GLOBAL PRIVACY POLICY (In force since 23/10/2023)

If you are reading this document, it is because you are on Our Websites and App  or on Our Partners’ Websites and Apps that have implemented our  Services.

We are TIENDEO WEB MARKETING, S.L.U. (hereinafter, TIENDEO) data controller with registered offices in Plaza Pau Vila 1, Edificio Palau de Mar (local 4B) 08039 Barcelona. If you would like to receive clarifications or more information about your data , please contact us here  

DPO: Alabama Abogados, s.l.p.  Email: dpo@tiendeo.com

This Privacy Policy will help you to better understand how we handle your Personal Data , for what purposes, and how you can manage your own information.

In this document you will find a number of Definitions  of words used in this Privacy Policy and an example of how your Personal Data  is processed. If you would like to receive clarifications or more information about your data or this Privacy Policy, please contact us here: dpo@tiendeo.com

  1. Information we process

We collect data from Our Websites and App and from  Our Partners’ Websites and Apps that have implemented our Services.

The data collected and the relative purposes depend on how you use our Services, how you manage your Browser, and the Device  and/or App that you are using.

  1. Personal Data provided by you:

When you use our Services, you may provide us with Personal Data  which includes your name, last name, age, e-mail address or the data of third parties, as well as your preferences for some products or stores and, if you wish, the respective loyalty cards.

This happens, for example, the first time you open Our Websites and Apps  in order to confirm that you are not considered a minor; when you select the categories of flyers you are interested in receiving; when you insert a fidelity card in your personal wallet; when you ask us questions or make requests that concern the flyers we display; or when you send us updates/reports about the address or opening hours of a store. You can also choose to provide us with information about your location if you decide to specify the geographical area of the flyers you are interested in or receive "alerts” in order to be informed by email about the offers regarding stores near you.

If you provide us with third party data, you must assume all inherent legal obligations and responsibilities, and you must fully indemnify TIENDEO WEB MARKETING S.L.U. against any complaints, claims or demands for compensation of damages which may arise from the processing of third party Personal Data in violation of any applicable data protection law.

  1. Personal Data collected from the Browser, the Device and the App

When you use Our Websites and Apps, we collect information about the  Browser, the Device  and the App  you are using. This information includes your IP address, the date and time, the URL, your Unique Identifier, and other information such as your Browser  or Device  type. This information may include your operating system, language, network settings, telephone operator or internet provider and plug-in lists.

Some of this information is collected by Cookies, SDK, and  Other tracking technologies that are on your Browser or Device  and that help us to avoid crashes or the malfunctioning of our Website  when we display content in providing the Services, and in order to provide you with Content that may be useful to you. You can find the complete list of Cookies and SDK  we use here.

  1. Data inferred from your activities

We collect information based on your interactions with our Services  in order to improve them (for example, if we see that you are interested in flyers on “electronics”, we will provide you with more information about electronics) as well as to understand if, among the flyers that appear on Our Websites and Apps or on Our Partners’ Websites and Apps , there is Content that may be useful to you.

In particular, where you have given us your consent during the first access to Our Websites and Apps , we will customize the Services  we provide to you through the use of our artificial intelligence algorithms, in order to show you flyers and Content that may be useful to you  as close as possible to your preferences. This activity takes place on the basis of the following data:

We believe that the use of this data is entirely relevant to the goal of Customizing our Services, including any Content that may be useful to you, as better indicated in paragraph 2).e below.

  1. Information about your location

As part of our Services , we collect information about your location in order to allow you to view dealers near you, and to provide you with Content that may be useful to you. Your location can be determined by:

Your location is determined, more or less accurately and consistently, depending on whether it is collected by the Browser  or the Device, and on your privacy settings. Since our Services  include the promotion of and support to our Partners for the creation of commercial flyers which are increasingly useful and relevant to the interests of our users, we have provided, by design, that your location Information on your location is not used to infer your Sensitive Data.

You can control the ways in which we determine your location by changing your Browser or  Device settings, as explained in the How you can control your Personal Data Section below.

  1. Data collected by Our Partners' Sites and Apps

We also collect information about you from Our Partners' Websites and Apps , where our Services have been implemented. Our Partners' Websites and Apps may provide us with your Personal Data for three different reasons:

- because the first time you opened one of Our Partners' Websites and Apps  we directly asked for specific consent to the communication / sharing of your Personal Data , such as Information about your location (so-called Direct Collection);

- because our Partners have assured us that they have collected your consent or that they have another legal basis that enables the communication / sharing of your Personal Data  with us. On this point, we would like to specify that we make every commercially possible effort to verify the conformity of the data we receive prior to its use, by also asking not to provide us with your Sensitive Data (so-called Indirect Collection );

- because we are their suppliers for certain Services  (for example, offering advertising services on their behalf, so-called Collection on behalf of third parties).

2) Why we collect your Personal Data  

The Information described above is used for the following purposes:

  1. Providing our Services and carrying out your requests

We use the Data collected by the Browser, the  Device and the  App  and the Information about your location to allow you to correctly and relevantly view the offers of the flyers of the businesses closest to you, use your fidelity cards, find your requests / suggestions / reports and in order to offer our Services and those of our Partners to you.

This processing is based on the execution of a contractual obligation (our Terms and Conditions) and/or to respond to a request from you.

  1. Complying with legal obligations

We may use your Personal Data  to comply with legal and tax obligations that require us to collect and/or further process your information. For example, we retain the Personal Data strictly necessary to be able demonstrate your privacy choices when you use Our Websites and Apps.

  1. Detecting anomalies and improving our Services

We use Data provided by you, Data collected by the Browser, the  Device and the  App , data provided through your activities which is collected by Our Websites and Apps, and Our Partners' Websites and Apps , in order to avoid anomalies in our Services  and to improve them. For example, we can detect anomalies when you open a specific section of Our Websites and Apps , access a link, or when a bug is present in our system.

This processing is based on the necessity to guarantee our Services  as indicated in our Terms and Conditions, and is also based on our legitimate interest to avoid inefficiencies of our Services  or our Partner’s services during Collection on behalf of third parties.

  1. Develop new Services

We use your information collected on Our Websites and Apps as well as Aggregated Information from Our Partners' Websites and Apps  to allow us to create new Services , as happened with our specific app, Cardplus, with which you can save fidelity cards without taking them with you.

The development of new Services  is based on our legitimate interest in improving what we offer you on a daily basis.

  1. Customizing our Services, including any Content that may be useful to you

We use your data, especially data you provide through your activities, Information on your location, and Data collected by Browser , Device and App   to give you suggestions that we think may be useful to you. For example, we could show you, before others, flyers that reflect your product preferences or those of the stores you visit most often (when you have given to our App the relevant system consent to geo-location), but also to allow us and our Partners to only show you Content that may be useful to you.

Content that may be useful to you:

The customization of our Services and the provision of Content that may be useful to you , both from us and from our Partners , is based on your prior and specific consent collected with your acceptance of the notice in the banner that appears the first time you visit Our Websites and Apps.

  1. Measuring the effectiveness of our Services and creating new ones

We use Data collected by your Browser, Device and App  , the Personal Data  you provide through your activities, Information about your location collected by Our Websites and Apps , and by Our Partners' Websites and Apps, to measure the performance of our Services. This can be done, for example, through the analysis of your interactions with Content that may be useful to you   and/or with visits to stores whose flyers you have seen. In other cases, your Aggregate Information  is used in statistical reports to help our Partners understand if their flyers or promotions are effective or if more interesting ones should be created.  

Measuring the effectiveness of our Services  is based on our legitimate interest in creating and maintaining Services  that are truly useful to our users and, for Services  provided to our Partners, to fulfill the agreements made with them.  

  1. Sending you promotional communications

We use the contact information you provide to send you communications about new flyers, active promotions and/or to ask you to participate in our appreciation surveys. This will primarily be done via email, if provided by you, and push notifications on your Device .

No promotional communication will be sent to you without your prior consent, which you may provide to us through the specific tick-boxes for this purpose and/or with permission from the Device to send you notifications.

  1. Protecting our interests and our Partners’ interests

We may need to use your Personal Data  in our detection and preventing activities, or to react to fraudulent and illegal behaviour or activity which could prejudice the safety of our  Services and/or Our Websites and Apps . This is the case when you use our App  differently than what it is permitted in our Terms and Conditions. For example, we perform general and aggregate analyses using the IP address of users who install our App  , in order to check for suspicious or malicious downloads, such as in the case of downloads in countries where the App is not present.

We may also need to use some of your Personal Data  in order to defend ourselves in court proceedings, for example in the event of a dispute with our Partners, in order to demonstrate that we have correctly provided the Services.

This processing is based on our legitimate interest to establish, exercise or defend against legal claims, or to protect our users and Partners.

3) How we use your Personal Data

Personal Data  collected for the purposes indicated above is processed both manually and automatically, therefore through programmes or algorithms that analyse information collected through your activities, Information on your location, and Data collected by your Browser, the App  and your Device .  

Your Personal Data may be subject to Combination and/or crossing: this allow us to understand, for example, if the same user is utilizing our Services with the same IP address   both from the Browser and the Device  ; or to show promotional communications or  Content that may be useful to you, strictly in relation  to Information on your location.

Unless you have given us your consent to disclose to third parties, when we offer Services  that involve Collection on behalf of third parties we ensure that we will only provide Aggregated Information  to our Partners so that, even through combination and/or cross-checking, they cannot identify you.

4) Who we share Your Personal Data with

We share your information with the following categories of subjects ("Recipients"):

5) Where your Personal Data are located

Our Services  are available across the world. We ensure that the processing of your Personal Data  by our Recipients is compliant with EU and Spanish law, to which we are subject.  Transfers of Personal Data   may be based on adequacy decisions or on Standard Contractual Clauses approved by the European Commission. For more information on where your data are located please write to us here: dpo@tiendeo.com

6) How long we retain your Personal Data

The Personal Data which we collect by means of tracking by means of SDK within the Apps which form part of Our Websites and Apps  are kept for 36 months from their gathering. This period of time is based on our legitimate interest and is necessary so that our algorithms can perform an effective personalization of our Services, including Content that may be useful to you , as well as in order to ensure that our activities are certifiable towards third parties (for example, our Partners).

The Personal Data we collect through the use of Cookies and Other tracking technologies  within the websites that are part of Our Websites and Apps  are kept for the period of time specified in the cookie policy, which you can find in paragraph 13).1 of this privacy policy.

Personal Data  processed in compliance with the legal obligations to which we are subject is kept for the period required by law.

Personal Data  processed to protect our interests and our users’ interests is kept until Spanish law allows us to protect our interest. You can ask us for more information about our criteria and data retention policy by writing to us here: dpo@tiendeo.com

7) How you can control your Personal Data

At any time, you can ask to:

We will reply to your request within one month in accordance with EU data protection law (which may be extended to two months in cases of particular complexity). You can exercise your rights as indicated above by writing to dpo@tiendeo.com.

If any of the above requests is received by us for Collection on behalf of third parties , we will forward your request to the respective Partner without delay.

We may refuse to grant you access to your Personal Data  under certain circumstances. For example, where it is confidential, required by law, or negatively impacts a third party. Where we refuse your requests we will tell you so in writing and give reasons for our refusal within 30 days of receiving your request.

In any case, you can:

- contact our Data Protection Officer (DPO) here: dpo@tiendeo.com

- contact the relevant Data Protection Authority in your country;

- block promotional communications by clicking on the link at the bottom of each email;

- set up your preferences regarding Data collected by your Browser, the  App and your Device  using the instructions that you find here.

8) What this Privacy Policy does not cover

This Privacy Policy explains and covers processing that we carry out as data controller within Our Websites and Apps and Our Partner’s Websites and Apps.

This Privacy Policy only covers processing carried out by TIENDEO WEB MARKETING S.L.U., and in particular does not cover:

Regarding these cases, we are not responsible for any processing of your Personal Data  carried out by Partners which is not covered by this Privacy Policy.

9) Are you outside the European Union?

The following sections explain how we handle your information if you are outside the European Union or if the law of the Country in which you are located provides for exceptions or necessary clarifications to the provisions set out above in our Privacy Policy.

10) Are you in Australia?

In addition to the rights and protections provided elsewhere in this policy, you also have the:

Where you ask for access to your Personal Data:

If you wish to make a complaint  about how we handle your Personal Data, we ask that you first contact us. We will reply to your request within 30 days in accordance with Australian privacy law.  

11) Are you in New Zealand?

If you are in New Zealand and wish to make a complaint  about how we handle your Personal Data , we ask that you first contact us. We will reply to your request as soon as reasonably practicable, and in any case not later than 20 working days after the day on which the request is received, depending on the circumstances, in accordance with the preferences of the Office of the Privacy Commissioner of New Zealand.  

You can also make a complaint under New Zealand privacy law to the Office of the Privacy Commissioner of New Zealand here . More information about making a complaint is available here .

12) Changes to this Privacy Policy

This Privacy Policy entered into force on the date indicated at the beginning of this document. We reserve the right to amend this Privacy Policy, or to simply update its content, for example, as a result of changes in applicable law. We will inform you of substantial changes to this Privacy Policy  through a message via your Browser or App .

11) Setting your preferences for Personal Data collected by your Browser, App or Device

  1. Cookies

The Cookie Policy of TIENDEO WEB MARKETING S.L.U. is available here .

  1. SDKs

The SDKs that we use depend on the Operating System of your Device .

You may deactivate the tracking carried out by SDKs  at any time in the "Privacy" section within the main menu of the App and by deactivating the customization function, if you had previously activated it.

ShopFully Analytics is a first-party SDK that does not perform profiling and user segmentation activities. We use ShopFully Analytics to generate statistics regarding the use of our App  , aimed at verifying that flyer readings and all the interactions by App are made by real users and not by bots. In this way we can guarantee the authenticity of the statistical reports sent to our Partners who request our Services.

You can deactivate the following SDKs at any time in the "Privacy" section in the main menu of the App by deactivating the customization function if you had previously activated it.

Some SDKs, i.e., those provided by some Partners acting as autonomous data controllers, can be deactivated directly from the Partner's privacy policy. In such cases, next to the name of the SDK you will find the link to the privacy policy through which you can deactivate it.

On Apple Devices:

On Android Devices:

We have partnered with Opensignal to help improve the performance and reliability of this App  and your wireless networks while respecting your privacy.

Opensignal does not collect any information that directly identifies you or your device, and does not sell any Personal Data  about you. Opensignal is the independent global standard for helping telecom ecosystem companies around the world better understand and improve network coverage to improve connectivity for all.

Opensignal may collect data relating to the wireless network performance your device  experiences, that may include the following types of personal information and/or Personal Data : Geolocation data, identifiers (e.g. network names, resettable IDs, BSSIDs, and other access point information), and App   state. Opensignal uses this data to gather information on network experience and create aggregated reports and/or data solutions including anonymized location, for example by plotting network performance on a map to convey coverage.

You can learn more about Opensignal's privacy policy here . You have the right to opt-out of data sharing with Opensignal at any time. To do so please use the opt-out measures provided in your mobile Application or this privacy statement.

  1. Content that may be useful to you

If you want to block the visualization of Content that may be useful to you, you can use the AdChoice  tool provided by the Digital Advertising Alliance or the AdChoice  tool provided by the European Interactive Digital Advertising Alliance.

  1. Unique identifiers 

If you do not want your Device to share Unique Identifier  with us, or if you want to reset them, you can do so by setting your Device accordingly.

If your Device runs iOS, go to "Settings", then "Privacy", then "Tracking" and deactivate the relevant button.

If your Device runs Android, go to "Google Settings" or "Settings", scroll down to "Google", then to "Ads", and select "Disable Interest Based Ads" or "Disable Ad Customization".

  1. Information about your location 

If you do not wish to share Information on your location with us, you can disable location permissions from the settings of your Browser  or from the settings of your Device  (as regards your Device you may, alternatively, choose to enable geo-location only while you are using the App or, if your Device runs iOS, you may choose to enable geo-location only once). Disabling the permission to geolocate from the Device prevents us from determining Information about your location regardless of how it is determined.

In any case, you may choose to provide us only the zip code or the city for which you would like to be aware of relevant offers.

  1. Promotional communications on the Device 

If you want to block the sending of promotional communications via push notifications, you can disable this permission or select the kind of content you want to receive by changing the settings of your Device .

Definitions

Affiliate/Affiliates: Refers to entities that are part of our group.

Aggregated Information : Refers to statistical information about you that does not contain your Personal Data. We use this information, together with Aggregated information of other users, to Measure the effectiveness of our Services and to create statistical reports for our Partners to whom we provide our Services. For example, we may collect Information on your location or Content that you may have seen in order to inform the Partner that their marketing campaign was seen by a number of our users who then went to and/or passed by a Partner’s store. In these reports we do not share your Personal Data and ask our Partners not to combine the Aggregated Information with other information they may have which would allow for your identification.

App:  Means our application for smartphones installed on your Device and/or our Partner applications when we are carrying out Collection on behalf of third parties, Direct Collection, or Indirect Collection.

Browser: Refers to programmes used to access the internet (for example, Safari, Chrome, Firefox, etc.).

Built-in Sensors of your Device : Depending on your Device, these are sensors which include the accelerometer, gyroscope, Bluetooth, Wi-fi, and GPS, which in one way or another share the information they collect through the Device and through the Application. If enabled by the Device settings, these allow us to obtain Information about your location. Turn off the localization permissions assigned to the Application to prevent us from determining where you are.

Collection on behalf of third parties:  This is one of the Services we provide on Our Partners Websites and Apps. In these cases, we merely act as technology providers (technically, as data processors) on behalf of the Publisher, offering them, for example, the technology to send push notifications to their users. In these cases, please refer to the Publisher's privacy policies to know how your data is being used.

Combination and Crossing : Refers to the set of fully automated and non-automated operations with which we combine the Information provided by you, the Data provided through your activities, the Data collected by your Browser, Device and the App, the Data provided by you and collected by our Partners' Websites and Apps used to provide the Services, Measuring the effectiveness of our Services and to create new Content that may be useful to you. We may also combine and/or cross-reference information from different sources, such as information collected from Our Websites and Apps, our Partners' Web Sites and Apps.

Connected Devices:  This is the ability to determine, more or less accurately and consistently, Information about your location through the interaction between your Device and Connected Devices near it, such as information transmitted by the Device's Sensors or the interaction between the Device and signal repeaters or nearby Wi-Fi access points (such as MAC address and signal strength). All of these components help determine your location.

Content that may be useful to you:  If you have viewed our flyers, for example, on “electronics” or “gardening”  we could show you other content related to these areas on Our Websites and Apps, Our Partner’s Websites and Apps, or through Programmatic Advertising. Customization of content may take place thanks to the Combination and/or Crossing of Data.

Cookies:  Refer to small text files sent to your Browser from Our Website or from our Partner’s Website, allowing the website to record information including your visit, language preferences, as well as other information. Cookies are used for different purposes, for example, to record your preferences regarding the use of Cookies (technical cookies), to Measure the effectiveness of our Services, or to Customize our Services, including Content that may be useful to you. Information transmitted by Cookies is subject to Combination and/or Crossing with data gathered through SDK or Other tracking Technologies.

Device: Refers to electronic devices and/or smartphones (for example, an iPhone) that you use to visit Our Websites and Apps and/or our Partner’s Websites and Apps.

Direct collection:  This is one of the services we provide to our Partners to monetize their traffic. In these cases, when you first open our Partners' Sites and Apps, you may see a message informing you of the presence of our Cookies and/or SDKs (which you can choose to accept or refuse) and of this Privacy Policy.

Currently, there are no Partners from whom we perform Direct collection.

Indirect collection : Is one of the Services we provide on our Partner’s Websites and Apps. In such cases, it is the Partner that assures us that your consent has been collected or that they have another legal basis that legitimizes the communication/sharing of your Personal Data with us (for example, Information about your location, Cookies, SDK, etc.). On this point we precise that, before being used, we check the way in which Partners collect and transfer data to us in order to ensure that we respect your preferences.

Currently, Partners from whom we perform Indirect collection are:

IP address : Refers to a unique number used by your Browser, your Device and the App in order to connect to the Internet. This number is provided by your Internet service provider and also allows for identification of the provider and/or the approximate area where you are located. Without this data you cannot connect to the Internet and use our Services or use Content that may be useful to you.

Other tracking technologies:  Means pixel tags (tracers used in conjunction with Cookies and embedded in images within web pages or in the App for the purpose of tracking certain activities, such as viewing Content that may be useful to you, or for us to see if an email has been opened), beacons (physical devices that send information to Built-in Sensors of your Device , such as Bluetooth), probabilistic identifiers (codes assigned to the user on the basis of inferences that lead to identification with a reasonable degree of certainty as a unique user) and any other technology that involves the storage of information in a user's device or access to information already stored on the Device

Our Partners’ Websites and Apps:  These are the websites and mobile applications of our Partners with whom we have commercial agreements (for example, Direct and Indirect Collection on behalf of third parties). The complete list of our Partners is available by email: dpo@tiendeo.com

Our Websites and Apps: Our Websites included within this Privacy Policy are www.tiendeo.com, www.tiendeo.fr, www.tiendeo.it, www.tiendeo.mx, www.tiendeo.com.br, www.tiendeo.com.ar, www.tiendeo.com.co, www.tiendeo.cl, www.tiendeo.pe, www.tiendeo.se, www.tiendeo.co.za, www.tiendeo.jp, www.tiendeo.com.au, www.tiendeo.com.ec, www.tiendeo.gr, www.tiendeo.nl, www.tiendeo.no, www.tiendeo.pl, www.tiendeo.com.tr, www.tiendeo.at, www.tiendeo.be/fr/, www.tiendeo.ca, www.tiendeo.de, www.tiendeo.dk, www.tiendeo.fi, www.tiendeo.co.kr, www.tiendeo.co.nz, www.tiendeo.sg, www.tiendeo.co.uk, www.tiendeo.us, www.tiendeo.ae, www.tiendeo.bg, www.tiendeo.ch, www.tiendeo.cz, www.tiendeo.hu, www.tiendeo.ma, www.tiendeo.ro, www.tiendeo.sk , www.tiendeo.pt . Our App included within this Privacy Policy is Tiendeo.

Personal Data:  Means any information relating to an identified or identifiable natural person. For example, an e-mail address (if it refers to one or more aspects related to an individual, such as name and year of birth), or an IP address. Unique Identifiers are considered personal data.

Programmatic advertising:  These are platforms that can share the information we collect about you, such as your IP Address and the data collected by Cookies, SDKs and Other Tracking Technologies, with people who have an interest in showing you ads that may be useful to you. For example, if you view an "electronics" or "bricolage" product on Our Websites and App, participants in the Advertising Program who sell these products may win an advertising space on one of the sites you visit in order to show you Content that may be useful to you. On this point, we would like to reiterate that the communication of your data to the participants in Programmatic Advertising is based on your prior and specific consent received with the acceptance of the notice in the banner that appeared the first time you visited one of Our Websites and/or our Apps. If you want to know how not to receive these types of communications, please click here.

Software Development Kits (SDKs):  Are software libraries that are installed together with the App. They allow for the collection of data in the same way as the Cookies do on the Browser. SDKs allow us to collect, depending on your Device settings, Information about your location, Unique Identifiers, and Data provided through your activities.

Sensitive Data:  Means special categories of Personal Data that reveal racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, and the processing of genetic data, biometric data, data concerning health, or data concerning a natural person's sex life or sexual orientation, for the purpose of uniquely identifying a natural person. We do not intend to deduce or use this information concerning you and when we provide Services to our Partners we ask you to commit to doing the same (meaning that you should refrain from transferring/using Information about your location from which it may be possible to infer that you are in a hospital or clinic).

Services:  Collectively means all the services indicated in our Terms and Conditions and those that we provide to our Partners (for example Collection on behalf of third parties, statistical reports of Aggregated Information, etc.).  

Unique Identifiers:  Means information that uniquely identifies you through your Browser, Device and/or the App. On your Browser, your IP Address and Cookies are considered Unique Identifiers. On your Device, we use advertising identifiers considered to be Unique Identifiers, which are provided by device producers, such as Apple's IDFA and Android’s AAIG, to Measure the effectiveness of our Services or to Customize our Services, including Content that may be useful to you. Please note that for these purposes and in line with the opinion of the EU Supervisory Authorities, we do not use other Unique Identifiers such as MAC Addresses and IMEIs as they are not resettable by you. For the App, instead, the Unique Identifiers are considered to be the code that identifies the App you have installed. To learn how to reset your preferences, or to not share Unique Identifiers with us, click here.