Privacy Policy

At Aznar Textil, S.L.U., we consider the protection of personal data as a fundamental aspect of our relationship with customers, suppliers and users of our website. This privacy policy establishes in a transparent and detailed manner how we collect, process, store and protect your personal information, strictly complying with the General Data Protection Regulation (GDPR - EU Regulation 2016/679) and Organic Law 3/2018 on Personal Data Protection and guarantee of digital rights.

Your privacy is an absolute priority for our organization, and we are committed to implementing the highest technical and organizational security measures to ensure comprehensive protection of your personal data.

We recommend that you read this policy carefully to fully understand how we treat your personal information and what your rights are as data subject.

The controller of personal data collected through this website and other contact means is:

As data controller, Aznar Textil, S.L.U. is committed to complying with all obligations established in data protection regulations and to guaranteeing the exercise of data subjects' rights.

The personal data we collect is processed for the following specific and legitimate purposes:

• Management of inquiries and communications: Respond to information requests, technical inquiries, quotes and communications sent through contact forms, email or phone.
• Commercial and contractual relationship: Manage commercial relationships with customers, including quote preparation, order management, billing and service follow-up.
• Marketing and commercial communications: Send information about products, services, news and commercial promotions, only when you have given your express consent.
• Web analysis and service improvement: Analyze browsing behavior through analytical cookies to improve website functionality and user experience.
• Compliance with legal obligations: Comply with tax, accounting, labor and other regulations applicable to our business activity.
• Human resources management: Process candidate and employee data for selection processes and labor management.

The processing of your personal data is based on the following legal bases in accordance with the GDPR:

• Data subject consent (art. 6.1.a GDPR): For processing data for direct marketing purposes, commercial communications and the use of non-essential cookies. This consent can be withdrawn at any time.
• Contract performance or pre-contractual measures (art. 6.1.b GDPR): For managing commercial requests, quote preparation, execution of sales contracts and service provision.
• Legal obligation compliance (art. 6.1.c GDPR): To comply with tax, accounting, labor and other regulations applicable to our business activity.
• Legitimate interest (art. 6.1.f GDPR): For improving our services, statistical analysis of the website, fraud prevention and complaint management, provided that the data subject's fundamental rights and interests do not prevail.

Personal data will be retained only for the time strictly necessary to fulfill the purposes for which they were collected, respecting the following criteria:

• Contact data and inquiries: Will be retained for 3 years from the last communication, unless you request deletion before.
• Commercial and contractual data: Will be retained for the duration of the commercial relationship plus 6 additional years to comply with tax and accounting obligations.
• Marketing data: Will be retained until you withdraw your consent or request data deletion.
• Browsing data and cookies: According to the specific configuration of each type of cookie, generally between 1 month and 2 years.
• Human resources data: Will be retained according to applicable labor legislation, generally 4 years from the end of the employment relationship.
• Data with legal obligation: Will be retained according to the deadlines established by applicable tax, accounting and commercial regulations.

After these periods, the data will be securely and irreversibly deleted.

Your personal data will not be transferred to third parties without your express consent, except in the following cases:

• Legal obligation: When required by competent authorities, public bodies or by court order.
• Service providers: Entities that provide us with services necessary for the operation of our activity, always under strict confidentiality and data protection agreements.

We use the following external services that may have access to technical or statistical data:

• Google Analytics: For statistical analysis of the website with completely anonymized data.
• Hosting and cloud service providers: For secure hosting of our website and computer systems.
• Email services: For managing commercial and technical communications.

All our providers are contractually obligated to comply with the GDPR and maintain the highest security measures.

Some of our service providers may perform data transfers to countries outside the European Economic Area (EEA). In these cases, we ensure that such transfers are made with the following safeguards:

• Google LLC (United States): Web analytics services and digital marketing tools, using standard contractual clauses approved by the European Commission.
• Microsoft Corporation (United States): Cloud services and business productivity tools, with adequacy certification and standard contractual clauses.
• Other providers: All external services that may involve international transfers are subject to adequacy assessments and standard contractual clauses.

These transfers are made exclusively in accordance with the standard contractual clauses approved by the European Commission and other guarantees recognized by the GDPR, ensuring an adequate level of protection equivalent to that offered by European legislation.

In accordance with the General Data Protection Regulation (GDPR) and applicable Spanish legislation, you have the following rights as personal data subject:

• Right of access (art. 15 GDPR): Obtain information about what personal data we process, for what purposes and for how long.
• Right of rectification (art. 16 GDPR): Correct inaccurate or incomplete data concerning you.
• Right of erasure (art. 17 GDPR): Request deletion of your data when they are no longer necessary or you have withdrawn your consent.
• Right to restriction of processing (art. 18 GDPR): Restrict the processing of your data in certain circumstances.
• Right to data portability (art. 20 GDPR): Receive your data in a structured and commonly used format to transmit them to another controller.
• Right to object (art. 21 GDPR): Object to the processing of your data for reasons related to your particular situation.
• Right to withdraw consent: Revoke the consent given at any time, without affecting the lawfulness of processing based on prior consent.
• Right to lodge a complaint: Address the Spanish Data Protection Agency (AEPD) if you consider that the processing does not comply with the regulations.

To exercise any of these rights, you can contact us through the means indicated in the contact section.

Aznar Textil, S.L.U. implements appropriate technical and organizational measures to ensure the security of personal data and protect them against unauthorized access, alteration, disclosure or destruction. These measures include:

• Data encryption: Use of secure protocols (HTTPS/SSL) for data transmission and encryption of sensitive stored information.
• Access control: Implementation of authentication and authorization systems that ensure only authorized personnel can access personal data.
• Backups: Regular and secure backups of all critical information, with proven recovery procedures.
• Security audits: Periodic reviews of systems and processes to identify and correct vulnerabilities.
• Staff training: Continuous training of the team in data protection and information security matters.
• Security policies: Establishment of clear internal procedures for the secure handling of personal data.
• Continuous monitoring: Constant supervision of systems to detect and prevent unauthorized access.

Our website uses first-party and third-party cookies, as well as other similar tracking technologies, to improve site functionality, analyze browsing behavior and personalize the user experience.

Analytical and tracking cookies require your prior and informed consent. You can obtain detailed information about the types of cookies we use, their purpose, duration and how to manage them in our Cookie Policy.

You can configure your cookie preferences at any time through the cookie banner that appears on your first visit or by modifying your browser settings.

To exercise any of the rights mentioned above or make inquiries related to the processing of your personal data, you can contact us through the following means:

Procedure for exercising rights: To facilitate the process, we recommend that you clearly specify which right you wish to exercise and provide a copy of your ID or identification document. We commit to responding to your request within a maximum period of 30 business days from receipt.

Control Agency: If you consider that the processing of your personal data does not comply with the regulations, you can file a complaint with the Spanish Data Protection Agency (AEPD) at www.aepd.es.