Privacy Policy

1. Introduction

At Securfy your privacy comes first. This policy explains how we handle your personal information.

We comply with the GDPR of the European Union and the LOPDGDD of Spain.

By using our site, you accept this policy. If you do not agree, please do not use our services.

2. Data We Collect

We only collect what is strictly necessary:

• Contact data: name and email when you write to us or place an order.
• Order data: shipping address and payment details (handled by certified providers).
• Browsing data: IP, browser, and pages visited. All anonymized.
• Communication data: messages you send us via Signal, WhatsApp, email, or contact form.

We do not collect sensitive data, biometric information, or precise location data.

We delete data for privacy: once an order is delivered, we remove personal data we no longer need by law. Addresses, contact details, and anything that could identify you. We keep the minimum possible for the shortest time.

3. How We Use Your Data

We use your data only for:

• Order management: processing, shipping, and invoicing your purchase.
• Customer support: answering questions, providing support, and giving advice.
• Information: only if you give us explicit permission.
• Improvement: analyzing site usage anonymously.
• Legal compliance: tax and accounting obligations.

4. Data Sharing

We do not sell or share your data. We only share it in these cases:

• Essential providers: shipping companies, payment gateways, and hosting. All GDPR-compliant.
• Your consent: when you explicitly authorize us.

All our providers have confidentiality agreements. They guarantee the same level of protection as we do.

5. Cookies & Similar Technologies

5.1 What Are Cookies?

Cookies are small text files that websites store on your device when you visit them. They help remember your preferences, keep your session active, and collect browsing data.

They are not viruses or malicious programs. They are tools that improve the browsing experience by allowing the site to remember information about your visit.

At Securfy we use cookies in a limited and transparent way. Below we explain what cookies we use, what they are for, and how you can manage them.

5.2 Types of Cookies We Use

We classify our cookies into three categories based on their purpose:

• Technical or necessary cookies: essential for the website to work properly. Without them you could not browse or use basic features such as the shopping cart. They do not require your consent under the GDPR.
• Analytical cookies: allow us to measure anonymously how the site is used: which pages are visited most, how long you spend in each section, or which country you are reading from. All information is aggregated and does not allow personal identification.
• Preference cookies: remember choices you have made, such as the language in which you prefer to view the site or whether you have previously accepted or rejected cookies.

5.3 Technical Cookies (Necessary)

These cookies are essential for the site to function. They cannot be disabled because without them the website would not work properly.

These are first-party cookies (managed by Securfy) and do not share information with third parties.

5.4 Analytical Cookies

We use Google Analytics 4 (GA4) to understand how you interact with our site. All information is collected anonymously and in aggregate.

GA4 is configured with IP anonymization enabled. We do not collect demographic or interest data, nor do we share data with other Google services.

We only install these cookies if you accept non-essential cookies in our consent banner. If you reject them, they will not be installed.

5.5 Preference Cookies

These cookies allow the site to remember decisions you have made to personalize your experience.

Preference cookies are installed automatically when you interact with site options (language, cookie consent). They do not collect personal information and only affect your browsing experience.

5.6 Third-Party Cookies

Some cookies are set by external services we use for the site to function:

• Google Analytics: _ga and _ga_* cookies for anonymous audience measurement. Only installed if you accept non-essential cookies. Google has its own servers and privacy policies.
• Stripe: our payment provider uses its own technical cookies to process payments securely and prevent fraud. They are necessary to complete a purchase.
• Supabase: our backend platform uses session cookies for authentication and database operations.

We do not use advertising cookies or social media cookies. We do not share your browsing data with advertising networks or marketing platforms.

We have no control over third-party cookies. We recommend reviewing their respective privacy policies for more information.

5.7 How to Manage Cookies

You have full control over cookies. You can manage them in several ways:

• From our banner: when you first visit the site, a banner appears allowing you to accept all cookies or reject non-essential ones. Your choice is saved for one year.
• From your browser: all browsers allow you to block, delete, or limit cookies from their privacy settings.

Here are the official guides for the most common browsers:

• Chrome: Settings → Privacy and security → Cookies and other site data
• Firefox: Options → Privacy & Security → Cookies and Site Data
• Safari: Preferences → Privacy → Manage Website Data
• Brave: Settings → Shields → Cookies

If you choose to block technical cookies, some parts of the site may not work properly. For example, the shopping cart or language switching will stop working.

You can also clear your browsing history and stored data at any time from your browser settings.

5.8 Cookie Duration

Depending on how long they stay on your device:

• Session cookies: are automatically deleted when you close the browser. We use them for the shopping cart and language preference during your visit.
• Persistent cookies: remain on your device for a defined period or until you delete them manually. We use them to remember your cookie consent (1 year) and for anonymous Google Analytics (2 years).

You can check the exact duration of each cookie in the tables in the sections above.

6. Your Rights (GDPR)

The GDPR gives you these rights:

• Access: know what data we have and how we use it.
• Rectification: correct incorrect data.
• Erasure: ask us to delete your data when it is no longer needed.
• Restriction: limit how we use your data in certain cases.
• Portability: receive your data in a standard format to take to another service.
• Objection: reject us using your data for marketing.

To exercise your rights, write to us via Signal or the contact form. We respond within 30 days maximum.

If you believe we have not handled your request properly, you can complain to the Spanish Data Protection Agency (AEPD) at www.aepd.es.

7. Data Security

We apply measures to protect your data from unauthorized access:

• End-to-end encryption in all our communications.
• HTTPS connection with TLS 1.3 across the entire site.
• Servers in the European Union with security certifications.
• Restricted access to personal data. Only authorized staff.
• Regular security reviews and system updates.

We only keep your data as long as necessary. Once it is no longer needed, we delete it.

8. Children's Privacy

Our services are not aimed at children under 16.

We do not knowingly collect data from children under 16.

If you are a parent or guardian and a child has given us data without your permission, contact us and we will delete it immediately.

9. Changes to This Policy

We may update this policy when necessary. The "Last updated" date shows when it was last reviewed.

We recommend checking this page from time to time. If you keep using the site after a change, it means you accept it.

10. Contact

If you have questions about this policy or want to exercise your rights, contact us:

• Signal: main encrypted communication channel.
• Email: via the contact form.
• WhatsApp: alternative channel available.