Privacy policy

1. INTRODUCTION

Storibros, S.L. (hereinafter “STORIBROS”) as data controller and owner of the web portal www.storimake.com ( hereinafter, “Portal”) and the StoriMake app (hereinafter, the “App”) is sensitive to the protection of users’ personal data (“User/s”) who register in the App and the Portal that use the services made available through it (“Services”).

Through this Privacy Policy, and in compliance with Regulation (EU) 2016/679 (“RGPD”) and Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights (“LOPDPGDD” ), STORIBROS informs Users who register and make use of the App and the Portal, of their personal data that may be collected and processed by STORIBROS so that Users can decide, freely and voluntarily, if they wish to provide the information. requested.

The mere access and/or use of all or part of the contents and functionalities of the Platform and the information provided from it, entails full acceptance of this Privacy Policy and the rest of the legal texts (Legal notice, General Conditions and Cookie Policy). If you do not agree with all or part of the Legal Texts, it is recommended that you refrain from registering and using the Platform.

2. DATA COLLECTED, PURPOSES, LEGAL BASIS AND CONSERVATION PERIOD

*The assignment of orders to Makers in the STORI BASIC modality will be carried out according to the application of algorithms based on the following applied logic: professional category of the Maker, area of ​​specialty, conceptual style and portfolio, price range and time slots of professional dedication on the Platform.

The data collected indicated above may be used by STORIBROS for the compatible purposes recognized by the RGPD in article 89 for the purposes of carrying out reports and statistical studies in order to obtain information on the profitability of our Services, as well as improve the quality of the services. themselves.

3. METADATA

As provided in the General Conditions, Users are responsible for eliminating the metadata of the content uploaded to the App that could be considered personal data, through a valid and recognized procedure. In the event that the Users do not comply with their obligations and without prejudice to the responsibilities that this entails, STORIBROS will act, in relation to these personal data, as data processor. STORIBROS will only limit itself to storing these personal data, without carrying out other processing activities due to STORIBROS’s technical inability to identify the personal data.

4. COMMUNICATION OF DATA TO THIRD PARTIES

In general terms, and without prejudice to what is specifically contemplated in this Privacy Policy, the personal data of the Users will be accessible by the rest of the Users of the Platform for the execution of the Services. In particular:

  • The professional profile of the Makers will be available on the Platform from the main screen of the Doers App for Hiring STORI PLUS Services.
  • During the editing process of the Contents, Doer and Maker will be in contact through the chat services integrated into the Platform and once completed, for possible revisions or new orders.

Likewise, STORIBROS will share with third parties the personal data provided by Users for contracting services integrated into the Platform, necessary to fulfill the purposes described above:

Payment gateway: STORIBROS has contracted as a payment service provider Stripe Inc (“Stripe”): When the User enters their payment information (the name of the owner, number card number, expiration date, cvv) these will be stored directly in Stripe Inc (“Stripe”) so none of this data will be stored on STORIBROS servers, but will be treated by Stripe in accordance with its available Privacy Policy < to href=”https://stripe.com/es/privacy”>here. Stripe complies with the security measures established by payment services regulations and is Level 1 certified according to the Payment Card Industry Data Security Standard or PCI DSS.

Hosting and data storage:

  • Amazon Web Services (“AWS”): STORIBROS uses this provider of cloud services and data storage within the EEA, with which it has formalized the corresponding agreement. data processing (“DPA”) available here. More information about the processing of personal data carried out by AWS at: https://aws.amazon.com /en/compliance/data-privacy-faq/

o

  • Microsoft Azure: STORIBROS uses this provider of cloud services and data storage within the EEA, with which it has formalized the corresponding data processing agreement (“DPA ”) available here. More information about the processing of personal data carried out by AWS at: https://docs.microsoft.com/ en-us/compliance/regulatory/gdpr
  • MongoDB: STORIBROS uses this cloud database provider inside and outside the EEA. To guarantee the security of personal data hosted in these databases, STORIBROS has signed with MongoDB the Standard Contractual Clauses approved by the European Commission to provide the international transfer of data with the appropriate guarantees in accordance with the RGPD, contained in the corresponding data processing agreement (“DPA”) available aquíMore information about the processing of personal data carried out by MongoDB at: https://www.mongodb.com/legal/privacy-policy

STORIBROS may share the personal data of Users, in addition to the companies that make up its business group for purposes of separation of business activities, management of the client portfolio or other purposes related to the internal business organization, with any company. interested in purchasing or purchasing STORIBROS or a part of its business and, consequently, give access to any national or international auditors to carry out their “due diligence” provided that such treatment is essential for the satisfactory achievement of the commercial operation. As indicated in article 21 LOPDGDD, if the operation is not completed, the data must be immediately deleted by the receiving entity.

5. SECURITY AND CONFIDENTIALITY

STORIBROS undertakes to adopt the necessary technical and organizational measures in accordance with current regulations so that the security of personal data is guaranteed and the accidental or illicit destruction, loss or alteration of personal data transmitted, preserved or processed is avoided. otherwise, or unauthorized communication or access to such. The personal data will be treated as confidential by the person responsible for the treatment, who undertakes to inform and guarantee through a legal or contractual obligation that said confidentiality is respected by its employees, associates, and any person to whom the information is made accessible. information.

6. DATA PROTECTION RIGHTS

The User may exercise the rights of access, rectification, deletion, opposition, and, if applicable, the limitation of the processing and portability of the data by sending us an email to admin @storimake.com with the reference “RGPD-Stori”, accompanied by a copy of the DNI or equivalent accreditation document. In cases where representation is admitted, identification by the same means of the person representing the User will also be necessary, as well as the document accrediting the representation.

Likewise, the User may file a claim with a control authority, and in particular, with the Spanish Data Protection Agency (www.aepd.es) if you consider that the rights previously set out in this Privacy Policy are violated or if you consider that the processing of personal data that concerns you violates the applicable regulations.

7. CHANGES IN THE PRIVACY POLICY

STORIBROS reserves the right to modify this Privacy Policy at any time. Changes or updates to the Privacy Policy will be explicitly notified to the User, without prejudice to the publication of a notice on the Platform, along with the updated version of the Privacy Policy.