Privacy Policy

WEB PRIVACY POLICY

www.scriptarastudio.com

I. PRIVACY AND DATA PROTECTION POLICY

Respecting current legislation, Scriptara Studio (hereinafter also the “Website”) undertakes to adopt the necessary technical and organizational measures, according to the level of security appropriate to the risk of the data collected.

LAWS INCORPORATED INTO THIS PRIVACY POLICY

This Privacy Policy is adapted to current Spanish and European regulations regarding the protection of personal data on the internet, in particular:

  • Regulation (EU) 2016/679 (GDPR).

  • Organic Law 3/2018, of December 5 (LOPD-GDD).

  • Royal Decree 1720/2007, of December 21.

  • Law 34/2002, of July 11, on Information Society Services and Electronic Commerce (LSSI-CE).

IDENTITY OF THE DATA CONTROLLER

Data controller: Lidia María Martínez Matencio
NIF: 48672497N
Address: Av. La Cruz, 19
Phone: (+34) 684 770 125
Email: info@scriptarastudio.com

PURPOSE OF PROCESSING PERSONAL DATA

In Scriptara Studio We process the information provided by Users for the following purposes:

  • Manage orders, payments, shipments and product returns.

  • Provide customer service and after-sales support.

  • Comply with the legal, tax and accounting obligations arising from the commercial activity.

  • Sending informational or promotional communications, if the User has given their express consent.

  • Manage participation in raffles, promotions or contests organized through the website or social networks, and the delivery of the corresponding prizes.

  • Improve the browsing experience and optimize the performance of the online store.

LEGAL BASIS FOR PROCESSING

The processing of personal data is carried out in accordance with the following legal bases:

  • Contract execution: for the purchase, sale, and shipment of products requested by the User.

  • Compliance with legal obligations: in tax, accounting, consumer or data protection matters.

  • Consent of the interested party: for sending commercial communications or the use of non-essential cookies.

The User may withdraw their consent at any time without affecting the lawfulness of the previous processing.

CATEGORIES OF DATA PROCESSED

They are only trying identification and contact information (name, surname, postal address, telephone, email address, personal or tax identification number [if necessary]) and transaction data (payment method, order number, amount, etc.).
No special categories of personal data are processed.

RECIPIENTS OF PERSONAL DATA

Personal data may be communicated to the following recipients, exclusively to fulfill the purposes indicated:

  • Shopify Inc. , provider of the e-commerce platform, with servers outside the EEA under Standard Contractual Clauses approved by the European Commission.

  • Sendcloud and Packlink: These two external services are used for shipping and logistics management of orders, and they process customer data only to deliver the order, in accordance with the GDPR.

  • Transport and courier companies For order delivery: Correos, Correos Express, InPost, UPS, DHL and FedEx.

  • Financial institutions and payment gateways (Shopify Payments, PayPal, among others) for processing payments and refunds.

  • Accounting or tax advice from Scriptara Studio for compliance with legal obligations.

INTERNATIONAL DATA TRANSFERS

Shopify Inc. and some of its suppliers may process data outside the European Economic Area (EEA). These transfers are carried out with appropriate safeguards in accordance with the GDPR. Standard Contractual Clauses approved by the European Commission.

STORAGE PERIOD

Personal data will be kept for the time necessary to process orders and comply with legal obligations:

  • Billing and accounting information: 6 years (Art. 30 of the Commercial Code).

  • Data for marketing or newsletter purposes: until the User requests its deletion or withdraws their consent.

USER RIGHTS

The User may exercise the following rights recognized in the GDPR and the LOPD-GDD:

  • Right of access to your personal data.

  • Right to rectify inaccurate or incomplete data.

  • Right to erasure (“right to be forgotten”).

  • Right to restriction of treatment.

  • Right to data portability.

  • Right to object to treatment.

To exercise these rights, the User may send a written request with the subject “GDPR - www.scriptarastudio.com” a: info@scriptarastudio.com .

The application must include name, surname, copy of ID card or equivalent document and the specific reason for the request.

If you believe that the processing of your data infringes the regulations, you may file a complaint with the Spanish Data Protection Agency (AEPD) : https://www.aepd.es/

SECURITY AND CONFIDENTIALITY

Scriptara Studio adopts the necessary technical and organizational measures to guarantee the security, integrity and confidentiality of personal data.
However, due to the nature of the Internet, it is not possible to guarantee absolute security against unauthorized access; in the event of a security breach, affected Users will be notified as provided for in the GDPR.

MINORS

Only those aged 14 and over can give their consent for the processing of their data. In the case of those under 14, parental or guardian consent will be required.

LINKS TO THIRD PARTIES

The Website may contain links to third-party websites. Scriptara Studio is not responsible for the content or privacy policies of those sites.

II. ACCEPTANCE AND CHANGES TO THIS PRIVACY POLICY

Use of this website implies acceptance of this Privacy Policy. Scriptara Studio reserves the right to modify it at any time, at its own discretion or due to legislative changes.
It is recommended to check this page periodically.

Last update: October 28, 2025.