Much more than a point of sale

This Privacy Policy explains how “us”, “we” or “our” and its affiliates collect, use, disclose, transfer, protect, store and otherwise process your information when using our Services and tells You about Your privacy rights and how the law protects You.

We are committed to the privacy and secure processing of the personal data it maintains for its Customers in an open and transparent manner. It is also committed to the collection and processing of the personal data in full compliance with the General Regulation on the Protection of Personal Data of the European Union (Regulation 2016/679) (hereafter referred to as “the Regulation”) and the legislation in force in Spain that governs the collection and processing of Personal Data of individuals.

Last updated: March 10, 2023.

Definitions

‘’Services’’ means My Favourite Shopp App as point of sale and inventory management software android application, products and services, and any features, technologies or functionality provided by those products, offered by us and the use of the www.my-favourite-shop.app web site.

“Client account” means the person or entity who registers to use the Service by creating a My Favourite Shop App account to use the app as “Client” (Facebook or Google client registration).

“Owner account” means the person or entity who registers to use the Service by creating a My Favourite Shop App account to use the app as “Owner” (email and password registration).

As explained on this website, the same email account can be used in both ways, as “Client Account” and “Owner Account”, but it is important to distinguish between the treatment of the “Service” of the application in each individual case.

In any case, the creation of an account and the use of the Services on behalf of a company or individually requires the prior and mandatory acceptance of these Terms to which you will be bound.

Data Controller and Data Processor

For the purposes of EU Privacy Law, depending on the category of Personal Data described in this Privacy Policy, we are operating as a Controller or as a Processor.

For questions related to the processing of personal data and the exercise of your rights under the RGPD, you can contact us through the email address my-favourite-shop-pos@gmail.com

Types of personal data collected
We collect and use various types of data from the people with whom we cooperate, including information by which subjects can be identified:
-“Personal data” refers to any data relating to an identified or identifiable natural person.
-“Visitors”: will define the personal information collected by our website, blog or interactive platform that we have.
-“Data subject” would be an identifiable natural person. It is someone who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental , economic, cultural or social identity of that natural person), such as their name and surname, identity number, email address, address and province and telephone number.

We are committed to protecting the privacy of the individuals on our websites, mobile applications, products and services. By registering for using our Services you acknowledge the collection, transfer, processing, storage, disclosure and other uses of your information.

“Visitors” are solely responsible for the personal data they provide on our website, blog or digital platform.

Information collected in “Owner Accounts”: personal information related to our Clients. We collect this information solely to enable us to provide our Services to those Customers of this “Owner Accounts”.

Information collected in “Customer Accounts”: personal information related to consumers with whom our Customers interact with “Owner Accounts” (such as consumers of their products or services), from whom we collect the public information of their public Facebook/Google profiles depending on the choosen form of access to the app. It includes email address, phone number, name provided in such profiles or other information.

The information provided by “Customer Accounts” to “Owner Accounts” will not be stored by us and we will not be responsible for its accuracy. In addition, only personal information required for the use of some functions such as the issuance of invoices and their sending by email may be provided.

Our customers (as users of an “Owner Account”) are solely responsible for establishing policies and ensuring compliance with all applicable laws and regulations, as well as all privacy policies, agreements or other obligations, in connection with the collection of personal data in connection with the use of our Services by people with whom our customers interact.

We collect information on mandate from our customers as users of an “Owner Account” and we do not have a direct relationship with the individuals whose personal data they process in connection with the use of our Services. If you are a “Client Account” user who provides information (including personal data) about another person, you must have the legal capacity to do so and, if necessary, inform them about how their personal data will be used (as described in this Privacy Policy).
As a user of a “Customer Account” using our Services, for example if you are a consumer of a retail store, that “Owner Account” owner is the controller of your personal data and you should contact them directly about any matter related to the management of your personal data.

Categories of collected information

1. Information provided directly in the use of the Services:
   – Account and profile information at registration when you obtain an account, when you create or modify your profile, set preferences, or make purchases through the Services (contact information such as name, email address and country, profile information such as business phone number and preference information, such as notifications and marketing preferences).
   -Operating data: We store information that you enter or send through our Services, (information about products and services sold by the user of an “Owner Account” such as inventory data, purchases and sales, prices, taxes and other related) and information about the “Owner Account” user or the business of the “Owner Account” user (business data, name, address and others related to identification).
   – Support information: When contacting our customer service, sending information about problems, requests or suggestions about the Service (contact information, suggestion, summary of the problem, any documentation, screenshots or information provided).
   – Payment information. We collect payment and billing information when certain Services are purchased (card and payment data, which we collect through secure payment processing services).
   – Other submissions. We ask your consent to collect personal information from you when you submit web forms on our websites or when you participate in any interactive features of our Services, participate in a survey, promotion, activity or event, request customer support, communicate with us via third party social media sites, or otherwise communicate with us.
   – Other collections of information. We request your consent to collect your personal information when you contact Us through web forms on this page or when you participate interactively in our Services, surveys, promotions, activities, request customer support, communicate with us through third parties, through social networks, or otherwise.
2. Information collected automatically when you use our services:
   – Access log: We save and store information in log files when you interact with our website and Services through the app. This information includes Internet Protocol (IP) addresses, as well as browser type, URLs of referring/exit pages, operating system, language and location preferences, timestamp of server registration, search history, numbers device identification and system configuration information. If we connect personal information with information collected in our log files as necessary to improve our Services we will treat the combined information in accordance with this Privacy Policy.
3. Information we receive from other sources

We collect information from other sources, such as our business partners. We do not control, monitor or are responsible for the manner in which the third parties that provide your information process your personal data, and any request for information regarding the disclosure of your personal information should be directed to such third parties.

Legal basis for processing

We collect and process information about you only on the legal basis to do so under applicable EU laws. The legal bases depend on the Services you use and how you use them. This means that we collect and use your information only when:
– It is information necessary to provide the requested Services, provide customer service and to protect the security of the Services.
– Satisfies a legitimate interest (which is not overridden by your data protection interests), such as research and development, marketing and promoting the Services, and protecting our legal rights and interests.
– We need to process your data to comply with a legal obligation.
– We have the consent of the user of our digital platforms to do so for a specific purpose.
Consent to the use of your personal or business information for a specific purpose is revocable at any time and will not affect any processing that has already taken place based on that consent.

Personal information use

• Use of the Services provided by the app and the website.
• Communication between “Owner Accounts” and “Customer Accounts”.
• Send you advertising, alerts about new features or the use of existing features.
• Promotional messages and other information that may interest to you, including information about us, our Services or general promotions for marketing partner campaigns and services and only if you have authorized it. You can unsubscribe or stop receiving these communications at any time.
• Measuring, customizing and improving the Services and developing new products.
• Send you service, support and administrative messages, reminders, technical notices, updates, security alerts and responses to requests made by you as a user or potential user.
• Investigate and prevent fraudulent transactions, unauthorized access to the Services, and other illegal activities.

Shared information

In using our Services, we may share your information only as described below:
Service providers, business partners and others
We use and work with third party service providers and our trusted business partners to provide application development, hosting, website, infrastructure, maintenance, support, payment processing, customer relationship management, marketing, accounting, human resources, intelligence and business analytics, data enrichment, customer support, and other infrastructure that support our services. These service providers may have access to or process your information in order to operate our services. Some of our pages use white-label techniques to serve content from our service providers while providing the look and feel of our site. Please note that you are providing your information to these third parties who are acting on our behalf and your location may be in other countries than your own.

Compliance with Laws and Protection of Rights

In certain situations, we may be required to use and disclose your information (including personal information) to a third party if we believe disclosure is reasonably necessary:
– To comply with any applicable law, legal process (for example, subpoenas and warrants) or governmental request.
– To enforce and administer our agreements, policies and terms of use.
– To protect the property, rights, and our safety of, our Customers or the public from harm or illegal activities.
– For fraud prevention, risk assessment, investigation, customer support, product development or debugging purposes.
– To protect the rights, property or our personal safety, its users or members of the public.
– To establish or exercise our legal rights or defend ourselves against any third-party claims or allegations.

Business transfers

In the event of initiating or being involved in a merger, acquisition, reorganization, sale of assets, bankruptcy or insolvency, we may transfer or share some or all of our assets, including your personal information. In this case, we will notify you before your personal information is transferred and becomes subject to a different privacy policy.

Non-Identifying or Aggregated Data

We may share aggregated or other non-personal information that does not directly identify you with third parties in order to improve our Services.

Your privacy rights

Subject to the provisions of the General Data Protection Regulation, you have the following rights in regard to your Personal Data (please note, these rights are not absolute and, in some cases, they are subjected to conditions as defined by law):
– Right of Access: You have the right to access your own Personal Information through the platform, as well as the right to request a copy of your personal information that is maintained and processed by us.
– Right to Erasure: You have the right to request the deletion of Personal Data only if one of the following reasons is true:
– Personal Data are no longer necessary in relation to the purposes for which they were collected or processed.
– If the processing is based on your consent and you have withdrawn this consent (on which processing is based) in accordance with Articles 6.1.a and 9.2.a of the Regulation and if no other legal basis for processing applies.
– If you object to processing in accordance with Article 21.1 of the Regulation and there are no compelling and legitimate reasons for processing.
– If Personal Data has been processed illegally.
– If Personal Data should be deleted in compliance with a legal obligation under Union law to which our company is subject to.
– If the Personal Data have been collected in relation to the provision referred to in Article 8.1 of the Regulation.
– Right to Object: Object to the processing of your Personal Data for marketing purposes or on grounds relating to your situation.
– Right to Restriction of Processing: Request the restriction of the processing of your Personal Data in specific cases.
– Right to data portability: to receive your personal data in a readable format and send it to another controller (“data portability”).
– Right to Object and Automated Individual Decision-Making (Including Profiling): Request that decisions based on automated processing concerning you or significantly affecting you and based on your Personal Data are made by natural persons, not only by computers. You also have the right in this case to express your point of view and to contest the decision.
– If you are an individual user of an “Client account” of our Service who interacts with a customer user of an “Owner account” using our Services – for instance if you’re an employee or consumer – that “Owner Account” is the controller of your information. If this is the case, please direct your data privacy request and questions to that controller.

You can request to exercise these rights by emailing my.favourite.shop.pos@gmail.com

Our global operations (including transfers of data from your home country to another)

To bring you Services, we operate globally. In order to do so, your personal information may be transferred to, and processed in countries other than the country you live in, outside of your home country, including the United States. These countries may have laws different to what you’re used to. Rest assured, where we disclose personal data to a third party in another country, we put safeguards in place to ensure your personal data remains protected.

Specifically, we host the data with Google’s Firebase in the USA. The servers on which personal information is stored are kept in a controlled environment.

European Economic Area (EEA) users: This means that your information may be transferred outside of the EEA. Where your personal information is transferred outside the EEA, it will only be transferred to countries that have been deemed to provide adequate protection for EEA information, or to a third party where we have approved transfer mechanisms in place to protect your personal information – i.e. European Commission’s Standard Contractual Clauses.

How long we retain your information

We generally retain your information only as long as reasonably necessary to provide you the Services or to comply with applicable law.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it.

Use of services by children

The Services are not directed to persons under the age of 18. We do not knowingly collect personal information from children under the age of 18. If we become aware that a child under the age of 18 has provided us with personal information, we will take steps to delete that information. If you become aware that a child has provided us with personal information, please contact us at my-favourite-shop-pos@gmail.com

Security

We take appropriate security technical and organisational measures (including physical, electronic and procedural measures) to safeguard your Personal Information from unauthorized access, unlawful use, intervention, modification or disclosure under the requirements of the Regulation.
Where data is transferred over the Internet as part of the Services, the data is encrypted using industry standard TLS (HTTPS).

Updates to our privacy policy

We reserve the right to change this Privacy Policy. The changes will be published on this web page. If you do not agree to these changes, you may cancel your account at any time and/or stop using our Services. Your use of the Services after any changes to the Privacy Policy constitutes your acceptance of those changes.

More information

If you have any questions about this Privacy Policy or our privacy practices, please contact us at my-favourite-shop-pos@gmail.com or at our mailing address below:

Francisco Javier Cristóbal Ferrero
Pza. Calandria, 2 3 I 40100 San Ildefonso – Segovia – España

If you have a concern about the way we are collecting or using your personal data, you should raise your concern with us in the first instance or directly to the office of the Commissioner for the Protection of Private Data.