PRIVACY POLICY
1. Purpose
The purpose of this Privacy Policy is to comply with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, hereinafter GDPR, and Organic Law 3/2018, of 5 December, on Personal Data Protection and Guarantee of Digital Rights, hereinafter LOPDGDD.
Likewise, through this policy we aim to inform the persons, hereinafter users or data subjects, who visit our website, hereinafter website, site or web, about the way in which we collect, process and protect the personal data they may provide to us through any means, including forms, emails, telephone, contracts or other channels, as well as the purposes of the processing, the legal bases that legitimise it and the rights they have in relation to data protection. Additionally, this policy shall serve as an extended version of the information previously provided to data subjects in the information clauses included in the processes through which their personal data is collected.
2. Who is responsible for processing your personal data?
3. How can you contact the Data Protection Officer?
Our entity has appointed a Data Protection Officer, to whom data subjects may address any complaints or queries regarding how our entity processes their personal data. You may contact them in writing, indicating the name of our entity or trade name, followed by your complaint or query, at:
BUSINESS ADAPTER, S.L.
Ronda Guglielmo Marconi, 11, 26, (Parque Tecnológico)
46980 Paterna (Valencia), Spain
Email: info@businessadapter.es (ref. trolli)
or via this Data Subject Contact Form.
4. What personal data will we process and how do we obtain it?
For the development of our activities and the provision of our services, it is necessary to process certain personal data of the persons with whom we interact. The categories of data are as follows:
Identification data: name and surname, DNI or equivalent document, image and handwritten or electronic signature.
Contact data: telephone, email, postal address.
Commercial data: quotations, purchasing conditions, management of communications and dealings carried out with customers, suppliers or potential customers.
Economic and financial data: income and expense control, billing data, bank details, transfers and direct debits.
Curricular data: academic data, qualifications, professional experience and other data included in the application.
Technical and browsing data: IP address, technical identifiers, type of device, browser used, time spent on the website, pages visited and approximate geolocation data derived from the IP address.
The following details the categories of data processed for the different groups with which we maintain some type of relationship:
4.1. Customers:
Identification data, relating to contacts and legal representatives, contact data, commercial data, and economic and financial data shall be processed.
These data may only be processed if the customer provides them to us at the time of purchasing goods, when requesting pre-contractual measures or during the relationship between the parties.
The data may be collected in person, by telephone, email or through the forms provided on our website, online chat, instant messaging, etc.
4.2. Suppliers:
Identification, contact, commercial, economic and financial data shall be processed.
These data shall be processed when initiating a pre-contractual or contractual relationship and during all stages of the commercial relationship.
The data shall be collected in person, by telephone, email, through web forms, online chat, instant messaging, etc.
4.3. Information Requesters:
Whether the information is requested in person, by telephone or in writing, for example by email or web forms, we shall request identification, contact and commercial data.
4.4. Job Applicants:
Curricular, identification and contact data shall be processed, which shall be provided by the applicant themselves when submitting their application to us.
Data may be collected through the in-person submission of documentation, receipt of emails or web forms, data collected during staff selection interviews, whether in person or online, and may also reach us through a collaborator to whom we have delegated certain functions.
For more information, please consult our Job Applicant Policy.
4.5. Social Media Users:
We are present on different social media platforms and may process identification, contact, commercial and other data that the user enables to be viewed or shared with other users of the social network, including curricular data, for example LinkedIn. For more information, please consult our Social Media Policy.
4.6. Complainants:
Identification data, contact data and personal information of the complainant or of third parties sent to us by the complainant shall be processed.
The data may be collected in person, by telephone, email, through web forms, online chat, instant messaging, etc.
4.7. Whistleblowers:
Through our internal whistleblowing channel, reports may be submitted anonymously, but you may also voluntarily provide us with identification and contact data, as well as other information related to the reported facts. The information shall be processed with absolute confidentiality and in accordance with the requirements of Law 2/2023, of 20 February, on the protection of reporting persons. More information is available in the terms of the Internal Whistleblowing Channel.
4.8. Visitors:
Identification data, contact data, the company for which the visitor works and the reason for the visit shall be processed. These data shall be collected when the visitor provides them when requesting access to our facilities or when their contact person within our entity provides them to us in order to allow them access.
4.9. Website Users:
Technical data necessary for the operation of the website shall be processed and, where the user voluntarily requests the installation of non-technical cookies or cookies that are unnecessary for the user, browsing data shall be processed.
For more information, please visit our Cookie Policy.
4.10. Additional Information for Data Subjects:
The legally established information shall be made available to data subjects in the corresponding information clauses included in the different data collection methods, as well as the way to access extended information from this policy.
The personal data processing activities carried out by the entity are duly documented in the corresponding Record of Processing Activities, in accordance with Article 30 of the GDPR.
5. For what purposes will your data be processed?
Below we detail the purposes and legal basis for which we shall process the personal data of the different groups with which we interact:
5.1. Customers:
To fulfil and maintain the pre-contractual or contractual relationship. Article 6.1.b GDPR, performance of a contract.
Billing and compliance with tax obligations and other legal obligations to which we are subject. Article 6.1.c GDPR, legal obligation.
Management of collections and payments. Article 6.1.b GDPR, performance of a contract.
Internal administrative management. Article 6.1.f GDPR, legitimate interest.
Legal defence or claims. Article 6.1.f GDPR, legitimate interest.
Satisfaction surveys and commercial analyses. Article 6.1.f GDPR, legitimate interest.
Sending electronic commercial communications. Article 6.1.a GDPR, consent. Article 21.2 LSSI, prior customer.
5.2. Suppliers:
To fulfil and maintain the pre-contractual or contractual relationship. Article 6.1.b GDPR, performance of a contract.
Administrative, accounting and financial management. Article 6.1.b GDPR, performance of a contract.
Billing and compliance with tax obligations and other legal obligations. Article 6.1.c GDPR, legal obligation.
Management of payments and bank transfers. Article 6.1.b GDPR, performance of a contract.
Evaluation of supplier quality. Article 6.1.f GDPR, legitimate interest.
Internal administrative management and organisational control. Article 6.1.f GDPR, legitimate interest.
Legal defence and claims management. Article 6.1.f GDPR, legitimate interest.
5.3. Information Requesters:
To attend to, register, manage and respond to queries or requests. Article 6.1.f GDPR, legitimate interest.
To apply, where applicable, pre-contractual measures requested by the data subject. Article 6.1.b GDPR, pre-contractual measures.
Internal administrative management arising from the handling of the query. Article 6.1.f GDPR, legitimate interest.
Legal defence against claims. Article 6.1.f GDPR, legitimate interest.
5.4. Job Applicants:
To manage their participation in ongoing selection processes. Article 6.1.b GDPR, application of pre-contractual measures.
To assess their professional profile and suitability for the position offered. Article 6.1.b GDPR, pre-contractual measures.
To conduct in-person or online interviews and selection tests. Article 6.1.b GDPR, pre-contractual measures.
To manage and document the selection process. Article 6.1.b GDPR, pre-contractual measures.
Communications with the candidate. Article 6.1.b GDPR, pre-contractual measures.
Legal defence against claims. Article 6.1.f GDPR, legitimate interest.
Retention of the job application for future selection processes. Article 6.1.a GDPR, consent of the data subject.
For more information, please consult our Job Applicant Policy.
5.5. Social Media Users:
To manage our corporate presence on social media. Article 6.1.f GDPR, legitimate interest.
To attend to queries, requests or messages received through the social network. Article 6.1.f GDPR, legitimate interest.
To interact with users through comments, posts or replies. Article 6.1.f GDPR, legitimate interest.
To analyse statistics regarding user interaction with our profile. Article 6.1.f GDPR, legitimate interest.
To send direct commercial communications through the social network, where applicable. Article 6.1.a GDPR, user consent.
The processing of data carried out by the social network is governed by its own privacy policy.
For more information, please consult our Social Media Policy.
5.6. Complainants:
To manage, process and resolve claims, complaints or incidents. Article 6.1.f GDPR, legitimate interest.
To comply with legal obligations regarding consumer care or applicable sectoral regulations. Article 6.1.c GDPR, legal obligation.
To carry out investigation actions regarding the complaint. Article 6.1.f GDPR, legitimate interest.
Communications with the complainant. Article 6.1.f GDPR, legitimate interest.
To formulate, exercise or defend administrative or judicial claims. Article 6.1.f GDPR, legitimate interest.
Where it is necessary to process special categories of data, Article 9.2.f GDPR, formulation, exercise or defence of claims.
To retain supporting documentation during legally required periods. Article 6.1.c GDPR and Article 6.1.f GDPR, as applicable.
5.7. Whistleblowers:
To register, manage and investigate reports received. Article 6.1.c GDPR, compliance with Law 2/2023 on the Protection of Reporting Persons.
To adopt disciplinary, corrective or legal measures. Article 6.1.c GDPR, legal obligation, and Article 6.1.f GDPR, legitimate interest.
To prevent, detect and investigate unlawful conduct or conduct contrary to the ethics channel and current regulations. Article 6.1.f GDPR, legitimate interest.
To formulate, exercise or defend administrative or judicial claims. Article 6.1.f GDPR.
To communicate information to competent authorities. Article 6.1.c GDPR, legal obligation.
More information is available in the terms of the Internal Whistleblowing Channel.
5.8. Visitors:
To manage and control access to our facilities. Article 6.1.f GDPR, legitimate interest.
To ensure the security of persons, assets and facilities. Article 6.1.f GDPR, legitimate interest.
To verify the visitor’s identity and record their entry and exit. Article 6.1.f GDPR, legitimate interest.
To comply with occupational risk prevention regulations. Article 6.1.c GDPR, legal obligation.
To formulate, exercise or defend claims. Article 6.1.f GDPR, legitimate interest.
5.9. Website Users:
To allow browsing and the correct functioning of the website. Article 6.1.f GDPR, legitimate interest.
To ensure website security. Article 6.1.f GDPR, legitimate interest.
To ensure network security and prevent unauthorised access or cyberattacks. Article 6.1.f GDPR, legitimate interest.
To analyse website use and performance through analytical cookies. Article 6.1.a GDPR, consent.
To display personalised advertising or carry out advertising profiling, where applicable. Article 6.1.a GDPR, consent.
For more information, please visit our Cookie Policy.
5.10. Additional Information for Data Subjects:
The legally required information on data protection shall be provided to data subjects in the corresponding information clauses included in the different data collection methods, including forms, contracts, electronic communications, telephone recordings or other channels, in accordance with Articles 13 and 14 of the GDPR.
Where the processing is based on consent, such consent shall be requested freely, specifically, in an informed manner and unequivocally, and may be withdrawn at any time.
If the data subject does not provide the necessary data or provides incomplete or inaccurate information, we may not be able to deal with their request or formalise the corresponding relationship.
Personal data shall be processed exclusively for the previously informed and determined purposes, without prejudice to any subsequent processing that may be compatible in accordance with Article 6.4 of the GDPR.
The purposes and characteristics of each processing activity are duly identified in the corresponding Record of Processing Activities owned by our entity.
6. Data Retention
The personal data provided shall be retained for as long as there is a contractual, pre-contractual, commercial, employment or other type of relationship with the data subject and for the time necessary to fulfil the purpose for which the data were collected. Subsequently, the data shall be retained for the legally required or permitted periods in order to address any liabilities that may arise from the processing, in accordance with the storage limitation principle established in the GDPR.
Once the relationship has ended, the data may remain duly blocked in accordance with Article 32 of the LOPDGDD in those cases in which it is necessary to retain them, either until the limitation period for liabilities expires for the sole purpose of claims or legal actions, or to comply with our legal obligations.
The periods indicated below may vary depending on the specific applicable regulations, the existence of legal or contractual liabilities, as well as administrative, judicial or police requirements:
Data Subjects: Customers · Suppliers
Sectoral Scope: Accounting and commercial
Retention Period: 6 years from the date of the last entry
Data Subjects: Customers · Suppliers
Sectoral Scope: Tax
Retention Period: General period: 4 years · In case of losses during the fiscal year: 10 years · Invoices: 5 years
Data Subjects: Any person
Sectoral Scope: General
Retention Period: 5 years for personal actions with no special limitation period.
Data Subjects: Job Applicants
Sectoral Scope: Labor
Retention Period: 1 year, unless express consent is given, in which case data may be retained for a longer period.
Data Subjects: Employees
Sectoral Scope: Occupational Risk Prevention
Retention Period: 5 years
Data Subjects: Visitors
Sectoral Scope: Access Control to Facilities
Retention Period: 1 month
Data Subjects: Website Users
Sectoral Scope: Use of Cookies
Retention Period: Maximum of 24 months
Data Subjects: Information Requesters
Sectoral Scope: Commercial / Legal
Retention Period: The shortest time possible or as required by law
Data Subjects: Customers · Suppliers · Visitors · Job Applicants · Employees
Sectoral Scope: Video Surveillance
Retention Period: 1 month
Data Subjects: Whistleblowers · Affected Parties
Sectoral Scope: Internal Whistleblowing Channel Reports
Retention Period:
The data shall only be retained for the time strictly necessary to decide whether to initiate an investigation.
Once 3 months have elapsed from receipt of the communication without any action having been initiated, the data must be deleted or anonymised, where possible, from the internal system, unless there is a legal obligation to retain them.
Where it is necessary to leave evidence of the functioning of the system or where investigations or judicial proceedings are ongoing, the data may be retained for the legally applicable periods.
When the data are no longer necessary, our entity shall proceed to delete, anonymise or securely destroy them.
7. Profiling
As a general rule, our entity does not create profiles or adopt automated decisions that produce legal effects concerning data subjects or similarly significantly affect them.
If, in the future, processing activities involving profiling or automated decisions are carried out, the data subject shall be informed beforehand in accordance with Article 22 of the GDPR.
Where processing is based on legitimate interest, the data subject may exercise their right to object at any time. Likewise, where processing is based on consent, consent may be withdrawn at any time.
8. Recipients
As a general rule, personal data shall only be communicated to third parties where there is a valid legal basis under the GDPR, such as compliance with a legal obligation, performance of a contractual relationship or the duly balanced legitimate interest of the controller. Where applicable, data may be communicated to:
Competent Public Administrations, such as the Tax Agency, Social Security or other authorities, where there is a legal obligation.
Banking institutions, for the management of collections and payments.
Judges, Courts or the Public Prosecutor’s Office, where necessary for the formulation, exercise or defence of claims.
Suppliers acting as processors, with whom the corresponding contract has been formalised in accordance with Article 28 GDPR.
Within the framework of the Internal Whistleblowing Channel for whistleblowers or reporting persons, data may be communicated to competent authorities in accordance with Law 2/2023.
If it becomes necessary to carry out international data transfers to countries located outside the European Economic Area, these shall only be carried out where there is an adequacy decision by the European Commission or where appropriate safeguards provided for in Articles 45 and 46 of the GDPR have been adopted.
In the absence of such safeguards, the transfer shall only take place where one of the derogations provided for in Article 49 of the GDPR applies.
Our entity has adopted appropriate technical and organisational measures to ensure a level of security appropriate to the risk, in accordance with Article 32 of Regulation (EU) 2016/679.
These measures are aimed at ensuring the ongoing confidentiality, integrity, availability and resilience of processing systems and services.
The measures implemented are determined taking into account the nature of the data processed, the purposes of the processing, the state of the art, the cost of implementation and the risks to the rights and freedoms of the data subjects.
Likewise, our entity periodically reviews and updates these measures as part of its internal data protection compliance procedures.
You may exercise the following rights at any time in relation to your personal data:
11.1 Right of Access
To request information about the processing of your personal data.
To request the rectification of your personal data when they are inaccurate, as well as the completion of such data when they are incomplete.
11.3 Right to Object
To object to the processing of your data when it is based on legitimate interest or public interest, on grounds relating to your particular situation, unless there are compelling legitimate grounds that prevail.
Within the framework of the Internal Whistleblowing Channel regulated by Law 2/2023, the exercise of this right may be limited in accordance with Article 31 of said law.
To request the deletion of your data when any of the circumstances provided for in Article 17 of the GDPR apply, including, among others, when the data are no longer necessary for the purposes for which they were collected or when you withdraw your consent, if this was the legal basis for the processing.
You may request to exercise this right where one or more of the following circumstances apply:
When you contest the accuracy of your data, for a period allowing the controller to verify their accuracy.
When the processing is unlawful and you object to the deletion of your data and request instead the restriction of their use.
When the data are no longer needed for the purposes of the processing, but the data subject needs them for the formulation, exercise or defence of claims.
When you have objected to processing pursuant to Article 21.1, while it is verified whether the legitimate grounds of the controller prevail over those of the data subject.
To receive the personal data you have provided to us in a structured, commonly used and machine-readable format, and to transmit them to another controller, where the processing is based on consent or on a contract and is carried out by automated means.
Not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or significantly affects you, except in the cases provided for in Article 22.2 of the GDPR.
11.8 How to Exercise Your Rights
To exercise any of your rights, you must write to Trolli Ibérica, S.A., either by post at the address C/ Bombers, 22, 46980, Paterna, Valencia, or by email at info@trolliberica.com, stating the rights you wish to exercise. If you act on behalf of another person, you must prove your representation. If there are reasonable doubts regarding the identity of the person making the request, we may request additional information necessary to confirm their identity.
The request shall be answered within a maximum period of one month from its receipt, extendable in complex cases in accordance with Article 12 of the GDPR. Exercising rights is free of charge, unless the requests are manifestly unfounded or excessive.
We inform you that you have the right to lodge a complaint with the Spanish Data Protection Agency at C/ Jorge Juan, 6, 28001 Madrid, or at www.aepd.es.
If you wish to make any suggestion or query regarding the processing of your personal data, you may contact the Data Protection Officer:
BUSINESS ADAPTER, S.L.
Ronda Guglielmo Marconi, 11, 26, Parque Tecnológico, 46980 Paterna, Valencia.
Our entity declares its firm commitment to compliance with Regulation (EU) 2016/679, GDPR, and Organic Law 3/2018, LOPDGDD, ensuring that personal data processing is carried out in accordance with the principles of lawfulness, fairness, transparency, minimisation, accuracy, storage limitation, integrity, confidentiality and accountability.
This commitment applies to all employees and collaborators involved in the processing of personal data, as well as to third parties acting on behalf of our entity.
Governance and compliance
Our entity keeps the corresponding Record of Processing Activities updated in accordance with Article 30 of the GDPR.
Likewise, where processing may involve a high risk to the rights and freedoms of data subjects, the corresponding Data Protection Impact Assessment is carried out in accordance with Article 35 of the GDPR.
Security and incident management
Appropriate technical and organisational measures are adopted to guarantee a level of security appropriate to the risk. In the event of a personal data security breach, the internal incident management protocol shall be activated in accordance with Articles 33 and 34 of the GDPR.
Rights of data subjects
Our entity guarantees diligent handling of the exercise of rights recognised under data protection regulations.
Digital rights in the workplace
In the workplace, the digital rights recognised in the LOPDGDD are respected, guaranteeing the balance between the employer’s management powers and the right to privacy, digital disconnection and data protection of employees.
Training and supervision
Our entity promotes training in data protection and digital rights and also relies on specialised external advice to guarantee regulatory compliance.
This Policy may be updated to adapt to regulatory or case-law changes. In the event of substantial modifications affecting data subjects, appropriate measures shall be adopted to communicate them.
Last updated: 25 May 2026.
14. Identification of the Data Controller
15. Identification of the Data Protection Officer
Our entity has appointed a Data Protection Officer, to whom data subjects may address any complaints or queries regarding how our entity processes their personal data. You may contact them in writing, indicating the name of our entity or trade name, followed by your complaint or query, at:
BUSINESS ADAPTER, S.L.
Ronda Guglielmo Marconi, 11, 26, (Parque Tecnológico)
46980 Paterna (Valencia), Spain
Email: info@businessadapter.es (ref. trolli)
or via this Data Subject Contact Form.
Our entity maintains corporate profiles on various social media platforms in order to provide information about our activities and maintain communication with users.
The legal basis for the processing is legitimate interest, Article 6.1.f GDPR, in maintaining a corporate presence and responding to queries, as well as the relationship that the user maintains with the social media platform in accordance with its terms of use.
Social media platforms act as independent data controllers with regard to the data they process on their platforms, in accordance with their own privacy policies.
In certain cases, such as page statistics or “Page Insights”, there may be joint controllership between our entity and the corresponding social media platform, in accordance with the provisions of the applicable regulations.
Our entity is present on the following social media platforms:
with the primary purpose of promoting our services and engaging with other users.
If you, as a user, have a profile on the same social media platform as our entity, you may freely join the page created by us, thereby showing interest in the information we publish on that network.
By joining, you provide us with visibility of certain personal data that you have publicly provided on your profile.
Only if you join our page on the aforementioned social media platforms will your profile data be processed by our entity solely within the social media platform itself, and under no circumstances will they be processed by us outside of it without your prior consent.
As a user, you may access the privacy policies of the social media platform itself at any time, as well as configure your profile to ensure the privacy of any data you do not wish to make public. You may also stop following us whenever you wish.
Once you have joined our page, and if you deem it appropriate, you may publish comments, links, images, photographs or any other type of multimedia content supported by the social media platform. We remind you that, in all cases, you must be the owner of such content, hold the copyright and intellectual property rights, or have the consent of the affected third parties.
Any publication on the page is expressly prohibited, whether texts, graphics, photographs, videos, etc., related to minors, or that infringes or may infringe honour, morals, ethics, good taste, decorum and/or that infringes, violates or breaches intellectual or industrial property rights, image rights or any other right contrary to the law. In such cases, our entity reserves the right to immediately remove the content and may request the permanent blocking of the user.
Our entity shall not be held responsible for content freely published by a user. The user must bear in mind that their publications will be visible to other users and, therefore, they shall be solely responsible for their publications and privacy.
Our organization may use the Social Media platform for advertising purposes, always in compliance with the requirements of the applicable Data Protection regulations and the LSSI-CE.
Recommending our pages to other users so that they can also benefit from promotions or stay informed about events or activities of our organization will not be considered advertising.
Our organization reserves the right to carry out contests and promotions in which users who wish to participate and who follow our page may do so. The terms and conditions of each contest or promotion, when conducted through the Social Media platform, will be published on the platform itself, always in compliance with the applicable laws and regulations.
The Social Media platform does not sponsor, endorse, or administer our promotions in any way, nor is it associated with them.
Our entity may process:
Data shall not be extracted from the social media platform or incorporated into external systems without an appropriate legal basis.
The user may stop following our entity on social media at any time, control their connections, delete content that is no longer of interest to them and restrict who they share their connections with. To do so, they must access the privacy settings of the social media platform on which they are present:
Below, we provide links to the privacy policies of the different Social Media platforms:
Instagram: https://es-la.facebook.com/help/instagram/155833707900388/
LinkedIn: https://www.linkedin.com/legal/privacy-policy?_l=es_ES
TikTok: https://www.tiktok.com/legal/page/eea/privacy-policy/es
The aforementioned social media platforms may carry out international data transfers outside the European Economic Area, in accordance with their own privacy policies and the safeguards provided for in the GDPR.
You may exercise your data protection rights as indicated in our Privacy Policy.
If you wish to make any suggestion or query regarding the processing of your personal data, you may contact the Data Protection Officer:
BUSINESS ADAPTER, S.L.
Ronda Guglielmo Marconi, 11, 26,
Parque Tecnológico
46980 Paterna
Valencia
Email: info@businessadapter.es
You are hereby informed that you have the right to file a complaint with the Spanish Data Protection Agency at: C/ Jorge Juan, 6, 28001 Madrid, or at www.aepd.es.
For more information about the processing of personal data, you can consult our Privacy Policy.
Our organization reserves the right to modify this Policy without prior notice. Therefore, we recommend reviewing it each time you visit our website.
Updated on 25 May, 2026.
This Cookie Policy aims to comply with Law 34/2002 of July 11 on Information Society Services and Electronic Commerce (hereinafter, LSSICE), the General Data Protection Regulation 2016/679 (hereinafter, GDPR), and Organic Law 3/2018 on Personal Data Protection and Guarantee of Digital Rights (hereinafter, LOPDGDD).
Our organization has appointed a Data Protection Officer to whom you may address any questions or complaints regarding the processing of your personal data, indicating the name of our company or our trade name. You may contact them through the following means:
BUSINESS ADAPTER, S.L.
Ronda Guglielmo Marconi, 11, 26,
Parque Tecnológico
46980 Paterna
Valencia
Email: info@businessadapter.es
To comply with section two of Article 22 of the LSSICE, the information provided in this policy must be clear and complete regarding the use of data storage and retrieval devices and, in particular, regarding the purposes of the data processing, ensuring that user data is processed transparently. To achieve this, we provide some basic preliminary definitions that will be used in this policy for greater clarity and better understanding by the user:
User:
The natural person who accesses our website.
Editor:
In the case of this website, this refers to the entity (natural or legal person) that owns the website. Also referred to as the controller or provider of information society services.
Cookies:
Cookies and/or similar technologies (hereinafter, cookies) store and retrieve information when you browse. In general, these technologies may serve various purposes, such as recognizing users, obtaining information about their browsing habits, or customizing how content is displayed.
Data:
This is the information about the user obtained through cookies.
The data may be considered personal data when it relates to identified or identifiable natural persons, as established in Article 4 of the GDPR.
Information society service:
Any service provided at the individual request of a user, whether paid or unpaid, at a distance and by electronic means, provided that it constitutes an economic activity for the editor and its provision involves the use of cookies.
Below is a classification of cookies based on several categories. However, the same cookie may fall into more than one category:
Depending on the entity that manages the device or domain from which the cookies are sent and processes the data obtained, we can distinguish between:
First-Party Cookies:
These are cookies for which our organization is responsible and which are generally sent to the user’s terminal device from a device or domain managed by our organization and from which the service requested by the user is provided.
Third-Party Cookies:
These are cookies managed by an entity other than our organization and which are generally sent to the user’s terminal device from a device or domain not managed by our organization but by another entity that processes the data obtained through the cookies.
If cookies are sent from a device or domain managed by our organization but the information collected through them is managed by a third party, they will also be considered third-party cookies (for example, cookies used to improve the services offered or provide advertising services on behalf of other entities).
Please note that if you accept third-party cookies and later wish to withdraw your consent, you must delete them through your browser settings or through the system provided by the third party itself. Below, we provide websites you can visit to learn more about third-party cookies (deactivation, possible international data transfers, etc.):
If other browsers are used, we recommend checking their cookie use and management policies.
The following tool may be very useful for users https://www.youronlinechoices.com/es/ to manage the use of cookies and to protect your privacy on the internet.
There are many purposes for using cookies. Depending on the purpose for which the data obtained through cookies is processed, some of the possible purposes include:
Technical cookies may be used without the users’ consent.
These are cookies that allow the user to browse our website and use the different options or services available on it, including those used by our organization to manage and operate the website and enable its functions and services. For example: controlling traffic and data communication, identifying the session, accessing restricted areas, remembering the items in an order, carrying out the purchase process, managing payment, controlling fraud related to service security, submitting registration forms or participation requests for an event, counting visits for software license billing (website, platform, or application), using security elements during browsing, storing content for video or audio playback, enabling dynamic content (e.g., loading animations), or sharing content via social networks.
Cookies used to manage, in the most efficient way possible, advertising spaces included by the editor as part of the design or layout of the service provided to the user—based on criteria such as edited content and without collecting user information for other purposes, such as personalizing advertising—also fall under this category.
These cookies allow the website to remember information so that the user can access the service with specific characteristics that may differentiate their experience from that of other users. Examples include language settings, the number of results to display in search queries, the appearance or content of the service depending on the browser used, or the region from which the user accesses the service.
To be exempt from requiring user information and consent, these cookies must be strictly limited to their intended purpose, and the information derived from user selection cannot be used for other purposes (e.g., advertising personalization) nor to create user profiles.
These cookies, either processed by our organization or by third parties, allow us to quantify the number of users and perform statistical measurement and analysis of how users interact with the services offered.
We analyze browsing behavior on our website in order to improve the products or services we offer.
The use of these cookies is unlikely to pose a risk to users’ privacy.
These cookies, either processed by us or by third parties, allow us to analyze users’ browsing habits on the internet so that we can display advertising tailored to their browsing profile.
Depending on how long they remain active on the user’s device, cookies can be classified as:
Session Cookies:
Designed to collect and store data while the user accesses a website.
These are typically used to store information needed for the service requested by the user on a single occasion (e.g., a list of purchased products) and are deleted when the session ends.
Persistent Cookies:
These allow data to remain stored on the device and be accessed and processed for a period defined by the cookie’s controller, which may range from a few minutes to several years.
These cookies may pose privacy risks for users. In any case, when persistent cookies are installed, their duration will be limited to the minimum necessary according to their purpose.
The following cookies fall outside the scope of Article 22.2 of the LSSICE and therefore do not require information or consent from the user:
Below is a list of the cookies used on this website, organized according to their purpose, including whether they are first-party or third-party cookies and their specific function:
At any time, the user may withdraw the consent initially granted by reopening the cookie information window from which consent was given. This window can be accessed from the home page of our website.
We recommend reviewing our Cookie Policy each time you access our website to stay informed of any changes regarding the use of our cookies. Our organization reserves the right to modify this Policy without prior notice.
As part of the information duty established in Article 13.2(f) of the GDPR, we inform you that, should we carry out profiling activities concerning you, we will request your prior consent. However, you should be aware that you may object to being subject to an automated decision based on your personal data, where personal aspects are evaluated, such as analyzing or predicting factors related to job performance, economic situation, health, personal preferences or interests, reliability, or behavior, when such decisions produce legal effects concerning you or significantly affect you in a similar way.
Our organization will adopt appropriate security measures to protect your rights and freedoms, as well as your legitimate interests, including your right to obtain human intervention on our part, to express your point of view, and to contest the decision.
Your personal data will not be transferred to other countries or to third parties. In the event of transfers to other entities or to countries outside the European Union, we will inform you and request your prior and explicit consent.
If the user clicks the “ACCEPT cookies” button included in the cookie information window displayed upon accessing our website, it is understood that they freely give their explicit consent for the use of all cookies, allowing our organization to use the user’s information.
If the user freely clicks the button intended to customize or configure cookie usage, they will be provided with an area where they can select the cookies they wish to allow.
At any time, the user may change their mind and withdraw the consent initially granted for the use of cookies.
The retention period for personal data will be the shortest possible, in accordance with the purpose for which the data was collected and in compliance with the principle of data minimization.
For more information about the processing of personal data, please consult our Privacy Policy
You have the right to know whether our organization is processing your personal data; therefore, you have the right to access your data, rectify it if it is inaccurate, or request its deletion when the data is no longer necessary, whenever legally possible.
You may also exercise your right to object, restrict, or request the portability of your data if you deem it appropriate. You may even withdraw your consent, and to exercise any of these rights, you must do so in writing to info@trolliberica.com.
If the person wishing to exercise their rights is under 14 years of age, they may do so through their parents, guardians, or legal representative.
If you wish to submit any suggestion or inquiry regarding the processing of your personal data, you may contact the Data Protection Officer:
BUSINESS ADAPTER, S.L.
Ronda Guglielmo Marconi, 11, 26,
Parque Tecnológico
46980 Paterna
Valencia
Email: info@businessadapter.es
You are hereby informed that if you believe your rights have been disregarded, you have the right to file a complaint with the Spanish Data Protection Agency at: C/ Jorge Juan, 6, 28001 Madrid, or at www.aepd.es.
If the user freely clicks the “REJECT cookies” button included in the cookie information window displayed upon accessing our website, they choose not to allow the use of cookies.
In the cookie information window, the user has a button designed to customize or configure the use of cookies, providing a space to deselect any cookies they may have previously consented to.
The user may withdraw the consent given at any time, easily and visibly, through the system available on the website that allows them to reopen the cookie information and management window and configure the settings as they wish.
Our organization reserves the right to modify this Policy without prior notice. Therefore, we recommend reviewing it each time you visit our website.
Updated on May 7, 2025.
35. Identification of the Data Controller
36. Identification of the Data Protection Officer
Our entity has appointed a Data Protection Officer, to whom data subjects may address any complaints or queries regarding how our entity processes their personal data. You may contact them in writing, indicating the name of our entity or trade name, followed by your complaint or query, at:
BUSINESS ADAPTER, S.L.
Ronda Guglielmo Marconi, 11, 26, (Parque Tecnológico)
46980 Paterna (Valencia), Spain
Email: info@businessadapter.es (ref. trolli)
or via this Data Subject Contact Form.
Within the framework of recruitment processes, we may process the following categories of data:
Likewise, when the application is submitted through our digital platform, technical data such as IP address, date and time of access, or browsing data may be processed for security and technical management purposes.
Your data will be processed for the following purposes:
If the candidate voluntarily provides data relating to disability or adaptation needs, such data shall be processed exclusively to ensure the suitability of the job position in accordance with labour and occupational risk prevention regulations.
Special categories of data shall not be processed unless they are necessary and voluntarily provided by the candidate within the framework of the process.
The processing of your data is based on:
Article 6.1.b GDPR: application of pre-contractual measures at the request of the data subject when submitting their application.
Article 6.1.c GDPR: compliance with legal obligations in employment matters, in the event of hiring.
Article 6.1.a GDPR: consent of the data subject for the retention of their application in the talent pool for future recruitment processes.
In the event of processing special category data related to disability or workplace adaptation, the legal basis shall be Article 9.2.b GDPR, compliance with obligations in the field of employment.
Consent for inclusion in the talent pool may be withdrawn at any time.
If the user is under 16 years of age, we shall not process their personal data, as this is the minimum working age in Spain. The user is solely responsible for the accuracy of the data submitted to us.
Your data shall not be communicated to third parties unless legally required, although certain providers acting as data processors may have access to your data, for example, application management platforms. The corresponding contract shall have been formalised with them in accordance with Article 28 GDPR.
No international data transfers shall be carried out unless required by the platform used, in which case compliance with Articles 44 et seq. of the GDPR shall be guaranteed.
The data shall be retained:
Once these periods have elapsed, the data shall be deleted or blocked in order to address any possible legal liabilities during the applicable limitation periods.
You may exercise the following rights:
Likewise, you may withdraw at any time the consent granted for inclusion in the talent pool.
To exercise your rights, you may contact info@trolliberica.com.
If you wish to submit any suggestion or inquiry regarding the processing of your personal data, you may contact the Data Protection Officer:
BUSINESS ADAPTER, S.L.
Ronda Guglielmo Marconi, 11, 26, (Parque Tecnológico) 46980 Paterna (Valencia).
Data Subject Contact Form
You are hereby informed that if you believe your rights have been disregarded, you have the right to file a complaint with the Spanish Data Protection Agency at: C/ Jorge Juan, 6, 28001 Madrid, or at www.aepd.es.
Our entity applies appropriate technical and organisational measures to ensure a level of security appropriate to the risk, in accordance with Article 32 of the GDPR.
This Policy may be updated to adapt to regulatory or organisational changes.
Updated on May 25, 2026.