IzzonLab

PRIVACY POLICY

1. Purpose

This Privacy Policy is intended to inform individuals (hereinafter “users” or “data subjects”) who visit our website (hereinafter “website” or “site”) how we collect, process, and protect the personal data they may provide through any means (forms, emails, phone calls, contracts, etc.), so that they can freely decide whether they want us to process them.

Additionally, this policy expands on the information previously provided in the legal clauses included in our data collection processes.

It is also intended to comply with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 (GDPR) and Spanish Organic Law 3/2018 of December 5 on the Protection of Personal Data and the Guarantee of Digital Rights (LOPDGDD).

 

2. Who is responsible for processing your personal data?

Entity: IZZON LAB, S.L.

CIF/NIF: B75446872

Postal Address: C/ Sierra de Gata, 2, CP 28830 San Fernando de Henares (Madrid)

Phone: 916 75 11 39

Email: lopd@izzonlab.com

Business Purpose: Manufacturing and sale of perfumes and cosmetics

Website: https://izzonlab.com/

Registration Data: Registered in the Madrid Commercial Registry, Volume: 1, Page: 1, Section: 8, Sheet: 837232

3. How can you contact the Data Protection Officer?

We have appointed a Data Protection Officer before the Spanish Data Protection Agency, who can be contacted for complaints or questions regarding how your data is processed:

Marc Guimerà Reula

Head of the Legal Department

Calle Sierra de Gata 2, CP 28830, San Fernando de Henares (Madrid)

Email: lopd@izzonlab.com

Or via: [User Service Form]

4. What personal data do we process and how do we collect it?

We collect data through digital means, physical documents, or conversations (in-person or by phone). All data is processed fairly, lawfully, and transparently.

Categories of data may include:

  • Identifying data (name, ID, image, voice, signature)
  • Contact information (email, phone, address)
  • Commercial data (quotes, service records, communications)
  • Accounting data (billing, income/expenses)
  • Bank data (account and card info)
  • Curriculum data (education, professional experience)
  • Transaction data (transfers, direct debits)
  • Web browsing data (time spent, pages visited, demographics)
  • We do not collect special categories of personal data, unless necessary and with prior, express consent.

Data will only be processed by authorized personnel or collaborators who have signed confidentiality agreements.

If a user does not provide necessary or accurate data, we may be unable to maintain the relationship.

Depending on your relationship with us, we may process your data as follows:

4.1. Clients

Identification, contact, commercial, banking, and transaction data are collected during the sale of goods/services.

4.2. Information Requesters

We collect identification, contact, and commercial data via phone, email, or forms.

4.3. Suppliers

Identification, contact, banking, transaction, and commercial data are collected during business interactions.

4.4. Job Applicants

Curriculum, contact, and identifying data submitted via any channel are processed for recruitment purposes.

4.5. Social Media Users

We process data users choose to share via social platforms (e.g., LinkedIn). See our SOCIAL MEDIA POLICY​ for details.

4.6. Subscribers

Only the email address is requested for newsletter subscriptions.

4.7. Complainants

Identifying, contact, and relevant personal data of complainants or third parties involved are processed.

4.8. Whistleblowers

Data (including anonymously submitted) may be processed in line with Law 2/2023. See our Internal Whistleblower Channel terms.

4.9. Visitors

We collect identification and company information from visitors entering our premises.

4.10. Website Users

Analytical and demographic data may be collected with the user’s express consent. See our Cookie Policy

4.11. Further Information

Legal clauses will always accompany data collection forms, allowing users to give informed and express consent.

5. What is the purpose of processing your data?

We process data primarily to maintain the relationship with users. Specific purposes include:

5.1. Clients

For identification, commercial relationships, invoicing, delivery of products, customer service, and legal obligations.

5.2. Information Requesters

To respond to queries and follow up on commercial proposals or interest.

5.3. Job Applicants

To manage recruitment and inform candidates about job opportunities.

5.4. Suppliers

To maintain and manage commercial and contractual relationships.

5.5. Social Media Users

To share content, communicate, and manage interactions on social platforms.

5.6. Complainants

To manage complaints, identify users, and fulfill legal obligations.

5.7. Whistleblowers

To process internal reports and communicate follow-ups, per legal terms.

5.8. Visitors

To manage access control and comply with occupational safety laws.

5.9. Website Users

To analyze visits (with prior consent). See our Cookie Policy.

5.10. Further Information

Always included in the specific clauses at the time of data collection.

6. What is the legal basis for processing your data?

We process your data based on:

  • Your express, informed, and voluntary consent
  • The performance of a contract or pre-contractual measures
  • Legal obligations
  • Our legitimate interests, provided they do not override your fundamental rights

If the user is under 14, parental or legal guardian consent is required.

7. How long do we keep your data?

We retain data as long as necessary to fulfill the intended purposes. Afterward, it will be blocked and stored only as needed for legal claims or obligations.

8. Do we create profiles or use automated decisions?

No. If we ever do, you’ll be informed and your consent will be requested. You may oppose automated decisions at any time by writing to: lopd@izzonlab.com.

9. Data Sharing

We generally do not share your data with third parties, except:

  • With companies in our group (with prior consent)
  • When required by law (e.g., tax authorities, banks, transport companies)
  • With service providers (e.g., accountants), under strict data processing agreements

 

In the event of a report, with authorities or legal entities as permitted under Law 2/2023

10. International Data Transfers

If we transfer your data outside the European Economic Area, we will inform you and request your express, prior consent.

11. Security Measures

We have implemented technical and organizational measures to prevent unauthorized access, loss, or misuse of data. These are regularly reviewed through audits and internal controls.

 

12. Your Rights

You may exercise the following rights at any time:

12.1. Right of Access

To know what data we process, for what purpose, and how.

12.2. Right of Rectification

To correct inaccurate or incomplete data.

12.3. Right to Object

To object to data processing under certain conditions.

12.4. Right to Erasure

To request deletion of your data under specific circumstances.

12.5. Right to Restriction of Processing

To limit how your data is used, e.g., during a dispute.

12.6. Right to Data Portability

To receive your data in a readable format and transfer it elsewhere.

12.7. Right Not to Be Subject to Automated Decisions

To oppose profiling or automated decisions with legal or significant effects.

To exercise these rights, contact IZZON LAB, S.L. at the address or email provided, attaching ID or legal representation proof if necessary.

You may also contact the Data Protection Officer or file a complaint with the Spanish Data Protection Agency:

C/ Jorge Juan, 6, 28001 Madrid or www.aepd.es

13. Commitment to Data Protection

Scope: Applies to all departments and personnel, including third parties acting on our behalf.

Principles: Lawfulness, fairness, transparency, data minimization, accuracy, confidentiality, and accountability.

Special Categories: Processing of sensitive data is prohibited unless legally required and consented.

Rights: We respond promptly and diligently to all data protection requests.

Records & Impact Assessments: All processing activities are documented and assessed for risks, with appropriate security measures in place.

Control: We receive external advice and stay updated on regulatory developments.

 

14. Updates to this Policy

We reserve the right to modify this Privacy Policy without prior notice. We recommend reviewing it regularly.

Last updated: March 27, 2025