COLLECTION OF INFORMATION
The information collected through our website can be divided in two categories: personal data (e.g. names, e-mail addresses); and aggregate data (e.g. website traffic statistics like daily website visitors). The entity responsible for managing and securing data is Contador & Basso Group S.L., with legal address in Spain, Calle Milanos 8, Nave 29, 28320 Pinto, Corporate Register/ VAT number ESB88553292. Contador & Basso Group S.L. autonomously determines data management policy, security and privacy procedures, data integrity and availability.
Personal data is collected from you when you provide AURUM your personal information, for example when subscribing to our newsletter or other services, replying to polls, purchasing on the Store, or registering for promotional activities and sales.
|Type of contact between yourself and AURUM||Type of data we collect|
|Purchase of goods or services from our website||Name, address, telephone number, fiscal code, e-mail address.|
|Registration for our newsletter||E-mail address|
|Website account, blog comment||Name, e-mail address|
|Request for assistance or information||Name, e-mail address, telephone number (not compulsory), country|
|Product registration on our website||Name, e-mail address, telephone number(not compulsory), country (not compulsory), dealer’s name, dealer’s address (not compulsory), receipt|
Some services require you to fill-in a form, for example when you make a purchase at our online store, in which you are asked to provide personal data. In other cases, providing personal data may be optional. Where fill-in forms require you to input personal data, mandatory input fields are clearly marked with an asterisk (*). If you choose not to fill in a mandatory input field, the service cannot be provided. Input fields that seek additional user data from the user, but are not mandatory, do not need to be completed in order to access the requested service.
Aggregate data, for example web pages visited, or miscellaneous information provided voluntarily, such as replies to polls, are collected in different ways. Navigation statistics on the website are also monitored to track information such as the first URL accessed, the following URL, the browser used, the IP address, and so on. Our web servers (servers that host our web pages) automatically identify a user’s enquiry device and records their IP address used. The IP address is not linked to any identifiable user’s personal information and, even if the navigation session is recorded, users remain completely anonymous.
USE OF PERSONAL DATA
AURUM will use personal and aggregate data it receives for the following purposes:
- to personalize and continually improve your use of the website and of the Store;
- to manage your requests;
- to manage online orders inside the Store.
The treatments put in place for these purposes are necessary for the fulfilment of contractual obligations and do not require specific consent from the interested party:
- to communicate with you regarding the products and services we provide, including products sales and promotions;
- to perform system administration activities.
The treatments put in place for these purposes are based on a legitimate interest of AURUM:
- To verify your compliance with requirements for medical certification.
The treatments put in place for these purposes are carried out with your specific consent:
- To send you our newsletter and information about our products and services.
The treatments put in place for these purposes are carried out with the specific consent provided by you, except for commercial communications relating to products and/or services similar to those already purchased and/or subscribed by you for whom the processing is based on a legitimate interest of AURUM.
AURUM does not store personal data longer than necessary for the purpose for which it was provided or required by law.
The data relating to the navigation logs, if registered, will be stored for a period of 7 days. The data you provide will be processed for the entire duration of our contractual relationship and further stored exclusively for the period required for the fulfilment of legal obligations, provided that it is not necessary to further store them to protect or assert a right or to fulfil any further legal obligations or orders of the Authorities.
You have the right to exercise your rights according to the methods and within the limits established by the current privacy legislation. In relation to the processing of your personal data, you have the right to contact us at email@example.com to exercise your rights to any of the following:
- Correction: you may request to rectify or supplement the data that you have provided to us or that is otherwise in our possession, if inaccurate;
- Erasure (“Right to be forgotten”): you may ask that the data acquired or processed by us are cancelled, if they are no longer necessary for our purposes or where there are no disputes or disputes in existence, in the event of withdrawal of consent or objection to processing, in case of unlawful processing, or if there is a legal obligation to erase these personal data;
- Restriction: you may request the restriction of the processing of your personal data, when one of the conditions applies:
- You have contested the accuracy of the personal data, for a period enabling us to verify the accuracy of the personal data;
- the processing is unlawful, and you oppose the erasure of the personal data and request the restriction of their use instead;
- we no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims;
- you have objected to processing pursuant to Article 21(1) of the GDPR pending the verification whether our legitimate grounds override yours.
In this case, your personal data will only be processed, with the exception of storage, with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.
- Objection: you may object at any time to the processing of your data on the basis of our legitimate interest, unless there are legitimate reasons for proceeding to the treatment that prevail over your interest. For example, for the exercise or our defence in judicial seat; your objection will always prevail over our legitimate interest in processing your data for marketing purposes;
- Portability: you may ask to receive your data or end them to another data controller indicated by you, in a structured, commonly used and machine-readable format.
You may also update your data directly logging in the user area of the website. Further, you may unsubscribe to our advertisement e-mails clicking on the link displayed in the e-mail for this purpose, or by replying to such e-mail writing “UNSUBSCRIBE” in the object or text of the message.
The exercise of any of your aforementioned rights is free of charge, unless the request is clearly unfounded or excessive. Alternatively, we may refuse to accommodate the request.
In order to respond to your request, we may need to ask you to provide us with certain information or documentation to verify your identity, in order to make sure that any personal data is not disclosed to a person not entitled to receipt of such data.
If the response to your requests was not satisfactory in your opinion, you can contact us on firstname.lastname@example.org. Also, in reference to the art. 7, par. 3, GDPR ,you have the right to submit a complaint to the “Agencia Española de Protección de Datos” ( Authority for the Protection of Personal Data) via http://www.agpd.es or your local data protection authority in the ways provided by Applicable Regulations.
In order to collect information, our website uses “cookies”. A cookie is a small file that almost all websites write to the enquiry device to store certain information during web navigation. Cookies allow us to measure activities inside different areas/ menus of the website and to enhance user navigation experience, for example recording passwords or preferred pages, in order to visit different areas, or the website, without registering every time. Cookies also allow us to collect navigation statistics and to continuously improve and upgrade the website depending on areas more or less visited. We don’t collect in any way cookies for getting access to personal information stored on users’ devices not already directly sent inside the cookie.
In detail, this website may use, also in combination with each other, the following types of cookies classified according to the indications of the Data Protection Authority and the Opinions issued in the European context by the Working Group pursuant to art. 29 of the GDPR:
- Session, are cookies that are not stored permanently on the user’s computer and are deleted by closing the browser, are strictly limited to the transmission of session identifiers necessary to allow safe and efficient exploration of the site avoiding the appeal to other computer techniques that could potentially compromise the privacy of users’ browsing.
- Persistent, are the cookies that remain stored on the hard disk of the computer until their expiration or cancellation by users/visitors. Through persistent cookies visitors who access the site (or any other users who use the same computer) are automatically recognized at each visit. Visitors can set their computer’s browser in such a way that they accept/refuse all cookies or display a warning whenever a cookie is proposed, in order to evaluate whether to accept it. The user can, however, change the default configuration and disable cookies (i.e. block them permanently), setting the highest level of protection.
- Technical, are the cookies used to authenticate, to take advantage of multimedia content such as flash player. In general, it is therefore not necessary to obtain the preventive and informed consent of the user. This also includes cookies used to statistically analyse accesses/visits to the site only if used exclusively for statistical purposes and through the collection of information in aggregate form.
- Non-technical, they are all cookies used for profiling and marketing purposes. Their use on users’ terminals is forbidden if they have not been adequately informed before and have not given a valid consent according to the opt-in technique. These types of cookies are, in turn, grouped according to the functions they perform.
- Analytics: AURUM uses the anonymous version of Google Analytics, so the website cannot trace the users’ IP
- Widgets, fall into this category all those graphic components of a user interface of a program, which aims to facilitate the user in the interaction with the program itself. The active widgets are
AURUM is not making use of these messages or data other than to follow up on users’ registered issues or inquiries. Your personal data will be processed and transmitted in accordance with the General Data Protection Regulation (GDPR).
With the Tag Manager, for Facebook and Google, we track:
- Http Headers – Anything present in HTTP headers. HTTP Headers are a standard web protocol sent between any browser request and any server on the internet. HTTP Headers include IP addresses, information about the web browser, page location, document, referrer and person using the website.
- Button Click Data – Includes any buttons clicked by site visitors, the labels of those buttons and any pages visited as a result of the button clicks.
The majority or web browser is already set for accepting cookies. If you want, you can set your device’s preferences to stop or notify when sending cookies. This may prevent the services provided by this website from operating as intended.
PROVISION OF PERSONAL DATA TO THIRD PARTIES
AURUM will not sell or rent your personal information to third parties without your explicit consent, unless these third parties are its subsidiaries, affiliates, licensee, partners, website hosting providers, or other subjects that cooperate with AURUM in managing the website. Aggregated (anonymous) user data may be shared with third parties for promotional purposes. Personal data is shared with logistics partners and with couriers only for online sales transactions, in order to deliver you the products you ordered. Personal information may also be shared with third parties where AURUM believes this is necessary to fulfil your request, enforce AURUM’s rights, protect personal safety, or to comply with applicable laws and/or orders from a competent authority or court.
AURUM shall take appropriate organizational and technical measures to protect the personal information you provided. Users’ information provided inside the website are protected by password, in order to be accessed by the user only. It’s highly recommended not to tell username and password to other people. Our security measures include firewalls, encryption of data and confidentiality obligations of those within our organization who can take note of your personal data.
Nevertheless, AURUM cannot guarantee that the security measures adopted for the protection of the website and the transmission of data and information through the website will prevent or exclude any risk of unauthorized access to or loss of data. It is advisable that your device be equipped with software to securely protect of network data transmission and receipt, that you regularly change your password and do not share this with others.
LINKS TO OTHER WEBSITES
Our website may contain hyperlinks to websites of third parties without any relation with www.aurumbike.com or with AURUM. These websites are not under our control and we are therefore not responsible or liable for their content in any way.
AURUM provides links to other websites only to assist users’ navigation:
- Facebook: if you give the consent, through the site, Facebook may process your data to allow you a browsing experience enriched with features and services of social networks – https://www.facebook.com/policies/cookies/
- Twitter: if you give your consent, through the site, Twitter may process your personal data to allow you a browsing experience enriched with features and services of social networks
- Instagram: if you give your consent, through the site, Instagram may process your personal data to allow you a browsing experience enriched with features and services of social networks – https://help.instagram.com/1896641480634370?ref=ig
- YouTube: if you give your consent, through the site, YouTube may process your personal data to allow you a browsing experience enriched with features and services of social networks – https://www.youtube.com/account_privacy
- Google Analytics – Google Analytics can collect traffic data through Google advertising cookies and anonymous identifiers, as well as data collected through a standard Google Analytics implementation. The site collects and uses data from advertising based on the interests of Google or the data on third-party public (eg age, gender and interests) of Google Analytics only for statistical purposes and public analysis.
- Strava: if you give your consent, through the site, YouTube may process your personal data to allow you a browsing experience enriched with features and services of social networks – https://www.strava.com/legal/privacy
The data are collected and aggregated anonymously using proprietary or third-party software (eg Google Analytics).
You can disable Google Analytics for display advertising and customize your ads on the Google Display Network in the following ways: