On the occasion of the entry into force of the new General Data Protection Regulation (GDPR), which came into force for all of Europe on May 25, 2018, our privacy and data protection conditions comply with the regulations.

Mashera - Womo is a brand that allows its users (“you”) to purchase any of the products available through its website. Mashera Bags Company SL as owners and data controllers, we manage and process our websites.

By accessing our website and following our purchasing process, you agree that you have read and understand this Privacy Policy, as well as the information collection and management practices described therein.

This Privacy Policy describes in as much detail and transparency as possible our policy and the practices we follow.
in relation to the collection, management, use and disclosure of your personal data.

We are aware of the trust you place in us when you provide us with your personal data. Therefore, we want you to know about
commitment regarding this transfer of data, we give it the utmost importance and are fully committed to acting with total security and confidentiality in the processing of the personal data that you entrust to us when purchasing on our website or subscribing to our services.

Here you can find a summary as an extract of the contents related to our Privacy Policy:

WHO IS RESPONSIBLE FOR THE PROCESSING OF YOUR DATA
PERSONAL? PERSONAL INFORMATION

• WHAT DATA DO WE COLLECT?
• WHY AND WHY DO WE COLLECT YOUR DATA?
• WHAT DO WE DO WITH YOUR INFORMATION?

CONSENT

• WITH WHOM DO WE SHARE YOUR DATA? SHOPIFY
• THIRD PARTIES AND EXTERNAL LINKS
• HOW LONG DO WE KEEP THE DATA?
• WHERE ARE THEY STORED?
• WHO IS RESPONSIBLE FOR THE ACCURACY AND TRUTHFULNESS OF THE DATA PROVIDED?
• WHAT HAPPENS TO THE
  MINORS?

SECURITY

• COOKIES AND OTHER WEB TECHNOLOGIES
• YOUR RIGHTS AND HOW YOU CAN EXERCISE THEM
• INTERNATIONAL TRANSFERS

CHANGES IN OUR POLICIES PROTECTION DELEGATE
OF DATA

• HOW TO CONTACT US?

Identity: Mashera Bags Company SL (hereinafter Mashera – Womo)

Who are we?: a Spanish company with CIF B67248633,
registered in the Mercantile Registry of Barcelona Spain, Registered office: Plaza
University of Barcelona.

Email: If you wish to make any legal query or in relation to the processing of your personal data, do not hesitate to contact us by writing to info@mashera-womo.com

“Personal data” means any information about a person that allows them to be identified, either directly or indirectly, such as their first and last name, telephone number, postal and email addresses, date of birth, password and payment information. . They do not include data from which the identity has been removed (anonymous data).

In the course of our business operations, we collect and process personal data in various ways. We may collect personal data that you provide to us directly, but also by recording your interaction with our services, for example using cookies on our website.

Likewise, we may receive information from third parties.

You can choose not to provide us with your personal data. However, to complete a purchase and delivery process on our website, we will need you to provide us with certain information. In addition, we may also need certain information in the event that you need to deal with our Customer Service to resolve any doubts or queries you may have.

Mandatory information is identified on our website by signs. If you do not provide us with the mandatory information, your purchase cannot be processed.

We tell you in general terms the type of personal information we require to use our subscription services or purchase products.

• Name, address and date of birth.
• Telephone number and email address.
• Location.
• Information regarding payments and returns.
• IP address, date and time in which you accessed our services, internet browser you use and data about the device's operating system.
• Any other information or data that you decide to share with us.

In some cases, it is mandatory to complete the registration form to access and enjoy certain services offered on the website; Likewise, not providing the requested personal data or not accepting this data protection policy means the impossibility of subscribing, registering or participating in any of the promotions in which personal data is requested. More in detail:

What direct information do we require and store from you? If you purchase on our website, we will request and store the following information:

• full name
• telephone contact,
• full address
• e-mail
• list of products purchased.

If you only use our newsletter subscription services, we will only require your email.

What direct information do we require but do not store?

If you buy on our website, we will ask you for your payment information. We want you to know that the management of this information is done through the payment platform you have chosen, so we neither see, nor store, nor have access to this information. This is treated under conditions of maximum security and confidentiality by the payment platform you have selected. If you have any questions about the processing of this data, we recommend that you speak directly with the provider of the payment system that you have selected on our website, so that they can clarify any information regarding the secure processing of this information. In any case, we guarantee that we only choose completely secure payment platforms, of recognized prestige in the sector and that meet the maximum guarantees in the storage and processing of this information.
Below we break down in much greater detail the type of information we collect from anyone who may enter our website, make a visit, subscribe to any of our information services or make a purchase on our website, obtained directly. or indirect:

Personal information that you provide to us: We collect and store information that you provide to us through our website or that you send us in other ways. We detail it in the previous point.

Information about third parties: If you make a purchase on behalf of a third party (for example, a gift product), you will need to provide the personal information of that person. You must obtain the consent of such other persons before providing us with their personal data.

Information from other sources: We may also receive personal data about you from affiliated entities, our business partners and independent third parties, which may be combined with other information we collect about you. Thus, if you access our website through a link that belongs to a site of one of our commercial partners and you have registered with said partner, they may share with us the information that you have provided, such as your contact information and your profile. For example: If you access third-party services (such as social media services) through or before visiting our website, we may collect certain information, such as your first and last name, your email address, and any other information that these services make available to us.

We collaborate with our current partners and with potential future partners to improve and personalize your experience on our website in accordance with the practices described in this Privacy Policy and always with the maximum guarantees of security and confidentiality with respect to your data.

Automatic collection of information when you visit our website: We automatically collect certain information from your computer or mobile device when you visit our website. For example, we collect your session data, including your IP address, the browser software used, and the referring website.

We may also collect information about your online activity, such as the content you have viewed, the pages you have visited, and the searches you have performed within our website. We collect this type of information automatically to try to better understand your interests and preferences and to better personalize your experience on our website.

Geolocation and other information obtained from your mobile: when you visit our website on your mobile device, we may collect and use the information from your device, normally in the same way and for the same purposes as those discussed in the previous point. .

We use the personal data we collect about you only for specific purposes. These purposes include:

Provide you with information about the brand, develop and manage our commercial activities and promotional operations (including email campaigns, targeting, retargeting, user profiling and segmentation), and conduct internal research and analysis for marketing activities. report as well as brand improvement.
Manage orders or contract any of our services, whether online or in physical stores.
In some cases it will be necessary to provide information to Authorities or third companies for audit reasons, as well as handle personal data from invoices, contracts and documents to respond to claims from clients or Public Administrations.
Develop and manage contests, raffles or other promotional activities that may be organized. Develop commercial actions and carry out the maintenance and management of the relationship with the user, as well as the management of the services offered through the website and information tasks, being able to carry out automatic assessments, obtaining profiles and customer segmentation tasks. in order to personalize the treatment according to their characteristics and needs and improve the customer's online experience.
Manage the sending of the information requested from us.
We inform you that the personal data obtained as a result of your registration as a user will form part of the Register of Processing Activities and Operations (RAT), which will be updated periodically in accordance with the provisions of the RGPD.

When you buy something from our store, as part of the buying and selling process, we collect the personal information you give us such as name, address and email address. When you browse our store, we also automatically receive your computer's Internet Protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.

Email marketing: With your permission, we may send you emails about our store, offers and services, new products and other updates. In addition to commercial content messages, we also frequently send messages whose purpose is to know your degree of satisfaction with the product you have purchased, the purchasing process, the brand in general, as well as to ask your opinion on future processes, products and improvements. around the brand.

Our main means of communication is email, but from time to time we may use other means of contact such as messages via SMS or WhatsApp, browser notifications (as long as you have given your consent to receive them), etc.

Every time you receive information from us of any kind, you can tell us if you no longer wish to receive it or reject automatic notifications. You can unsubscribe from commercial communications at any time by clicking on the unsubscribe link found at the bottom of the communications we will send you, or by sending us an email to info@masherawomo.com.

Please note that even if you have not selected the option to receive notifications from us, or even if you have unsubscribed from them, we may continue to send you specific communications, such as messages regarding the status of one of your purchases.

How do you obtain my consent?: When you provide us with your personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or make a return, we imply that you consent to our collection and use for that specific reason only.

If we ask for your personal information for a secondary reason, such as marketing, we will either ask you directly for your express consent, or give you the opportunity to say no.
How can I revoke my consent?: If after having accepted you change your mind, you can revoke your consent for us to contact you, for the collection, use or disclosure of your information, at any time, by contacting us at info@mashera-womo.com .
Deactivation of your Mashera-Womo account: you can notify us of the cancellation by emailing info@masherawomo.com. You will be notified of the deactivation of your account by email. Deactivating your account will not allow you to access your purchase history.

We may disclose your personal information if we are required to do so by law or if you violate our Terms of Service.

We may share your personal data with other entities, including affiliates or entities associated with the brand, third parties, or any of our business partners or suppliers. In the event that we sell or liquidate our business (whether in whole or in part) and such sale or liquidation involves your personal data, or in the event that we merge with another company, we would share your personal data with the new owner of the business. business or with the merger partner, as the case may be. If we are legally required to do so, we will share your personal data to protect our customers and our website, as well as our company, our rights and our property.

We require all third parties to respect the security of personal data and to process it in accordance with the law. Our third-party service providers do not have our authorization to use personal data for their own purposes, and we only allow them to process it for specific purposes and according to our instructions.

Below we offer you more information about the entities that could access your personal data:

Storage and courier service providers: We share your information with our storage and courier service providers, so that they can process your order, deliver it to you, and directly resolve any issue or incident with you regarding said delivery.

Third party service providers who provide their services to us or act on our behalf, in particular to: perform business analysis; process data or payments; provide customer service, marketing or public relations services; disclose surveys or prize drawings; or for fraud prevention purposes. Please note that it is the payment service provider itself that processes the payment information, neither we nor our other suppliers have access to it. This payment information is encrypted and secure. In addition, we may also authorize them to collect information on our behalf, including, for example, information necessary to use the features of our website or to facilitate the delivery of online advertisements tailored to your interests as a user. Third party service providers will have access to and collect information to the extent necessary to perform their functions. They may not share it or use it for any other purpose.

If you choose to finance a purchase, the user accepts that all his or her personal data will be fully transferred to Aplázame from the moment the user has started contracting the deferred payment service offered by the latter at the time of choosing the method. payment. This acceptance extends to third parties that have to access the files for the successful completion of the contract.

Affiliated sites: If you have been redirected to our website from another website or application, we may share information about you.

We may also share your information with third parties if we believe, in our sole discretion, that disclosure of such information is necessary in the following circumstances:

To comply with subpoenas, court orders or other legitimate and enforceable legal processes; to establish or exercise our legal rights; to defend ourselves against legal claims; or in any other case where required by law. In such cases, we reserve the right to raise or withdraw any legal objections or rights available to us.

If we are legally required to do so, we will share the data we collect with law enforcement and other government agencies.

To investigate, prevent, or take action regarding illegal or suspected illegal activities; to protect and defend our rights, our property, our safety, our users or others; and as set forth in these Terms of Use or other agreements, including with our partners or suppliers.

In connection with a corporate transaction, such as a liquidation, merger, acquisition, consolidation or sale of assets, or in the unlikely event of bankruptcy.

Outside the scope of the previous provisions, and when necessary under the applicable legal regulations, you will be informed when your personal data will be shared with third parties, and you can ask us not to share it if you wish.

We may also share anonymous or aggregated information with third parties, including advertisers and investors. For example, we may tell our advertisers the number of visitors to our website or the most popular products. This information does not contain any personal data.

Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.

Your data is stored through Shopify's data warehouse, databases, and the general Shopify application. Your data is stored on a secure server behind a firewall.

Payment:
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only to the extent necessary to complete the purchase transaction. After it is completed, your purchase transaction information is deleted.

All direct payment gateways adhere to the standards set by PCI-DSS as outlined by the PCI Security Standards Council, which is a joint effort of brands such as Visa, MasterCard, American Express and Discover.

PCI-DSS requirements help ensure the secure handling of credit card information by retailers and their service providers.

For a clearer view, you may also want to read Shopify's Terms of Service here or Privacy Statement here.

In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to enable them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies regarding the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read the privacy policies so that you can understand how your personal information will be handled.
In particular, remember that some providers may be located in or have facilities that are in a different jurisdiction than either you or us.

So if you wish to proceed with a transaction that involves the services of a third-party service provider, your information may be subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway based in the United States, then your personal information used in completing your transaction may be subject to disclosure under United States law, including the Patriot Act. Once you leave our store website or are redirected to a third-party site or application, you are no longer governed by this Privacy Policy or our website's Terms of Service.

When you click on links on our store, you may be directed away from our site. We are not responsible for the privacy practices of other sites and we encourage you to read their privacy policies.

How long do we keep your personal data

The processing of data for the purposes described will continue for the time necessary to fulfill the purpose of its collection (for example, for the duration of the commercial relationship), as well as for compliance with the legal obligations arising from the processing of the data. data.
We may store some of the information related to your purchase or subscription in our records, primarily for analysis purposes or to maintain such records. The retention period of your personal data depends on the purpose for which we collect it and the use we make of it.

We will only retain your personal information for as long as necessary for the purposes set out in section 4 or to comply with our legal obligations.

For commercial purposes, the retention period will be 3 years from the date of your last activity, understood as “last activity” the purchase of our products, or the interaction or reading of any of our newsletters. After this time, we will ask you again to tell us if you want us to continue sending you information and staying in contact with you. Only in the event that you expressly indicate to us that you are interested with the mechanisms that we put at your disposal, will we renew this contact; Otherwise, we will have no commercial contact with you and it will only be resumed if you make a new purchase or subscribe to our information systems again.

We may retain certain personal information for a longer period if such information is necessary to comply with our legal obligations, to maintain security, to prevent fraud and abuse, and to defend or exercise our rights. If you decide to ask us to completely delete your personal data from our system, we undertake to remove it from our website within a period of generally 14 days.

Generally, data is stored within the EU. For data sent to third parties that do not belong to the EU, we will ensure that they offer a sufficient level of protection, either because they have Binding Corporate Rules (BCR) or because they have adhered to the “Privacy Shield”.

The user is solely responsible for the veracity and correctness of the data included, exonerating Mashera Bags Company SL from any responsibility in this regard.

Users guarantee and are responsible, in any case, for the accuracy, validity and authenticity of the personal data provided, and undertake to keep it duly updated. The user agrees to provide complete and correct information in the registration or subscription form. Mashera Bags Company SL reserves the right to terminate the contracted services that have been concluded with users, in the event that the data provided is false, incomplete, inaccurate or not updated.

Mashera Bags Company SL is not responsible for the veracity of information that is not its own creation and for which another source is indicated, and therefore does not assume any responsibility for hypothetical damages that may arise from the use of said information.

Mashera Bags Company SL reserves the right to update, modify or delete the information contained on its web pages and may even limit or not allow access to said information. Mashera Bags Company SL is exonerated from liability for any damage or harm that the user may suffer as a result of errors, defects or omissions in the information provided by Mashera Bags Company SL provided that it comes from sources other than Mashera Bags Company SL.

Likewise, the user certifies that they are over 18 years of age and that they have the necessary legal capacity to provide consent regarding the processing of their personal data.

By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your dependents minors use this site.

NOTE: Our services are not directed to minors. However, in the event that any of them are directed to minors under fourteen years of age, in accordance with article 8 of the RGPD and article 7 of LO3/2018, of December 5 (LOPDGDD), Mashera Bags Company SL will require the valid, free, unequivocal, specific and informed consent of their legal guardians to process the personal data of minors. In this case, the DNI or other form of identification of the person providing consent will be required.

In the case of those over fourteen years of age, the data may be processed with the user's consent, except in those cases in which the Law requires the assistance of the holders of parental authority or guardianship.

To protect your personal information, we take reasonable precautions and follow industry best practices to ensure that it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.

We want you to use our website with confidence. To this end, we are committed to protecting the information we collect. Although no site can guarantee absolute security due to the difficulties inherent in online activities, we have implemented and maintain appropriate organizational, technical, administrative and physical measures to protect the personal data you provide to us against unauthorized or unlawful access, disclosure of information , as well as against accidental loss, damage, alteration or destruction. We also use third-party services capable of providing us with technologies with this same level of guarantees, security and trust.

If you provide us with your credit card information, your credit card information is encrypted and encrypted. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all requirements and implement additional accepted industry standards.

We have also adopted the legally required levels of security for the protection of Personal Data, and we try to install any other means and additional technical measures at your disposal to prevent the loss, misuse, alteration, unauthorized access and theft of the Personal Data provided.

We are not responsible for hypothetical damages or losses that may arise from interferences, omissions, interruptions, computer viruses, telephone breakdowns or disconnections in the operational functioning of this electronic system, caused by causes beyond our control; of delays or blockages in the use of this electronic system caused by deficiencies or overloads of telephone lines or overloads in the Data Processing Center, in the Internet system or in other electronic systems, as well as damages that may be caused by third parties. people through illegitimate interference beyond the control of Mashera Bags Company SL. However, the user must be aware that security measures on the Internet are not impregnable.

On the page we use cookies to facilitate the relationship of visitors with our content and to allow us to compile statistics about the visitors we receive.

In compliance with Directive 2009/136/EC, developed in our system by the second section of article 22 of the Information Society Services Law, following the guidelines of the Spanish Data Protection Agency, we proceed to inform you in detail of the use that is made on our website.

Cookies are small files that are recorded in the browser used by each visitor to our website so that the server can remember that user's visit later when they access our content again. This information does not reveal your identity or any personal data, nor does it access the content stored on your PC, but it does allow our system to identify you as a specific user who has previously visited the website, viewed certain pages, etc. and also allows you to save your personal preferences and technical information such as visits made or specific pages you visit.

The purpose of cookies is to provide the User with faster access to the selected Services.

If you do not want cookies to be saved in your browser or you prefer to receive information each time a cookie requests to be installed, you can configure your browsing options to do so. Most browsers allow cookies to be managed in 3 different ways:
- cookies are always rejected;
- the browser asks if the user wants to install each cookie;
- cookies are always accepted;
- Your browser may also include the ability to select in detail the cookies you want to be installed on your computer. Specifically, the user can normally accept one of the following options:
- reject cookies from certain domains;
- reject third-party cookies;
- accept cookies as non-persistent (they are deleted when the browser is closed); - allow the server to create cookies for a different domain.

To allow, know, block or delete the cookies installed on your computer, you can do so by configuring the options of the browser installed on your computer.

You can find information on how to configure the most used browsers in the following locations:

Internet Explorer: Tools -> Internet Options -> Privacy -> Settings. For more information, you can consult Microsoft support or browser Help.
Firefox: Tools -> Options -> Privacy -> History -> Custom Settings. For more information, you can consult Mozilla support or the browser Help.
Chrome: Settings -> Show advanced options -> Privacy -> Content settings. For more information, you can consult Google support or browser Help.
Safari: Preferences -> Security. For more information, you can consult Apple Support or Browser Help.
Regarding third-party cookies, that is, those that are unrelated to our website, we cannot be responsible for the content and veracity of the privacy policies they include, so the information we offer is always with reference to the source.

This Cookies Policy can be modified based on legislative or regulatory requirements, or with the purpose of adapting said policy to the instructions issued by the Spanish Data Protection Agency, therefore Users are advised to visit it periodically.

When significant changes occur in this Cookies Policy, they will be communicated to Users either through the website or via email to registered Users.

Here is a list of cookies we use. We list them so you can choose whether you want to choose to remove them or not.


_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider's internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.

You can exercise your rights through a request by writing to info@mashera-womo.com. We will respond to you as soon as possible with the aim of executing any of these rights within a maximum period of one month. In order to facilitate confirmation of your identity and guarantee your right to access your personal data (or to exercise any other of your rights), we may ask you to provide us with a copy of your identity document. This is a security measure aimed at ensuring that personal data is not disclosed to anyone who does not have the right to receive it.

We may also contact you to request more information regarding your request in order to speed up our response.

Under the provisions of the RGPD you can request:

Right of access: you can request information about the personal data that we have about you.
Right to rectification: you can communicate any changes to your personal data.
Right to deletion and to be forgotten: you can request deletion after blocking personal data.
Right to limit processing: implies the restriction of the processing of personal data. Right to object: you can withdraw your consent to the processing of data, opposing further processing.
Right to portability: in some cases, you can request a copy of personal data in a structured, commonly used and machine-readable format for transmission to another controller.
Right not to be subject to individualized decisions: you can request that decisions not be made that are based solely on automated processing, including profiling, that produce legal effects or significantly affect the interested party.
In some cases, the request may be rejected if you request that data necessary to comply with legal obligations be deleted.

Likewise, if you have any complaints about the processing of your data, you can file a complaint with the data protection authority.

Your personal data may be transferred to other countries within the European Economic Area for the purposes described in this Privacy Policy. When we transfer your personal data outside the European Economic Area, we take the following precautions to ensure it is appropriately protected.

Transfers of personal data are carried out:

to countries or companies that are recognized by the European Commission as providing an adequate level of protection; either
to countries that do not offer adequate protection, but whose transfers are governed by the European Commission's standard contractual clauses.
By using our services, you agree that your personal data may be transferred to third-party companies as described in this Privacy Policy.

We reserve the right to modify this privacy policy at any time, so please review it frequently. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how and under what circumstances, if any, we use and/or disclose it.

If our store is acquired or merged with another company, your information may be transferred to the new owners so that we can continue selling products to you.

According to the new Regulation, Mashera - Womo is not required to appoint a Data Protection Officer. However, we have a team trained to guarantee compliance with all the aspects included in the “Privacy Policy” section, inform and resolve any questions to whoever requires it, and cooperate with the control authorities.

If you want to contact us to exercise your rights, register a complaint, or simply want more information, you will find us at info@mashera-womo.