PIETRA BY BIANCA

Legal

Privacy Policy

At Pietra by Bianca we are committed to protecting your privacy and handling your personal data transparently, in accordance with the General Data Protection Regulation (GDPR) and applicable Spanish law.

1. Data controller

[Legal entity name pending]
Address: Cádiz, Spain
Contact email: hola@pietrabybianca.com

2. Data we collect

We may collect the following categories of personal data:

  • Contact data: name, email address, and phone number when you write to us or complete a form.
  • Order data: name, delivery address, and payment data necessary to process and deliver your commission.
  • Browsing data: IP address, browser type, pages visited, and time spent, collected via first- or third-party cookies (see Cookie Policy).
  • Communication data: the content of emails and messages you send us.

We do not process special categories of personal data (sensitive data) as defined in Art. 9 GDPR.

3. Purposes and legal bases for processing

  • Order management and delivery: performance of the sales contract (Art. 6(1)(b) GDPR).
  • Customer service: legitimate interest in responding to pre-contractual enquiries (Art. 6(1)(f) GDPR).
  • Newsletter: your express consent (Art. 6(1)(a) GDPR). You may withdraw consent at any time.
  • Legal compliance: retention of invoices and accounting records (Art. 6(1)(c) GDPR).
  • Website analytics: legitimate interest in improving our services (Art. 6(1)(f) GDPR), subject to your cookie preferences.

4. Retention periods

Order data is retained for as long as necessary to fulfil the contract and thereafter for the legally required retention periods (5 years for tax records in Spain). Newsletter subscription data is retained until you unsubscribe. Anonymised analytics data is retained per the settings of each analytics tool.

5. Recipients of data

We do not sell or transfer your personal data to third parties for commercial purposes. We may share it with:

  • Carriers for delivery of your order (name and delivery address only).
  • Payment gateways to process transactions (we do not store card data).
  • Email and analytics service providers, acting as data processors under confidentiality and GDPR agreements.
  • Public authorities when required by law.

Some of these providers may be located outside the European Economic Area. In such cases, we ensure that adequate safeguards are in place as required by GDPR (standard contractual clauses, adequacy decisions, etc.).

6. Your rights

You may exercise any of the following rights at any time by writing to hola@pietrabybianca.com:

  • Access: find out what data we hold about you.
  • Rectification: correct inaccurate or incomplete data.
  • Erasure ("right to be forgotten"): request deletion of your data when it is no longer necessary.
  • Restriction of processing: request that we retain your data without actively processing it.
  • Data portability: receive your data in a structured, commonly used format.
  • Objection: object to processing based on legitimate interest.
  • Withdrawal of consent: withdraw consent at any time without affecting the lawfulness of prior processing.

You also have the right to lodge a complaint with the Spanish Data Protection Authority (AEPD): www.aepd.es.

7. Security

We apply reasonable technical and organisational measures to protect your data against unauthorised access, loss, or disclosure. Data transmission between your browser and our website is encrypted via SSL/TLS.

8. Changes to this policy

We may update this policy at any time. The current version will always be available on this page with the date of last update. Material changes will be communicated by email to registered users.

Last updated: June 2026.