Privacy Policy

Last updated: January 2025.

1. INFORMATION TO THE USER

Brass Market, as Data Controller, informs you that, in accordance with Regulation (EU) 2016/679 of April 27 (GDPR) and Organic Law 3/2018 of December 5 on data protection and the guarantee of digital rights (LOPDGDD), we will process your data as set out in this Privacy Policy.

In this Privacy Policy, we describe how and why we collect your personal data, what we do with it, who we share it with, how we protect it, and your choices regarding the processing of your personal data.

This Policy applies to the processing of your personal data collected by the Company for the provision of its services. By accepting the terms of this Policy, you agree to our processing of your personal data as defined in this Policy.

2. CONTACT

Company name: Eduardo Egidio Introcaso

Trade name: Brass Market

NIF: ESY6308359W

Address: Marina 142, local 4, Barcelona, ​​08013 (Spain)

E-mail: info@5.250.185.158

3. KEY PRINCIPLES

We are always committed to providing our services with the highest level of quality, which includes treating your data securely and transparently. Our principles are:

  • Legality: We will only collect your personal data for specific, explicit, and legitimate purposes.
  • Data Minimization: We limit the collection of personal data to what is strictly relevant and necessary for the purposes for which it was collected.
  • Purpose Limitation: We will only collect your personal data for the stated purposes and only according to your wishes.
  • Accuracy: We will keep your personal data accurate and up to date.
  • Data Security: We implement appropriate technical and organizational measures proportionate to the risks to ensure that your data is not harmed, including through unauthorized disclosure or access, accidental or unlawful destruction, accidental loss, or alteration, and any other form of unlawful processing.
  • Access and Rectification: We provide the means for you to access or rectify your data whenever you deem appropriate.
  • Retention: We retain your personal data lawfully and appropriately and only as long as necessary for the purposes for which it was collected.
  • International transfers: When your data is transferred outside the EU/EEA, it will be appropriately protected.
  • Third Parties: Access to and transfer of personal data to third parties is carried out in accordance with applicable laws and regulations and with appropriate contractual safeguards.
  • Direct Marketing and Cookies: We comply with applicable legislation regarding advertising and cookies.

4. COLLECTION AND PROCESSING OF YOUR PERSONAL DATA

The types of data that can be requested and processed are:

  • Identification data.

We also automatically collect data about your visit to our website as described in the cookie policy.

Whenever we request your personal data, we will clearly state what personal data we collect and for what purpose. In general, we collect and process your personal data for the following purposes:

  • Provide information, services, products, relevant information, and industry news.
  • Sending communications.
  • Analytics service: Google Analytics

Google Analytics is a web analytics service provided by Google, Inc., a Delaware company located in the United States. Google Analytics uses “cookies,” which are text files placed on your computer, to help us analyze how users use the website. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States. These cookies are used to store non-personally identifiable information. Regarding the IP address, Google Analytics does not share actual IP address information with its clients. Additionally, Google Analytics provides a method we have activated for privacy purposes known as IP masking. This method gives website owners using the application the option to instruct Google Analytics to use only part of the IP address for geolocation purposes instead of the full address, making the IP address even more secure. We have also accepted the data processing amendment and configured the DTA (Data Processing Addendum) details, completing the agreement with the data controller’s details. We’ve also modified the retention period so that data is no longer stored forever, but is reset with each new activity, and the counter is reset to zero on each visit.

​​

  • Payment services: PayPal

With this payment method, Brass Market never obtains the customer’s payment information, such as card numbers. PayPal complies with the US-EU Safe Harbor Framework and the US-Swiss Safe Harbor Framework, as established by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland, among others. However, we have signed a Data Processing Agreement (DPA) with PayPal in accordance with the GDPR.

​​

5. LEGITIMACY

In accordance with applicable data protection regulations, your personal data may be processed whenever:

  • You have given us your consent for the purposes of processing. You may, of course, revoke your consent at any time.
  • By legal requirement.
  • Because there is a legitimate interest that is not overridden by your privacy rights, such as the sending of commercial information through your subscription to our newsletter or your status as a customer.
  • Because it is necessary for the provision of any of our services through a contractual relationship between you and us.

6. COMMUNICATION OF PERSONAL DATA

The data may be communicated to companies related to Brass Market for the provision of various services, acting as Data Processors. The company will not transfer any data except under legal obligation.

7. YOUR RIGHTS

In relation to the collection and processing of your personal data, you can contact us at any time to:

  • Access your personal data and any other information indicated in Article 15.1 of the GDPR.
  • Rectify your personal data that is inaccurate or incomplete in accordance with Article 16 of the GDPR.
  • Delete your personal data in accordance with Article 17 of the GDPR.
  • Restrict the processing of your personal data in accordance with Article 18 of the GDPR.
  • Request data portability in accordance with Article 20 of the GDPR.
  • Object to the processing of your personal data in accordance with Article 21 of the GDPR.
  • If you have given your consent for a specific purpose, you have the right to withdraw the consent given at any time, without affecting the lawfulness of the processing based on the consent prior to its withdrawal.
  • You can exercise these rights by sending a reasoned and accredited communication (with a copy) to info@5.250.185.158
  • You also have the right to file a complaint with the competent supervisory authority (www.aepd.es) if you believe the processing does not comply with current regulations.

8. LEGAL INFORMATION

The requirements of this Policy supplement, and do not replace, any other requirements under applicable data protection law, which shall prevail in any event.

This Policy is subject to periodic review, and the company may modify it at any time. When this occurs, we will notify you of any changes and ask you to review the most recent version of our Policy and confirm your acceptance.

Contact form