROKO SOLUTIONS S.L. at the time the User accesses the website. Accordingly, the User is required to carefully review this Legal Notice each time they intend to use the Website, as it may be subject to modifications.

5. OFFICIAL LANGUAGE OF THE WEBSITE

The legally established language is SPANISH (Castilian); therefore, in the event of any translation of this Legal Notice into another language, the original clauses in Spanish shall be considered binding, both in the Legal Notice and in the service conditions.

6. SOCIAL NETWORKS

SIROKO SOLUTIONS S.L. maintains, or may establish, profiles on major social networks, where it is recognized as the data controller for the personal data provided by its users and/or followers within the company's profile.

SIROKO SOLUTIONS S.L. will process such data in accordance with the permissions granted to business profiles by the social network's policies. Consequently, SIROKO SOLUTIONS S.L. may inform its followers through any means permitted by the social network regarding its activities, new products, actions and events, as well as personalized service offers to users. SIROKO SOLUTIONS S.L. will not collect data from social networks unless explicit and specific consent is obtained from the user. The user agrees to the terms and conditions of the social networking platforms as outlined in their privacy policies.

7. INFORMATION REGARDING HYPERLINKS

www.siroko.com is not responsible for any websites that it does not own and that can be accessed through hyperlinks, nor for any content provided by third parties.

Any use of hyperlinks or access to websites not owned by www.siroko.com is at the user's sole risk. www.siroko.com does not endorse or guarantee any information obtained from external links and is not liable for any loss, claim, or damage arising from the use or misuse of a link, or information obtained through a link. This includes any issues related to other links or sites, interruptions in service or access, or attempts to use or misuse a link, whether through connecting to the www.siroko.com website or accessing information on other sites from the www.siroko.com website.

If you make a remote purchase through the website, you will be directed via a hyperlink to the payment methods. The various options we provide will connect you directly with your financial institutions for processing the payment. This system complies with PSD 2 security protocols.

The ETHICS AND WHISTLEBLOWING CHANNEL button on the website links to a digital tool designed to comply with Law 2/2023 of February 20. This tool is managed by RJA DIGITAL S.L., a Data Processor, and the information submitted through this tool is directed to HONOS ABOGADOS S.L.P., which serves as the Channel Instructor and Manager of the information received in accordance with Article 6 of Law 2/2023 of February 20.

8. DISCLAIMER AND LIMITATION OF LIABILITY

The information and services available on or accessible through the websites may include inaccuracies or typographical errors. This information is periodically updated. SIROKO SOLUTIONS S.L. reserves the right to implement improvements and/or changes to the services or content at any time.

SIROKO SOLUTIONS S.L. has obtained the information and materials included on the website from sources deemed reliable. However, while appropriate measures have been taken to ensure the accuracy of the information, it does not guarantee that it is accurate and up to date.
It is important to note that the content of this website is intended for informational purposes only, regarding the quality, location, accommodations, services, and rates of SIROKO SOLUTIONS S.L.

9. INFORMATION ON THE DISCLAIMER OF ALL LIABILITY ARISING FROM TECHNICAL AND CONTENT FAILURE

SIROKO SOLUTIONS S.L. disclaims any liability for interruptions or malfunctions of the services or content provided on the Internet, regardless of the cause.

Similarly, SIROKO SOLUTIONS S.L. shall not be held liable for network failures, loss of business resulting from such failures, temporary power supply suspensions, or any other type of indirect damage incurred by Users due to circumstances beyond the control of SIROKO SOLUTIONS S.L.

SIROKO SOLUTIONS S.L. does not guarantee that the services or content will be uninterrupted or error-free, that any defects will be corrected, or that the service or the server hosting it are free from viruses or other harmful components, despite its best efforts to prevent such issues. If the User makes decisions or takes actions based on the information provided on any of the websites, it is advisable to verify the information with additional sources.

10. INDUSTRIAL AND INTELLECTUAL PROPERTY

The content provided by SIROKO SOLUTIONS S.L., along with the content published on the network through its web pages, constitutes a work under intellectual property law and is therefore protected by applicable laws and international conventions.

www.siroko.com owns and manages various trademarks and designs registered with the relevant Intellectual and Industrial Property Protection Agencies in multiple countries. Their use is limited by legislation. Their use without the express written authorization of SIROKO SOLUTIONS S.L. is prohibited.

The content, images, forms, opinions, indexes, and other formal expressions that are part of the web pages, along with the software necessary for their operation and display, constitute a work under Copyright law and are therefore protected by applicable national intellectual property laws and international conventions. Non-compliance with the aforementioned constitutes a serious violation and may result in penalties under civil and criminal law.

Users are prohibited from engaging in any act that allows them to commercially exploit or use, directly or indirectly, in whole or in part, any of the content, images, forms, indexes, or other formal expressions on the web pages without prior written authorization from SIROKO SOLUTIONS S.L.

Specifically, and without limitation, the following acts are prohibited: reproduction, distribution, display, exhibition, transmission, retransmission, and broadcasting in any form; storage in hardware or software, including external cloud servers; digitization; or making available databases not authorized by SIROKO SOLUTIONS S.L. Additionally, translation, adaptation, arrangement, or any transformation of such opinions, images, forms, indexes, and other formal expressions made available to Users through the services or content are also prohibited, provided these acts are governed by applicable legislation on intellectual property, industrial rights, or image protection.

The use of AI generative tools to train these systems using content, trademarks, designs, images, or any other materials owned by SIROKO SOLUTIONS S.L. is strictly prohibited. Failure to comply with this warning will result in SIROKO SOLUTIONS S.L. taking necessary actions to notify and report the violation to the appropriate authorities in defense of its business rights.

SIROKO SOLUTIONS S.L. reserves the right to restrict access to the web pages and the products and/or services offered therein, as well as to control the subsequent publication of any opinions, observations, images, or comments submitted by users via email.

In this regard, SIROKO SOLUTIONS S.L. may implement, at its discretion and without affecting the sole and exclusive responsibility of the Users, the necessary filters to prevent the dissemination of content or opinions on its web pages that are deemed racist, xenophobic, discriminatory, pornographic, defamatory, or that in any way promote violence or the distribution of clearly illegal or harmful content, as prohibited under LO 10/2022 of September 6. Our regulatory compliance committee conducts periodic reviews of the website to ensure adherence to the aforementioned standards. If you encounter any content that you believe is unlawful or an advertisement that you find offensive, please report it to our Data Protection Officer (DPO) at [email protected].

Users who submit observations, opinions, or comments to the suggestions department of SIROKO SOLUTIONS S.L. via the website's email service, unless explicitly stated otherwise, are deemed to grant SIROKO SOLUTIONS S.L. the authority to reproduce, distribute, display, transmit, retransmit, broadcast in any format, store in physical or digital formats, digitize, and make available such observations, opinions, or comments from databases belonging to SIROKO SOLUTIONS S.L. This authorization extends to translation, adaptation, arrangement, or any other transformation of these submissions for the entire duration of copyright protection as legally stipulated. It is also understood that this authorization is granted at no cost, and by submitting such observations, opinions, or comments via email, users waive any claim for compensation from SIROKO SOLUTIONS S.L.

In accordance with the previous paragraph, SIROKO SOLUTIONS S.L. is also authorized to modify, remove, or alter such observations, opinions, or comments to align them with the editorial requirements of the web pages. This modification shall not be interpreted as infringing upon any moral rights of copyright that Users may hold over their submissions.

The use of any technical, logical, or technological resources that enable a third party to benefit, directly or indirectly, with or without profit, from any and all content, forms, indexes, and other formal expressions that comprise the web pages, or from the efforts made by SIROKO SOLUTIONS S.L. for their operation, is prohibited.

Specifically, any links, hyperlinks, framing, or similar connections to the SIROKO SOLUTIONS S.L. web pages are prohibited without the prior, express, and written consent of SIROKO SOLUTIONS S.L. Any violation of the provisions in this section will be regarded as a breach of the legitimate intellectual property rights of SIROKO SOLUTIONS S.L. concerning the web pages and all their contents.

SIROKO SOLUTIONS S.L. shall not be liable for any consequences resulting from the aforementioned conduct and actions. Additionally, it will not assume responsibility for the content, services, products, or any other materials of third parties that may be accessed directly or through banners, links, hyperlinks, framing, or similar connections from the SIROKO SOLUTIONS S.L. websites.

11. DISPUTE RESOLUTION

ARBITRATION AND MEDIATION FOR CONSUMERS AND USERS WITHIN EU.

This legal notice will not be filed for each individual user; rather, it will be readily accessible on this website for anyone to view at any time. It can be accessed via each user's internet connection.

Users classified as consumers or users under Spanish regulations who reside in the European Union and encounter issues with a purchase made on www.siroko.com may seek an out-of-court resolution by accessing the European Online Dispute Resolution (ODR) platform. This platform has been established by the European Union and developed by the European Commission in accordance with Regulation (EU) 524/2013. It is also outlined in the "General Conditions of Contract" and/or "Use of the Website”.

COURTS AND TRIBUNALS

If the User is not classified as a consumer or user, and unless otherwise mandated by law, the parties agree to submit to the Courts and Tribunals of Asturias, where the commercial entity owning the website is located, expressly waiving any other jurisdiction that may apply.

12. LEGISLATION

The laws governing this website are the laws of Spain.

13. ETHICS AND WHISTLEBLOWING CHANNEL

In accordance with Article 6 of Law 2/2023 of February 20, 2023, a Whistleblowing Channel has been established and is accessible via the following link: https://fdigital.es/siroko-ced/.

Legal Notice prepared by HONOS ABOGADOS S.L.P. for SIROKO SOLUTIONS S.L. in compliance with the RGPD 679/2016 on personal data protection and the LSSI-CE (Spanish Law on Information Society Services) Law 34/2002, and relevant Intellectual Property legislation. The contents of this Legal Notice are registered with the Safe Creative Intellectual Property Registry, under registration code 1602176603277. Total or partial reproduction in any printed or electronic medium is strictly prohibited.