Privacy Policy
LEGAL INFORMATION
Bawler Europe, SL
NIF: B42985135
Carrer de la Bassa Rodona 7
Sitges 08870
support@vapepenseurope.com
www.vapepenseurope.com
We respect your privacy and are committed to protecting it by complying with this privacy policy (“Policy”). This Policy describes the types of information we may collect from you or that you may provide (“Personal Data”) on the vapepenseurope.com website (“Website” or “Service”) and any of its related products and services (collectively, “Services”). Explains how we collect, store and use your personal data when you browse the vapepenseurope.com website. It also describes the choices available to you regarding our use of your personal data and how you can access and update it.
This Policy is a legally binding agreement between you (“User”, “you” or “your”) and Bawler Europe, SL (doing business as “Vape Pens Europe”, “we”, “our” or “us”). “). If you are entering into this agreement on behalf of a company or other legal entity, you represent that you have the authority to bind such entity to this agreement, in which case the terms “User”, “you” or “your” shall refer to such entity. If you do not have such authority, or if you do not agree to the terms of this agreement, you must not accept this agreement and may not access and use the Website and Services. By accessing and using the Website and Services, you acknowledge that you have read, understood and agreed to the terms of this Policy. This Policy does not apply to the practices of companies that we do not own or control, or to people that we do not employ or manage.
Automatic information collection
Our top priority is the security of customer data and, therefore, we apply a no data logging policy. We can only process a minimum of user data, only to the extent that it is absolutely necessary to maintain the website and services. The information collected automatically is used solely to identify possible cases of abuse and establish statistical information about the use and traffic of the Website and Services. This statistical information is not aggregated in a manner that would identify any specific user of the system.
Collection of personal data
You may access and use the Website and Services without telling us who you are or revealing any information by which anyone could identify you as a specific, identifiable individual. However, if you wish to use some of the features offered on the Website, you may be asked to provide certain personal information (for example, your name and email address).
We receive and store all information that you provide to us, knowing that when you create an account, make a purchase or fill out any online form on the website. When required, this information may include the following
- Account details (such as username, unique user ID, password, etc.)
- Geolocation data from your device (such as latitude and longitude)
- Any other material that you voluntarily send to us (such as articles, images, comments, etc.)
Some of the information we collect comes directly from you through the Website and Services. However, we may also collect personal data about you through other sources, such as public databases and our common marketing partners.
You may choose not to provide us with your personal information, but you may not be able to take advantage of some of the website’s features. Users who are not sure what information is required can contact us.
Children’s privacy
We do not knowingly collect any personal data from children under 18 years of age. If you are under 18 years of age, please do not submit any personal information through the Website and Services. If you have reason to believe that a child under the age of 18 has provided personal information to us through the Website and Services, please contact us to request that we delete that child’s personal information from our services.
We encourage parents and legal guardians to monitor their children’s Internet use and to help enforce this Policy by instructing their children never to provide Personal Information through the Website and Services without their permission. We also ask all parents and legal guardians supervising the care of children to take necessary precautions to ensure that their children are instructed never to provide Personal Information when online without their permission.
Use and processing of the information collected
We act as a data controller and data processor in terms of the GDPR when we handle Personal Data, unless we have entered into a data processing agreement with you, in which case you would be the data controller and we would be the data processor.
Our role may also vary depending on the specific situation involving personal information. We act in our capacity as data controllers when we ask you to send us your Personal Information, which is necessary to ensure your access to and use of the Website and Services. In such cases, we are a data controller as we determine the purposes and means of processing Personal Information and comply with the obligations of data controllers set out by the GDPR.
We act as data processors in situations where you submit personal information through the Website and Services. We do not own, control or make decisions about the Personal Information submitted, and such Personal Information is processed solely in accordance with your instructions. In these cases, the user who provides the personal information acts as a data controller in terms of the GDPR.
To make the Website and Services available to you, or to comply with a legal obligation, we may need to collect and use certain personal information. If you do not provide the information we request, we may not be able to provide you with the requested products or services. All information we collect from you may be used for the following purposes.
- Fulfill and manage orders
- Deliver products or services
- Manage and operate the website and services
The processing of your personal data depends on the way in which you interact with the website and services, where you are located in the world and whether one of the following circumstances applies (i) you have given your consent for one or more specific purposes; this, however, does not apply, provided that the processing of Personal Information is subject to European data protection law; (ii) the provision of information is necessary for the performance of an agreement with you and/or for any pre-contractual obligations thereof; (iii) the processing is necessary for compliance with a legal obligation to which you are subject; (iv) the processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in us; (v) processing is necessary for the purposes of the legitimate interests pursued by us or by a third party.
We rely on the following legal bases defined by the GDPR on which we collect and process your personal data:
- User consent
Please note that under some legislations we may be permitted to process information until you object to such processing by opting out, without having to rely on consent or any other of the above legal bases. In any case, we will be happy to clarify the specific legal basis that applies to the process, and in particular whether the provision of the Personal Data is a legal or contractual requirement, or a requirement necessary to enter into a contract.
Payment processing
For Services that require payment, you may be required to provide your credit card or other payment account information, which will be used solely to process payments. We use third-party payment processors (“Payment Processors”) to help us process your payment information securely.
Payment processors adhere to the latest security standards managed by the PCI Security Standards Council, which is a joint collaboration between credit/debit cards such as Visa, MasterCard and American Express. The exchange of confidential and private data takes place over a secure SSL communication channel and is encrypted and protected with digital signatures. In addition, the website and services comply with strict vulnerability rules in order to create the safest possible environment for users. We will share payment data with Payment Processors only to the extent necessary to process your payments, refund such payments and handle complaints and queries relating to such payments and refunds.
Please note that Payment Processors may collect some Personal Data from you, which allows them to process your payments (for example, your email address, address, credit card details and bank account number) and manage all payments. steps of the payment process through their systems, including data collection and processing. Payment processors’ use of your personal data is governed by their respective privacy policies, which may or may not contain privacy protections as protective as this Policy. We suggest that you review their respective privacy policies.
Information management
You may delete certain personal information we have about you. The personal data that you can delete may change as the website and services change. However, when we delete Personal Data, we may maintain an unreviewed copy of the Personal Data in our records for as long as necessary to fulfill our obligations to our affiliates and partners, and for the purposes described below. If you wish to delete your Personal Data or permanently delete your account, you may do so on your account settings page on the Website or by simply contacting us.
Publication of information
Depending on the Services requested or as necessary to complete any transaction or provide any Service you have requested, we may share your information with our affiliates, contracted companies and service providers (collectively, “Service Providers”) that we trust. This serves to assist in the operation of the Website and Services available to you and to ensure that the privacy policies are consistent with ours or that you agree to abide by our policies with respect to Personal Information. We will not share any personally identifiable information with third parties and we will not share any information with unaffiliated third parties.
Service providers are not authorized to use or disclose your information except as necessary to perform services on our behalf or comply with legal requirements. Service Providers receive the information they need only to perform their designated functions, and we do not authorize them to use or disclose any of the information provided for their own marketing or other purposes.
We may also disclose any personal information we collect, use or receive if required or permitted by law, such as to comply with a subpoena or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
In the event we go through a business transition, such as a merger or acquisition by another company, or the sale of all or a portion of its assets, your user account and personal data will likely be transferred within the assets.
Conservation of information
We will retain and use your personal data for the period necessary for as long as your user account remains active, to enforce our agreements, resolve disputes and, unless a longer retention period is required or permitted by law, up to a maximum of 60 months.
We may use any aggregated data derived from or incorporating your personal information after you update or delete it, but not in a manner that personally identifies you. Once the retention period expires, Personal Data will be deleted. Therefore, the right of access, the right to deletion, the right to rectification and the right to data portability cannot be claimed after the expiration of the retention period.
Transfer of information
Depending on your location, data transfers may involve transferring and storing your information in a country other than your own. However, this will not include countries outside the European Union and the European Economic Area. If any such transfer occurs, you can obtain more information by consulting the relevant sections of this Policy or by inquiring from us using the information provided in the contact form.
Data protection rights under the GDPR
If you are a resident of the European Economic Area (“EEA”), you have certain data protection rights and we aim to take reasonable steps to allow you to correct, amend, delete or limit the use of your Personal Data. If you would like us to inform you of the personal data we hold about you and if you would like us to delete it from our systems, please contact us. In certain circumstances, you have the following data protection rights:
(i) You have the right to withdraw consent where you have previously given your consent to the processing of your Personal Information. To the extent the legal basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. The withdrawal will not affect the legality of the previous processing of the withdrawal.
(ii) You have the right to know whether your Personal Data is being processed by us, to obtain information about certain aspects of the processing and to obtain a copy of your Personal Data being processed.
(iii) You have the right to verify the accuracy of your information and request that it be updated or corrected. You also have the right to ask us to complete personal information that you consider to be incomplete.
(iv) You have the right to object to the processing of your information if the processing is carried out on a legal basis other than consent. Where Personal Data is processed for the public interest, in the exercise of an official authority vested in us, or for the purposes of the legitimate interests pursued by us, you may object to such processing by providing a reason related to your particular situation to justify the processing. objection. You should know that, however, if your Personal Data is processed for direct marketing purposes, you can object to such processing at any time without having to provide any justification. To find out if we are processing Personal Data for direct marketing purposes, you can consult the corresponding sections of this Policy.
(v) You have the right, in certain circumstances, to restrict the processing of your Personal Data. These circumstances include: the accuracy of your Personal Data is disputed by you and we must verify its accuracy; the processing is unlawful, but you oppose the deletion of your Personal Data and request the restriction of its use instead; We no longer need your Personal Data for the purposes of the processing, but you need it to establish, exercise or defend legal claims; you have objected to the processing pending verification whether our legitimate reasons override your legitimate reasons. Where processing has been restricted, such personal information will be marked accordingly and, with the exception of storage, will only be processed with your consent or for the establishment, exercise or defense of legal claims, for the protection of the rights of another person physical or legal or for reasons of important public interest.
(vi) You have the right, in certain circumstances, to have your Personal Data deleted. These circumstances include: the personal information is no longer necessary in relation to the purposes for which it was collected or otherwise processed; you withdraw consent to consent-based processing; you object to the processing under certain rules of applicable data protection law; the processing is for direct marketing purposes; and the personal data have been processed illegally. However, there are exclusions from the right of deletion, such as when processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation or for the establishment, exercise or defense of legal claims.
(vii) You have the right to receive the Personal Data that you have provided to us in a structured, commonly used and machine-readable format and, if technically possible, to have it transmitted to another controller without any hindrance from us, provided that such transmission does not adversely affect the rights and freedoms of third parties.
(viii) You have the right to lodge a complaint with a data protection authority about our collection and use of your personal data. If you are not satisfied with the outcome of your complaint directly to us, you have the right to lodge a complaint with your local data protection authority. For more information, please contact your local data protection authority in the EEA. This provision is applicable provided that your Personal Data is processed by automated means and that the processing is based on your consent, on a contract to which you are part or on pre-contractual obligations thereof.
How to exercise your rights
Any requests to exercise your rights can be directed to us using the contact details provided in this document. Please note that we may ask you to verify your identity before responding to such requests. Your request must provide sufficient information to allow us to verify that you are the person you claim to be or that you are the authorized representative of that person. If we receive your request from an authorized representative, we may request evidence that you have provided such authorized representative with power of attorney or that the authorized representative otherwise has valid written authority to submit requests on your behalf.
You must include sufficient details to allow us to properly understand and respond to the request. We cannot respond to your request or provide you with Personal Data unless we first verify your identity or authority to make such a request and confirm that the Personal Data relates to you.
Cookies
Our website and services use “cookies” to help personalize your online experience. A cookie is a text file that is placed on a hard drive of the web page server. Cookies cannot be used to run programs or introduce viruses to your computer. Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie to you. You can learn more about cookies and how they work here.
We may use cookies to collect, store and track information for security and personalization purposes, and for statistical purposes. Please note that you have the option to accept or reject cookies. Most browsers automatically accept cookies by default, but you can modify your browser setting to decline cookies if you prefer.
Do Not Track Signs
Some browsers incorporate a “Do Not Track” feature, which tells websites you visit that you do not want to have your online activity tracked. Tracking is not the same as using or collecting information in connection with a website. For these purposes, tracking refers to the collection of personally identifiable information from consumers who use or visit a website or online service as they move between different websites over time. The way browsers communicate the “Do Not Track” signal is still not uniform. Therefore, the Website and Services are not yet configured to interpret or respond to Do Not Track signals communicated by your browser. Still, as described in more detail throughout this Policy, we limit the use and collection of your Personal Data.
Advertising
We may allow certain third party companies to help us tailor advertising that we believe may be of interest to users and to collect and use other data about users’ activities on the website. These companies may offer advertisements that may place cookies and track user behavior.
Email Marketing
We offer electronic newsletters that you can voluntarily subscribe to at any time. We are committed to maintaining the confidentiality of your email address and will not disclose your email address to third parties, except as permitted in the information use and processing section. We will maintain information sent via email in accordance with applicable laws and regulations.
In compliance with the CAN-SPAM Act, all emails sent by us will clearly state who the email is from and provide clear information on how to contact the sender. You may opt out of receiving our newsletter or marketing emails by following the unsubscribe instructions included in these emails or by contacting us. However, you will still receive essential transactional emails.
Affiliate links
We may engage in affiliate marketing and have affiliate links present on the Website and Services in order to be able to offer you related or additional products and services. If you click on an affiliate link, a cookie will be placed on your browser to track sales for commission purposes.
Links to other resources
The Website and Services contain links to other resources that are not owned or controlled by us. Please be aware that we are not responsible for the privacy practices of such other resources or third parties. We encourage you to be aware when you leave the Website and Services and to read the privacy statements of each and every resource that may collect Personal Data.
Security of the information
We secure the information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use or disclosure. We maintain reasonable administrative, technical, and physical safeguards in an effort to protect against unauthorized access, use, modification, and disclosure of personal information under our control and custody. However, data transmission over the Internet or wireless network cannot be guaranteed.
Therefore, while we strive to protect your Personal Information, you acknowledge that (i) there are security and privacy limitations of the Internet that are beyond our control; (ii) the security, integrity and privacy of all information and data exchanged between you and the Website and Services cannot be guaranteed; and (iii) such information and data may be viewed or manipulated in transit by a third party, despite best efforts.
Because the security of personal information depends in part on the security of the device you use to communicate with us and the security you use to protect your credentials, we ask that you take appropriate steps to protect this information.
Data Violation
In the event that we become aware that the security of the Website and Services has been compromised or that Users’ Personal Data has been disclosed to unrelated third parties as a result of external activity, including, but not limited to security attacks or fraud, we reserve the right to take reasonably appropriate measures, including, but not limited to, investigation and reporting, as well as notification to and cooperation with law enforcement authorities. In the event of a data breach, we will make reasonable efforts to notify affected individuals if we believe that there is a reasonable risk of harm to the user as a result of the breach or if notification is required by law. When we do, we will send you an email.
Changes and modifications
We reserve the right to modify this Policy or its terms relating to the Website and Services at any time and at our discretion. When we do, we will revise the update date at the bottom of this page. We may also notify you in other ways at our discretion, such as through contact information you have provided to us.
An updated version of this Policy will be effective immediately upon posting of the revised Policy, unless otherwise specified. Your continued use of the Website and Services after the effective date of the revised Policy (or any other act specified at that time) will constitute your consent to such changes. However, we will not, without your consent, use your personal data in a manner materially different from that established at the time your personal data was collected.
Acceptance of this policy
You acknowledge that you have read this Policy and accept all its terms and conditions. By accessing and using the Website and Services, and by submitting your information, you agree to be bound by this policy. If you do not agree to comply with the terms of this Policy, you are not authorized to access or use the Website and Services.
How to get in touch with us
If you have any questions, concerns or complaints about this Policy, the information we have about you, or if you wish to exercise your rights, we recommend that you contact us using the details below:
We will try to resolve complaints and disputes and will make all reasonable efforts to fulfill your wish to exercise your rights as quickly as possible and, in any case, within the time limits provided for by applicable data protection legislation.
This document was last updated on May 2, 2024