The purpose of this policy is to inform data subjects about the different processing carried out by this organisation through the website and that affects their personal data in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 and Organic Law 3/2018. of 5 December, on the Protection of Personal Data and guarantee of digital rights.
FOUNDSPOT SL, domiciled at C/ Alameda, 22 (28014) Madrid, with NIF B87946877, WEB: www.foundspot.com and e-mail info@foundspot.com
DATA PROTECTION OFFICER
SEGURIDAD Y PRIVACIDAD DE DATOS, SL, with contact telephone number 963 122 868 and email infodpo@forlopd.es
□ USERS/SURFERS OF THE WEBSITE OF THE RESPONSIBLE PARTY
We will process the personal data provided to:
● To attend to requests, complaints and incidents transferred through our contact channels incorporated into the website.
● To understand the behaviour of the surfer within the website in order to detect possible computer attacks on our website.
● To comply with the legal obligations that are directly applicable to us and regulate our activity.
● Protect and exercise our rights or respond to claims of any kind.
● Where appropriate, send satisfaction and/or quality surveys. Your refusal to provide us with authorisation will make it impossible to evaluate the service provided.
● Manage your registration on the bank's web platform and generate a username and password. Your refusal to provide us with authorisation will make it impossible to register on the platform.
□ CLIENTS
In short, for the purposes indicated in the section "users/navigators of the website", we will process your personal data provided to:
● To manage the provision of the services that have been contracted, in the event of postal dispatch of the objects located.
● Procedures related to the shipment and receipt of the product.
● Carry out administrative, accounting and tax procedures.
□ USERS/SURFERS OF THE WEBSITE OF THE RESPONSIBLE PARTY
● In the consent you have given us to process your data for the purposes indicated. Refusal to provide your personal data will make it impossible to process your data for the aforementioned purposes.
● To comply with legal obligations that apply to us. In this case, the data subject may not object to the processing of personal data.
● In our legitimate interest to protect our image, business and track record by preventing attacks on our website. In this case, the interested party may not refuse the processing of personal data, although they may exercise, where appropriate, the rights recognised in the "rights" section of this policy.
□ CLIENTS
● Execution of a contract to which it is a party or application of pre-contractual measures. Refusal to provide your personal data will make it impossible to process your data for the aforementioned purposes.
● In the consent you have given us to process your data for purposes unrelated to the development or execution of the existing contract. Refusal to provide your personal data will make it impossible to process your data for the aforementioned purposes.
● To comply with legal obligations that apply to us. In this case, the data subject may not object to the processing of personal data.
● In our legitimate interest to protect our image, business and track record by preventing attacks on our website. In this case, the interested party may not refuse the processing of personal data, although they may exercise, where appropriate, the rights recognised in the "rights" section of this policy.
● Redsys
As part of our services, we use the Redsys payment gateway to process financial transactions and make sure your payments are made securely and efficiently. We encourage you to review Redsys' privacy policy beforehand to understand how they handle your personal information by clicking here.
5. USE OF GOOGLE APIs
Our platform uses various Google APIs to improve the user experience and facilitate certain functionalities. Here's how these APIs are used and what data may be collected:
· GOOGLE SIGN-IN: We use Google Sign-In to facilitate access and registration on our platform. This functionality allows users to log in using their Google account, and the following data is collected: first name, last name, email address, and optionally phone number. This data is used solely to identify the user within the app and for contact and communication purposes. The phone number is optional and is only collected if the user chooses to provide it. No other additional information is stored or used.
The personal data provided will be kept for the time necessary to fulfil the purposes for which they were initially collected.
Once the data is no longer necessary for the processing in question, they will be duly blocked in order to, where appropriate, make them available to the competent Administrations and Public Bodies, Judges and Courts or the Public Prosecutor's Office, during the limitation period for actions that may arise from the relationship with the client and/or the storage periods provided for by law.
Data Lock Period:
● THE CIVIL CODE. Between 1 and 5 years depending on the case, in accordance with the provisions of articles 1964.2 and 1968.2 of the aforementioned legal body.
● THE COMMERCIAL CODE. For 6 years, in accordance with the provisions of Article 30 of the aforementioned legal body. It applies to commercial information related to (invoices issued and received, tickets, rectifying invoices, bank documents, etc.).
● THE GENERAL TAX LAW. For 4 years in accordance with the provisions of articles 66 to 70 of the aforementioned legal body. It applies to information related to tax obligations.
The website does not make automated decisions or create profiles.
During the period of processing of your personal data, the organization may transfer your data to the following recipients:
● Judges and Courts.
● State Security Forces and Corps.
● Other competent public authorities or bodies, when the controller has a legal obligation to provide personal data.
● Where appropriate, to those Data Processors who provide us with services.
● Courier companies for the correct provision of the service.
● Grupo Avanza: The entities that make up the Avanza Group may be consulted at the following address https://www.avanzagrupo.com/empresas/ and their collaborators when strictly necessary and under the appropriate guarantees (GRUPADO S.A. DE C.V., GASA MÉXICO CONSULTORÍA Y SERVICIOS, S.A. DE C.V. and SCAT SERVICIOS EN COMPUTACIÓN Y EN ALTA TECNOLOGÍA, S.A. DE C.V., and MICROSOFT CORPORATION).
The organization does not carry out any International Data Transfer. In the event that it is subsequently necessary to carry out international data transfers, the degree of protection of the destination country will be verified and the guarantees required by the regulations will be adopted.
In order to make you part of our activity, and so that you can be aware of our news, we inform you that FOUNDSPOT SL has created a profile on Social Networks.
All users have the opportunity to join our social networks or groups. However, you should bear in mind that, unless we request your data directly (for example, through marketing actions, contests, promotions, or any other valid way), your data will belong to the corresponding Social Network, so we recommend that you carefully read their terms of use and privacy policies, as well as make sure to configure your preferences regarding the processing of data.
Below, we detail the link to the privacy policy of the different Social Networks in which we have a presence, so that you can access the privacy policies at all times and configure your profile to guarantee your privacy:
Facebook: https://es-es.facebook.com/privacy/policy/?entry_point=facebook_page_footer
Twitter: https://twitter.com/es/privacy
Instagram: https://privacycenter.instagram.com/
Linkledin: https://es.linkedin.com/legal/privacy-policy?
The interested parties may request more information about the processing of their personal data as well as exercise at any time and free of charge, the rights of access, rectification and deletion, as well as request that the processing of their personal data be limited, oppose it, request the portability of these (whenever technically possible) or withdraw the consent given and, where appropriate, not to be the subject of a decision based solely on automated processing, including profiling.
To do so, you may use the forms provided by the organization, or send a letter to the postal address or e-mail address referenced in the header. For the appropriate purposes, we inform you that you may be asked for your ID card or any other similar document, in order to prove your identity, provided that this cannot be done by other less intrusive means.
In the event that you feel that your rights regarding the protection of your personal data have been violated, especially when you have not obtained satisfaction in the exercise of your rights, you can file a complaint with the competent Data Protection Supervisory Authority (Spanish Data Protection Agency), through its website www.aepd.es
In compliance with the provisions of Article 21 of Law 34/2002 on information society services and electronic commerce, if you do not wish to receive more information about our services, you can unsubscribe by sending an email to the address info@foundspot.com with the subject "UNSUBSCRIBE".
The interested party guarantees that the data provided is true, accurate, complete and up-to-date; undertaking to inform of any change with respect to the data provided, through the channels enabled for this purpose and indicated in point one of this policy. It will be responsible for any damage, both direct and indirect, that it may cause as a result of non-compliance with this obligation.
In the event that the user provides data from third parties, he/she declares that he/she has the consent of the interested parties and undertakes to transfer the information contained in this clause, exempting the organization from any liability arising from the failure to comply with this obligation.
This privacy policy may be modified/updated in accordance with the legal requirements established or in order to adapt said policy to the instructions issued by the Spanish Data Protection Agency, or as a result of changes to our website. For this reason, we advise users to periodically visit our Privacy Policy.
If you have any questions about this policy, you can contact FOUNDSPOT SL through the forms provided by the organization, or send a letter to the postal address or email referred to in the header.
Last Revised May 05, 2025