Legal notice

WEBSITE PRIVACY POLICY
https://lampxy.com/

I. PRIVACY AND DATA PROTECTION POLICY
Respecting the provisions of current legislation, Lampxy (hereinafter also the Website) commits to adopting the necessary technical and organizational measures, according to the appropriate level of security based on the risk of the data collected.

Laws incorporated in this privacy policy
This privacy policy is adapted to the current Spanish and European regulations regarding the protection of personal data on the internet. Specifically, it complies with the following regulations:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR).
  • Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights (LOPD-GDD).
  • Royal Decree 1720/2007, of December 21, approving the implementing regulation of Organic Law 15/1999, of December 13, on the Protection of Personal Data (RDLOPD).
  • Law 34/2002, of July 11, on Information Society Services and Electronic Commerce (LSSI-CE).

Identity of the data controller
The data controller of the personal data collected on Lampxy is:

Contact details are as follows:
Contact email: lampxy.info@gmail.com

Personal Data Registry
In compliance with the GDPR and LOPD-GDD, we inform you that the personal data collected by The Rainbow Online Store through the forms on its pages will be incorporated and processed in our file to facilitate, expedite, and fulfill the commitments established between The Rainbow Online Store and the User, or to maintain the relationship established through the forms the User completes, or to respond to a request or inquiry. Likewise, in accordance with GDPR and LOPD-GDD, unless the exception in Article 30.5 of the GDPR applies, a record of processing activities is maintained specifying, according to their purposes, the processing activities carried out and other circumstances established by the GDPR.

Principles applicable to the processing of personal data
The processing of the User’s personal data will be subject to the following principles set forth in Article 5 of the GDPR and Articles 4 and following of Organic Law 3/2018:

  • Principle of lawfulness, fairness, and transparency: User consent will be required at all times, after fully transparent information about the purposes for which personal data are collected.
  • Purpose limitation principle: personal data will be collected for specific, explicit, and legitimate purposes.
  • Data minimization principle: only personal data strictly necessary for the purposes for which they are processed will be collected.
  • Accuracy principle: personal data must be accurate and kept up to date.
  • Storage limitation principle: personal data will only be retained in a way that permits User identification during the necessary time for the purposes of processing.
  • Integrity and confidentiality principle: personal data will be processed to guarantee its security and confidentiality.
  • Accountability principle: the Data Controller will be responsible for ensuring compliance with the above principles.

Categories of personal data
The categories of data processed by The Rainbow Online Store are only identifying data. Special categories of personal data within the meaning of Article 9 of the GDPR are not processed under any circumstances.

Legal basis for the processing of personal data
The legal basis for processing personal data is consent. The Rainbow Online Store commits to obtaining the User’s express and verifiable consent for the processing of their personal data for one or more specific purposes.
The User has the right to withdraw consent at any time. Withdrawing consent will be as easy as giving it. Generally, withdrawing consent will not affect the use of the Website.
When the User must or may provide their data via forms to make inquiries, request information, or for matters related to the Website’s content, they will be informed if completing any of these is mandatory because it is essential for the correct development of the operation.

Purposes of processing personal data
Personal data are collected and managed by The Rainbow Online Store to facilitate, expedite, and fulfill commitments established between the Website and the User or to maintain the relationship established through the forms the User completes, or to respond to a request or inquiry.
Likewise, data may be used for commercial purposes of personalization, operational and statistical activities, and activities inherent to the social purpose of The Rainbow Online Store, as well as for data extraction, storage, and marketing studies to tailor the offered content to the User and improve the quality, functionality, and navigation of the Website.
At the time personal data are obtained, the User will be informed about the specific purpose(s) for which the data will be processed; that is, the use(s) that will be made of the collected information.

Retention periods of personal data
Personal data will only be retained for the minimum time necessary for the purposes of processing and, in any case, only during the following period: 12 months, or until the User requests deletion.
At the time personal data are obtained, the User will be informed about the period during which personal data will be kept or, if not possible, the criteria used to determine this period.

Recipients of personal data
The User’s personal data will be shared with the following recipients or categories of recipients:
If the Data Controller intends to transfer personal data to a third country or international organization, the User will be informed at the time the data are collected about the third country or organization, as well as the existence or absence of an adequacy decision by the Commission.

Personal data of minors
Respecting the provisions of Articles 8 of the GDPR and 7 of Organic Law 3/2018, only those over 14 years old may legally give consent for the processing of their personal data by The Rainbow Online Store. If the User is under 14, parental or guardian consent is required, and such processing is only lawful to the extent that it has been authorized by them.

Confidentiality and security of personal data
The Rainbow Online Store commits to adopting the necessary technical and organizational measures appropriate to the risk to guarantee the security of personal data and prevent accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.
The Website has an SSL (Secure Socket Layer) certificate that ensures personal data are transmitted securely and confidentially, as the data transmission between the server and the User is fully encrypted.
However, since The Rainbow Online Store cannot guarantee the invulnerability of the internet or the total absence of hackers or others who fraudulently access personal data, the Data Controller commits to notifying the User without undue delay if a data breach occurs that may pose a high risk to the rights and freedoms of individuals. Following Article 4 of the GDPR, a personal data breach means any security breach that leads to accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access to personal data.
Personal data will be treated as confidential by the Data Controller, who commits to informing and guaranteeing, through legal or contractual obligation, that confidentiality is respected by its employees, associates, and anyone who has access to the information.

  • Rights derived from the processing of personal data
    The User has the following rights vis-à-vis The Rainbow Online Store, which they may exercise before the Data Controller, as recognized by the GDPR and Organic Law 3/2018:
  • Right of access: the right to obtain confirmation whether The Rainbow Online Store processes personal data and, if so, to obtain information about the specific data and the processing carried out.
  • Right to rectification: the right to have inaccurate personal data corrected or completed.
  • Right to erasure ("right to be forgotten"): the right to have personal data deleted under certain circumstances, such as when the data is no longer necessary, consent is withdrawn, or the processing is unlawful, among others.
  • Right to restriction of processing: the right to limit the processing of personal data under certain conditions.
  • Right to data portability: the right to receive personal data in a structured, commonly used format and transmit it to another controller when processing is automated.
  • Right to object: the right to object to the processing of personal data or to stop processing.
  • Right not to be subject to automated decision-making: the right not to be subject to decisions based solely on automated processing, including profiling, except as permitted by law.

To exercise these rights, the User must send a written communication to the Data Controller with the reference "GDPR-https://lampxy.com/", specifying:

  • Full name and a copy of the ID. If representation is allowed, identification of the representative and authorization document are also required. The ID copy may be replaced by any legally valid identity proof.
  • Request with specific reasons or information requested.
  • Address for notifications.
  • Date and signature.
  • Any document supporting the request.

This request and any attachments can be sent to:
Email: lampxy.info@gmail.com

Links to third-party websites
The Website may contain hyperlinks or links to third-party websites not operated by The Rainbow Online Store. These sites have their own privacy policies and are responsible for their files and privacy practices.

Complaints to the supervisory authority
If the User believes there is a problem or violation of current regulations regarding their personal data processing, they have the right to effective judicial protection and to file a complaint with a supervisory authority, particularly in their habitual residence, workplace, or the place of the alleged infringement. In Spain, this authority is the Spanish Data Protection Agency (https://www.aepd.es/).

II. ACCEPTANCE AND CHANGES TO THIS PRIVACY POLICY
It is necessary for the User to have read and agreed to the terms on personal data protection contained in this Privacy Policy, and to accept the processing of their personal data so that the Data Controller may proceed accordingly, within the timelines and for the purposes indicated. Using the Website implies acceptance of this Privacy Policy.
The Rainbow Online Store reserves the right to modify this Privacy Policy according to its own criteria or due to legislative, jurisprudential, or doctrinal changes from the Spanish Data Protection Agency. Changes or updates will not be explicitly notified to the User. Users are advised to check this page periodically for updates.
This Privacy Policy was updated to comply with Regulation (EU) 2016/679 of April 27, 2016 (GDPR) and Organic Law 3/2018, of December 5.

This website Privacy Policy document was created using a free online privacy policy generator on 05/27/2025.