PRIVACY POLICY.

Privacy is important to ITACA. This policy contains the practices related to the processing of personal data on ITACA‘s websites, such as the type of data collected, tracking, use and disclosure of such data.

At ITACA we understand that the privacy and security of personal data is of vital importance. This policy therefore sets out what we do with the information and what we do to keep it secure. It also explains where and how we collect information, as well as the data protection rights of the data subject.

This policy applies to those who access and use our website services and those who interact with ITACA on social media (our “Services”).

This policy defines our commitment to protecting personal information. We recommend that you read our privacy policy before you continue browsing.

This privacy policy was last updated on 14 de febrero de 2023

1. Identification of the controller’s business name

In accordance with the provisions of REGULATION (EU) 2016/ 679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter GDPR) we inform that personal data obtained from the data subject, as well as data generated in the context of the activity of our website will be processed by:

Company name:	INNOVACIONES TECNICAS APLICADAS A CERAMICAS AVANZADAS SAU (ITACA)
N.I.F/C.I.F.:	A12505293
Address:	Partida Rambleta s/nfrom Pobla Tornesa 12191 (Castellón).
Residence:	Spain
E-mail:	esp-info@esmalglass-itaca.com
Telephone numbers:	964 657 800
Object:	Chemical Industry

Who is ITACA‘s Data Protection Officer and how can you contact him/her?

The Data Protection Officer is the person in charge of protecting the fundamental right to the protection of personal data at ITACA and is responsible for compliance with data protection regulations. You can contact the Data Protection Officer at the following address:

DPO contact: dpo@altadiagroup.com

2. General privacy principles.

ITACA collects and processes personal information by adopting the following principles:

• Data are processed in a fair, lawful and transparent manner.

• Data are collected for specified, explicit and legitimate purposes and are not processed in a way incompatible with those purposes.

• The data are adequate, relevant and limited to what is necessary in relation to the purposes for which the processing is carried out.

• The data is accurate and up to date. Inaccurate data will be updated or deleted.

• Data is retained in an identifiable format for no longer than necessary.

• Data are processed securely through appropriate and effective technical and organisational measures against unauthorised or unlawful processing and against accidental loss, destruction or damage, by applying appropriate technical or organisational measures (“integrity and confidentiality”).

• We are committed to the principles of data protection by design and data protection by default.

3. How we collect your personal data and how it is used.

• Directly from the owner: We may collect personal data when you make an enquiry through contact forms, or when you are assigned a login account, among others.

• From cookies: We may collect information from “cookies” that we may store on a user’s device. Cookies are small data files stored on your hard drive or in the memory of your device. For more information on the use and purpose of cookies, please see our cookie policy.

• Logs: In the context of our website activity we may record certain information and store it in log files when you interact with our Services. This information may include internet protocol (IP) or other device addresses or identification numbers, as well as browser type, internet service provider, etc.

4. Assumptions where our website asks for your personal data

1. When enquiries are made via the contact form or via our e-mail.

2. When requesting any of the services and/or products we offer.

5. Purposes for which we process your personal data.

At ITACA we process the data necessary to manage and optimise our services and commercial relations with our users and clients. In addition, we also use this information to send advertising of interest to users, related to our products and services.

Personal data is collected and processed for the following purposes:

Stakeholder category	Purpose
Cookies	The Website has technology for the implantation of files called cookies on the User’s computer. Cookies are used to improve your browsing experience on our website, to analyse user browsing and to be able to offer you personalised content. In any case, they can be blocked or disabled through the configuration options of the browser. For more information, please consult our Cookies Policy.
Web Query User	Attend and answer communications or requests received either by e-mail or through the WebSite contact form http://www.esmalglass-itaca.com/.

6. Legal basis for processing and compulsory or optional nature of processing

The legal bases are linked to the purposes of the previous point according to the letters assigned in the table.

Stakeholder category	Legitimation for data processing
Cookies	The consent given when accepting ITACA cookies, except for cookies considered technical and necessary for the optimal functioning of the website.
Web Query User	Consent requested when contacting you via the Website. The interested party may withdraw consent at any time. Under no circumstances will the withdrawal of consent condition the provision of other services.

6. Data provided voluntarily by the data subject

   Stakeholder category	Data provided by the data subject
   Cookies	IP, navigation data, statistics, etc.
   Web Query User	Name, Surname, email, subject, message,

7. Retention of personal data.

ITACA only stores your personal data to the extent that we need it in order to be able to use it for the purposes of point 5, and according to the legal basis for processing it and in accordance with applicable law. Your personal information will be kept for as long as a contractual and/or commercial relationship exists or as long as you do not exercise your right to erasure, cancellation and/or limitation of the processing of your data.

Once the relationship with you has been terminated for any of the aforementioned reasons, the information will be kept duly blocked, without being used for any purpose, as long as it may be necessary for the exercise or defence of claims, or as long as any type of judicial, legal or contractual liability may arise from its processing, which must be attended to and for which its recovery is necessary.

Data that are processed for direct marketing purposes will be retained indefinitely until the data subject requests their deletion.

Specifically:

Stakeholder category	Conservation period
Cookies	According to the deadlines indicated in the cookies policy
Web Query User	3 years since last contact

6. Recipients or third parties to whom we may disclose personal data.

9.1 Personal Data may be shared for the purposes set out in paragraph 5 in the following cases:

In general for all categories of data subjects personal data may be shared:

1. For compliance with our legal obligations: when disclosure is necessary to comply with our obligations under laws, regulations, legal process or governmental requests affecting us.

2. For the formulation, exercise or defence of claims or when the courts are acting in their judicial role: In certain circumstances, disclosure of personal data may be mandatory because it is subject to a subpoena, warrant or summons.

3. In the event of a sale, merger, acquisition or similar transaction: In the event of a merger, acquisition, sale of all or substantially all of our assets or other similar sale transaction, personal data may be transferred as part of that transaction. In such an event, the data subject will be notified of such a transfer.

4. For the provision of services by suppliers acting on our behalf Occasionally, we contract with carefully selected third parties so that they can assist us in providing the services on the Site such as:

   1. Servicios de alojamiento Hosting with the purpose of providing hosting and e-mail services.

   2. IT consultancy and web design services: to provide technical support on the code created for the web.

5. Aggregated or Non-Identifiable Data: We may share aggregated or other non-personally identifiable information that does not identify the data subject in order to improve the experience of our Services.

9.2 Personal Data may be shared outside the EU for the purposes set out in paragraph 5 in the following cases:

Data recipients	Stakeholder category	Commission adequacy decision o Adequate safeguards
Technology Services Platform (Service Provider contracted by the Organisation)	User contacting through the Web	The Data Controller contracts its virtual infrastructure which provides for the management of email, calendar, documents, office applications, file hosting, etc. on a “cloud computing” model through G Suite services belonging to the Google LLC Organisation and under the Commission’s Standard Contractual Clauses of art 46 of the GDPR – Information available at: https://workspace.google.com/terms/mcc_terms.html

10. Security measures adopted in relation to the processing of personal data

ITACA implements and applies appropriate technical and organisational security mechanisms and measures to ensure a level of security of the processing that is appropriate to the risk.

To this end, ITACA has, on the basis of an objective assessment, identified, analysed and evaluated risks of varying likelihood and severity to the rights and freedoms of natural persons and, consequently, has implemented appropriate and effective security mechanisms, safeguards and measures to eliminate or mitigate the identified risks. In particular, appropriate and effective technical and organisational measures are taken to mitigate the risks of accidental or unlawful destruction, loss or alteration of personal data transmitted, stored or otherwise processed, or unauthorised communication or access to such data.

Likewise, ITACA guarantees compliance with the duty of professional secrecy and confidentiality for all its employees, contractors and third party users of personal data.

11. Rights of the Stakeholder.

The user may send communications and exercise his or her data protection rights in accordance with the formalities imposed by data protection regulations.

In all our operations relating to your privacy, we strive to comply with current legislation, which contains a number of rights for the data subject, as listed below:

Your rights	What does it mean?
Right to information	You have the right to be presented with clear, concise, transparent and easy to understand information about how we use your personal data and your rights. We provide you with this information in this Policy in point 5 below.
Right of access	You have the right to access the personal data we hold about you (subject to certain limits). Manifestly unfounded, excessive or repetitive requests may not be granted. To exercise this right, please contact us by any of the means indicated below.
Right of rectification	You have the right to have your personal data rectified if they are inaccurate or no longer valid or to have them completed if they are incomplete. To exercise this right, please contact us by any of the means indicated below. If you have an account, it may be easier for you to correct them yourself by modifying your profile.
Right to erasure/right to be forgotten	In certain cases, you may have the right to have your personal data erased or deleted. It should be noted that this is not an absolute right, as we may have legal or legitimate grounds for retaining it. If you would like us to delete your personal data, please contact us by any of the means indicated below.
Right to withdraw consent at any time where data processing is based on consent	In the event that consent has been granted for any of the purposes informed and determined in the processing referred to, we inform you that you have the right to withdraw your consent at any time, without affecting the lawfulness of the processing based on the consent prior to its withdrawal. For information on which processing operations are based on consent, please refer to point 5 of this policy. If you wish to withdraw your consent, please contact us by any of the means indicated below.
Right to object to processing based on the satisfaction of legitimate interests	You can object to our processing of your data at any time if the processing is based on the satisfaction of legitimate interests. For information on which processing operations are based on consent, we refer you to point 5 of this policy. If you wish to exercise this right, please contact us by any of the means indicated below.
Right to lodge a complaint with a supervisory authority	We also inform you that if you are not satisfied with the exercise of your rights or the way to exercise them, you may file a complaint with the Supervisory Authority. If you would like more information about this right and how to exercise it, please contact the AGPD: http://www.agpd.es/ Tel. 901 100 099 and 91.266.35.17. C/ Jorge Juan,6 28001-Madrid. Please do not hesitate to contact us by any of the means indicated below before lodging a complaint with the competent data protection authority.
Right to data portability	You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable form, so that it can be transferred to another controller, where the processing is based on the performance of a contract or on your consent and the processing is carried out by automated means. For information on which processing operations are based on consent, please refer to point 5 of this policy. For more information, please contact us by any of the means indicated below.
Right to restrict processing	You have the right to request the restriction of the processing of your data. If you exercise this right, the processing of your data will be subject to limitations, so we may store it, but we may no longer use or process it. This right can only be exercised in certain circumstances defined by the General Data Protection Regulation, as follows: for the data subject to challenge the accuracy of the personal data, during the period of time allowing the controller to verify the accuracy of the personal data; the processing is unlawful and the data subject objects to the erasure of the personal data and requests instead the restriction of their use; the controller no longer needs the personal data for the purposes of the processing but the data subject needs them for the purposes of making, pursuing or defending claims; the data subject has objected to the processing pursuant to Article 21(1), while it is being verified whether the legitimate grounds of the controller outweigh those of the data subject. If you wish to exercise this right, please contact us by any of the means indicated below.
Right to disable cookies	You can disable cookies at any time. As a general rule, the configuration of Internet browsers is usually set by default to accept Cookies, however, you can easily disable them by changing the browser settings. Many cookies are used to improve the usability or functionality of websites, therefore disabling them may prevent you from enjoying all or part of the services provided through our website, you may experience usability problems or you may experience problems with your session if you log in. If you wish to limit or block all cookies set by our websites (which may prevent you from using certain parts of the website) or by any other websites/applications, you can do so through your browser settings.

How can you exercise your data protection rights?

In order to exercise your rights, you must write to the following address: Partida Rambleta s/n from Pobla Tornesa 12191 (Castellón), or to the following e-mail: esp-info@esmalglass-itaca.com indicating “RGPD Valencia” in the subject line. You must specify which of the rights you are requesting to be satisfied and, in turn, must be accompanied by a photocopy of your ID card or equivalent identification document. If you are acting through a representative, legal or voluntary, you must also provide a document accrediting the representation and an identification document of the same, if you wish to have a model for this purpose:

• • Or use an official Agency template: https://www.aepd.es/reglamento/derechos/index.html

  • Or ask us for a model: dpo@altadiagroup.com

12. Processing of special categories of personal data and personal data relating to criminal convictions and offences

When filling in the free text fields, it is not permitted to enter personal information relating to personal data revealing ethnic or racial origin, political opinions, religious or philosophical convictions, or trade union membership, and the processing of genetic data, biometric data aimed at uniquely identifying a natural person, data relating to health or data relating to the sex life or sexual orientations of a natural person, as well as personal data relating to criminal convictions and offences. In the event of entering any information relating to the aforementioned aspects in any of our forms or by e-mail, they will be immediately deleted from our information systems without being able to deal with the query made, as such data are not necessary or relevant for the purposes determined in the processing of this website.

13. Links to other websites

We sometimes provide links to other websites, but these websites are not under our control. Therefore, we will not be liable for any problems arising in connection with the use of personal data, the content of the website or the services offered by these websites.

14. Data quality

The User declares that the data provided, whether their own or that of third parties they represent, are true, truthful and is responsible for communicating any modification or update of the same. The user shall be liable for any direct or indirect damage that may be caused to ITACA or any third party as a result of providing false, fraudulent, inaccurate, incomplete or out-of-date personal data.

The data requested by the User indicated with an asterisk (*) will be strictly necessary to contact the User. In no case will the fact of not providing more data than strictly necessary imply a decrease in the quality of the service.

15. Data of minors or incapacitated persons

The use of the Service is not permitted to minors, so if you are under 16 years of age, please refrain from using the services of our website.

ITACA may request additional information or documentation in order to verify the age of the data subject, taking into account available technology.

16. Updating of data

The user is the only source of information about their personal data, so ITACA requests that, in order to keep their data updated and updated at all times in accordance with the principles of the RGPD, communicate to the address indicated for the exercise of the rights of access, rectification, cancellation and opposition, any changes to them, as well as the cessation of their activity in the entity they represent, where appropriate, to proceed to the cancellation and/or historical treatment of the same.

17. Consent to advertising mailings.

According to the LSSI Law. ITACA will not send commercial communications by e-mail or any other equivalent means of electronic communication that have not been previously authorised by the recipient through the authorisation systems used by ITACA.

In the case of those users with whom there is a previous contractual relationship, ITACA is authorised to send commercial communications concerning ITACA products or services that are similar to those that were initially contracted with the client. In any case, the user may voluntarily request to opt out of receiving further commercial information through the Customer Service channels after proving their identity, or by unsubscribing from the advertising e-mail itself.

Personal data will be kept in our information systems indefinitely in order to carry out commercial communications of the company’s products and services, provided that the right to object to such advertising mailings is not exercised.

18. Social Networking

When you become a fan, follower or analogue of ITACA in the different social networks and in the context of this treatment, you must take into account that ITACA can only consult or delete your data in a restricted way by having a specific profile. Any rectification of your data or restriction of information or publications must be made through the configuration of your profile or user in the social network itself. By default you consent:

a) The processing of your personal data in the environment of said social network and in accordance with its privacy policies.

b) ITACA‘s access to the data contained in your profile or biography, depending on your privacy settings in each network, these will be more or less extensive.

c) To have news published about our events, or our comments may appear on your wall or biography.

d) To receive communications about our products/events.

If you want to stop following us, just click on the option “Stop being a fan” or “Stop following“.

19. Modification of this privacy policy

ITACA reserves the right to modify this policy in order to adapt it to future legislative or jurisprudential developments, as well as to industry practices, previously informing users of any changes that may occur.

Continued use of ITACA by the User shall constitute ratification of the present document, with the modifications and changes that may have been introduced.

For the same reasons as stated above, ITACA reserves the right to modify or discontinue the ITACA Service in whole or in part, whether or not notice is given to the User. ITACA shall not be liable to the User or to any third party for having exercised its right to modify or discontinue the ITACA Service.

LEGAL NOTICE

1. Identification of the controller’s business name

In accordance with Law 34/2002 of 11 July 2002 on information society services and electronic commerce, we hereby inform you of the company’s social data:

Company name:	INNOVACIONES TECNICAS APLICADAS A CERAMICAS AVANZADAS SAU
N.I.F/C.I.F.:	A12505293
Address:	Partida Rambleta s/nfrom Pobla Tornesa 12191 (Castellón).
Residence:	Spain
E-mail:	esp-info@esmalglass-itaca.com
Telephone numbers:	964 657 800
Object:	Chemical Industry
Registration Data:	Castellón Mercantile Register, Volume 1316, Book 879, Section 8, Page CS15020

General information.

These general conditions regulate the use of the service of the website https://www.decorative-solutions.com whose owner is ITACA, which is available free of charge to Internet users and does not require any prior subscription or registration to view it. However, the contracting of certain services or products does require the User to register on the Website. The use of our Website confers the condition of user and implies full and unreserved acceptance by the User of each and every one of the General Conditions in the version published by ITACA at the very moment the User accesses our Website, as well as our privacy and personal data processing policy. The User must read the General Conditions carefully each time he/she intends to use our Website. Likewise, the use of the Service is also subject to all the notices, regulations of use and instructions made known to the User by ITACA provided for in these General Conditions insofar as they do not oppose them.

ITACA reserves the right to deny or withdraw access to its WebSite, at any time and without prior notice, to those Users who fail to comply with these General Conditions, as well as any applicable Specific Conditions.

3. General Conditions

In general, the User undertakes to comply with these terms and conditions of use, and to always act in accordance with the law, good customs and the requirements of good faith, using the diligence appropriate to the nature of the service he/she enjoys, abstaining from using the website https://www.decorative-solutions.com in any way that may impede, damage or deteriorate the normal operation of the same, the property or rights of ITACA, of the rest of the Users or in general of any third party.

In particular, and without this implying any restriction to the obligation assumed by the User in general in accordance with the previous section, the User undertakes, when using https://www.decorative-solutions.com, to:

• Not to enter, store or disseminate on or from the website any information or material that is defamatory, libellous, obscene, threatening, xenophobic, incites violence or discrimination based on race, sex, ideology, religion or that in any way violates morality, public order, fundamental rights and public freedoms, the honour, privacy or image of third parties and, in general, current legislation.

• Not to introduce, store or disseminate through the website any computer programme, data, virus, code, hardware or telecommunications equipment or any other electronic or physical instrument or device that may cause damage to the website, to any of the services, or to any of the equipment, systems or networks of ITACA, of any User, or in general of any third party. Or that in any other way is capable of causing them any type of alteration or preventing their normal operation.

• Not to destroy, alter, use for use, render useless or damage the data, information, programmes or electronic documents of ITACA or third parties.

• The User shall not hinder the use of the ITACA Service by another User or the use of similar services by another entity.

• In particular, the User must refrain from carrying out any act contrary to the regulations governing the protection of personal data, the market and consumers, intellectual property, tax regulations, and the honour, privacy, image and good name of persons or entities.

• The User is prohibited from deleting, evading or manipulating the copyright and other data identifying the rights of ITACA or its owners incorporated into the Contents, as well as the technical protection devices and any other information mechanisms that the Contents may contain.

ITACA may, at its sole discretion, terminate the service immediately, if the User’s conduct is not in accordance with the terms and conditions set forth herein.

ITACA may, at any time and without prior notice, modify these General Conditions, as well as any Special Conditions that may be included, by publishing these modifications on the website so that Users may be aware of them.

4. Intellectual and industrial property

1. The structure, design and form of presentation of the elements [graphics, images, files, logos, colour combinations and any other element susceptible of protection] are protected by intellectual property rights owned by ITACA.

The reproduction, transformation, distribution, public communication, making available to the public and, in general, any other form of exploitation, partial or total, of the elements referred to in the previous section is prohibited. These acts of exploitation may only be carried out with the express authorisation of ITACA and, in any case, must make explicit reference to the ownership of the aforementioned intellectual property rights of ITACA. Reproduction [printing or downloading] is only authorised for private use of the contents available on the website.

2. The use of distinctive signs [trademarks, trade names] is not permitted, except with the express authorisation of the legitimate owners.

5. Exemption from liability.

ITACA shall not be liable:

In general, with regard to inappropriate use of the website owned by ITACA, users must make appropriate use of the website, in accordance with the above terms and conditions, and ITACA shall not be held responsible for any improper use.

Regarding possible technical deficiencies. – ITACA shall not be responsible in any case for any alterations in the service caused by failures in the electrical network, in the data connection network, in the server or in any other services.

With regard to access by third parties to its system, ITACA shall adopt the necessary technical precautions in order to protect the data and information accessed, but shall not be held responsible for actions by third parties who, in breach of the established security measures, gain access to the aforementioned data.

This website may contain links to other third party websites, the content of which ITACA cannot control. The inclusion of these links is for information purposes only and does not imply acceptance or guarantee by ITACA of the contents of these websites. ITACA therefore declines all liability in relation to the same, as well as for any damage that may be caused for any reason to your computer system (equipment and applications), documents or files. ITACA, to the extent permitted by applicable legislation, does not guarantee the reliability, availability or continuity of the operation of this website or its content for technical, security, control or service maintenance reasons, for failures due to the server that hosts the content or other intermediaries or suppliers, for attacks against the computer system, or for any other reasons arising from causes beyond its control, and therefore disclaims any direct or indirect liability for the same.

ITACA shall not be liable for any direct or indirect failures, errors or damages that may be caused to the user’s computer system or to the files or documents stored therein, which are caused by or derive from the capacity or quality of their computer system or from the presence of a virus or any other harmful computer application on the computer used to connect to the contents of the website, the quality of your connection or access to the Internet, the malfunctioning of your browser, or the use of computer applications whose versions are not up to date or the corresponding user licence has not been obtained.

ITACA is exonerated from liability for any claim regarding the intellectual property rights of the articles and images published on its website, and does not guarantee the accuracy, veracity and validity of the contents of this website, whether they are its own, of third parties, or linked to other websites, being totally exonerated from any liability arising from the use of the same.

ITACA is exonerated from any liability arising from any claim, including the payment of lawyers’ fees, for claims and demands made by third parties for breach by the USER of our conditions of use, access and privacy policy, or any other claim for breach of current legislation.

7. Legislation.

In general, relations between ITACA and the Users of its telematic services, present on this website, are subject to Spanish legislation and jurisdiction, and the parties submit to the Courts and Tribunals of the User’s place of residence (Spain) for any litigation arising from this agreement.

If any provision or provisions of this agreement are found by a court of competent jurisdiction to be contrary to law, such provision or provisions shall be redrafted to reflect as closely as possible the intentions of the parties, while the other provisions shall remain in full force and effect.

In the event that any provision of this Agreement is found to be invalid or unenforceable, the valid or enforceable portion and the remaining provisions of the Agreement shall remain in full force and effect.