Privacy

Custocare is committed to protecting the privacy and security of its users' data. This Privacy Policy describes how we collect, use, process, and protect your personal information in compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and the Spanish Organic Law 3/2018 on the Protection of Personal Data and guarantee of digital rights (LOPDGDD).

1. Scope of this Privacy Policy

This Privacy Policy affects the management of Personal Data that we collect when you use or access our Services. This Privacy Policy does not apply to the practices of third parties that we do not own and cannot control or manage, including, but not limited to, any third-party website, service, application, or company (“Third-Party Services”). While we try to work only with Third-Party Services that share our respect for your privacy, we are not responsible for their content or privacy policies. We recommend that you carefully read the privacy policies of any Third-Party Services you access.

2. Personal Data Collected

Custocare is the entity responsible for processing your data. It collects and processes various types of data to provide and improve our subscription management services. The data we collect includes:

  • Identity and Contact Data: Name, surname, email address, and telephone number.
  • Economic and Transactional Data: Information related to your subscriptions, payments made, billing history, and billing address. Your full credit card or bank details are processed directly by our secure payment service providers and are not stored on Custocare's servers.
  • Connection and Usage Data: IP address, browser type and version, operating system, device information, and data on how you navigate and interact with our service (pages visited, time spent, features used).
  • Customer Service Data: Information you provide when you contact our support team, including the content of your inquiries and our correspondence.
2.1. Special categories of personal data

Special categories of personal data are data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic personal data, and biometric personal data to identify a natural person. We may only process personal data concerning a natural person's sex life or sexual orientation in the context of certain services requiring this information.

Other special categories of personal data are not processed by Custocare, and in the event that their processing becomes necessary, Custocare undertakes to process them under the conditions provided for by the regulations relating to the protection of personal data.

The data subject can choose to provide Custocare with some of this information, such as racial origin, sexual orientation, or religious beliefs, in which case the choice to provide this information constitutes consent to its processing.

2.2. Minor

The services offered by Custocare are not intended for minors. It is the responsibility of any person exercising parental authority to decide whether their minor child is authorized to use the services.

2.3. How do we protect your Data

To ensure the protection and maintain the security, integrity, and availability of your Personal Data, we use various security measures. Although it is not possible to guarantee absolute protection against intrusion when transmitting Personal Data over the Internet or from a website, we, as well as our subcontractors and business partners, make every effort to maintain physical, electronic, and procedural safeguards to ensure a level of protection of your Personal Data that complies with applicable legal requirements.

3. Purposes and Legal Basis for Processing

Your data is processed for different purposes, each based on a specific legal justification.

3.1. Management of the Contractual Relationship

We process your data to create and manage your user account, process your subscriptions, and handle all billing and payments. The legal basis for this is the Performance of a Contract (Art. 6.1.b of the GDPR), as this processing is essential to provide the service you have requested.

3.2. Customer Support

Your data is used to provide customer support and respond to your inquiries or complaints. This is based on both the Performance of a Contract (Art. 6.1.b of the GDPR) and our Legitimate Interest (Art. 6.1.f of the GDPR) in offering you an effective and quality service.

3.3. Commercial Communications

We may use your contact information to send you commercial communications, such as newsletters and special offers about our services. This processing is based on your Consent (Art. 6.1.a of the GDPR) if you are a new user who opts in, or on our Legitimate Interest (Art. 6.1.f of the GDPR) if you are an existing customer, always about services similar to those you have already contracted, and always providing a simple way to unsubscribe.

3.4. Security and Fraud Prevention

We process your data to ensure the security of our platform, prevent fraudulent activities, and detect technical issues. The legal basis for this is our Legitimate Interest (Art. 6.1.f of the GDPR) in protecting our service and our users.

3.5. Service Improvement

We perform data analysis to understand usage trends and improve the functionality and user experience of our service. This is based on our Legitimate Interest (Art. 6.1.f of the GDPR) in developing and enhancing our business.

3.6. Compliance with Legal Obligations

We may process your data to comply with our legal and regulatory obligations, such as tax and accounting requirements, or to respond to requests from competent authorities. The legal basis for this is Compliance with a Legal Obligation (Art. 6.1.c of the GDPR).

Data Retention Period

We will retain your data only for as long as is necessary for the purposes for which it was collected:

  • Account Data: For the entire duration of your contractual relationship with Custocare.
  • Post-Contract Data: Upon termination of your account, your data will be duly blocked and retained for the legally required statutory limitation periods (e.g., for commercial, tax, and liability purposes) before being securely deleted.
  • Marketing Data: Until you withdraw your consent or exercise your right to object.

5. International Data Transfers

Some of our service providers may be located outside the European Economic Area (EEA). In such cases, Custocare ensures that any transfer of personal data is protected by adequate safeguards, primarily through the use of Standard Contractual Clauses (SCCs) approved by the European Commission, or by relying on an Adequacy Decision.

6. Your Rights

Following the GDPR, you have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Erasure (Right to be Forgotten): Request the deletion of your data when it is no longer necessary for the purposes for which it was collected.
  • Restriction of Processing: Request that we restrict the processing of your data under certain conditions.
  • Portability: Receive your data in a structured, commonly used, and machine-readable format.
  • Object: Object to the processing of your data, particularly for marketing purposes.
  • Withdraw Consent: Withdraw your consent at any time for processing based on that consent.
  • To exercise these rights, please contact us by email at: help@custocare.cc
  • You also have the right to complain to the competent supervisory authority, which in Spain is the Spanish Data Protection Agency (AEPD).

7. Data Security

Custocare implements appropriate technical and organizational measures (such as encryption, access controls, and regular security assessments) to protect your data against unauthorized access, alteration, disclosure, or destruction.