Privacy Policy and Data Protection

Privacy Policy

1. Data Controller

In compliance with Regulation (EU) 2016/679 (GDPR) and Organic Law 3/2018, of December 5, on Personal Data Protection and Guarantee of Digital Rights (LOPDGDD), the user is informed of the following:

Business: Vintage Online SL 
Tax ID (NIF): B27583798 
Address: Calle Benissa 7, Local – 03710 Calpe (Alicante) 
Email: admin@the-vintage-collector.com

2. Purposes of Processing

Vintage Online SL processes users' personal data for the following purposes:

Manage user registration and customer accounts.

Process, manage, and deliver orders, as well as manage payments, invoicing, shipping, and returns.

Address inquiries, requests, or complaints through enabled channels.

Manage the exercise of the right of withdrawal and legal guarantees.

Send commercial communications regarding products and promotions, provided the user has consented or there is a legitimate interest in accordance with Article 21 of the LSSI-CE.

Comply with applicable legal obligations (fiscal, accounting, commercial, and consumer).

3. Legal Basis for Processing

The legal basis for data processing is:

Execution of the sales contract or pre-contractual relationship (Art. 6.1.b GDPR).

Data subject's consent for the sending of commercial communications and other specific purposes (Art. 6.1.a GDPR).

Compliance with the controller's legal obligations (Art. 6.1.c GDPR).

Legitimate interest of the controller, where applicable (Art. 6.1.f GDPR).

4. Data Retention

Data will be kept while the contractual relationship is maintained and, subsequently, for the periods legally required to address potential liabilities (in particular, the periods provided for in tax, commercial, and consumer protection regulations). Data processed based on consent will be kept until the user withdraws it.

5. Recipients and Transfers

Data will not be transferred to third parties unless required by law. However, service providers acting as data processors may access the data (e.g., transport and logistics companies, payment gateways, hosting, or marketing services) with whom corresponding contracts have been signed in accordance with Article 28 of the GDPR.

Transport / Logistics companies: FedEx, Spanish Post (Correos), and others.

Payment gateway: Stripe y Paypal

Hosting provider: IONOS

6. International Data Transfers

No international data transfers are made outside the EEA.

7. Rights of Data Subjects

The user may exercise their rights of access, rectification, erasure, objection, restriction of processing, and data portability, as well as withdraw the consent given, by writing to Vintage Online SL at the indicated postal or email address, providing proof of identity.

Likewise, the user has the right to file a complaint with the Spanish Data Protection Agency (www.aepd.es) if they believe that the processing does not comply with current regulations.

8. Security Measures

Vintage Online SL adopts the necessary technical and organizational measures to ensure the security, integrity, and confidentiality of the data, preventing its alteration, loss, or unauthorized processing or access.

9. Accuracy of Data

The user guarantees that the data provided is truthful, accurate, and up-to-date, and is responsible for communicating any changes to it.

Information icon

Necesitamos su consentimiento para cargar las traducciones

Utilizamos un servicio de terceros para traducir el contenido del sitio web que puede recopilar datos sobre su actividad. Por favor revise los detalles en la política de privacidad y acepte el servicio para ver las traducciones.