2. Identification of the Data Controller / Information Society Service Provider

TROLLI IBÉRICA, S.A.
C/ Bombers, 22
Parque Empresarial Táctica
46980 Paterna
VALENCIA, SPAIN

Telephone: (+34) 96 134 30 18
Email: info@trolliberica.com 
Website: https://www.trolli.es/ 

Tax ID (CIF/NIF): A96311832
Registered in the Commercial Registry of VALENCIA, Volume 10567, Book 7848, Page 12, Section 8, Sheet V35525

3. How can you contact the Data Protection Officer?

Our company has appointed a Data Protection Officer (DPO), registered with the General Registry of the Spanish Data Protection Agency, to whom data subjects may address any complaints or inquiries regarding how our company processes their personal data.

You may contact the DPO in writing, indicating the name of our company or trade name, followed by your complaint or inquiry, at the following address:

BUSINESS ADAPTER, S.L.
Ronda Guglielmo Marconi, 11, 26, (Parque Tecnológico)
46980 Paterna (Valencia), Spain

Email: info@businessadapter.es  (ref. trolli)
or via this Data Subject Contact Form.

4. What personal data will we process and how do we obtain it?

In order to carry out our business activities, it is essential for us to process personal data, which may be collected through digital means (e.g., email), by completing paper documents, or through in-person or telephone conversations. In all cases, the data will be processed in a fair, lawful, and transparent manner.

The categories of data that our company may process about data subjects include:

Identification data: name and surname(s), ID card or equivalent document, image, and signature (handwritten or digital).

Contact data: telephone number, email, postal address.

Commercial data: quotations, purchase terms, service and/or purchase management and history, outcome of communications (telephone, email, messaging, and other communication channels).

Accounting data: income and expense control, billing data.

Banking data: bank accounts and cards.

Financial data: information regarding economic or asset solvency.

Transaction data for goods and services: transfers and direct debits, amounts, and descriptions.

Curriculum data: academic information, professional experience, personal characteristics, etc.

Browsing data: analysis of time spent on our website, pages visited, demographic information (e.g., age, gender, language).

Our company does not collect special categories of data (e.g., health, ethnic origin, political opinions, or religious beliefs). If the processing of such data ever becomes necessary, you will be duly informed and asked for your prior and explicit consent.

Consequently, the data we request will be adequate, relevant, and limited to what is strictly necessary. They will be processed only by staff and/or collaborators authorized by our company, who have signed a confidentiality agreement and are committed to complying with the required security measures to ensure the confidentiality, integrity, and availability of the data, as well as all other legal obligations established under the GDPR.

The data will therefore be processed lawfully. The data to be processed are provided by the data subject themselves or by their legal representative. However, there may be cases in which we delegate certain functions to collaborators who may collect your data on our behalf, always with your prior and explicit consent.

If a data subject fails to provide the requested data or provides incomplete or incorrect information, it will not be possible to establish or maintain a relationship with them. The categories of data we may process depend on the relationship the data subject maintains with our company, as described below:

4.1. Customers:
We will process identification, contact, commercial, accounting, banking, and transaction data related to goods and services. These data may be collected only if the customer provides them at the time of purchase—either in person, by phone, email, etc.—or through an authorized collaborator to whom we have delegated certain functions.

4.2. Information Requesters:
Whether the request for information is made in person, by phone, or in writing (e.g., by email), we will request and/or process identification, contact, and commercial data.

4.3. Suppliers:
We will process identification, contact, commercial, accounting, banking, transaction, and financial data. These data may be processed throughout all stages of the business relationship and only if the supplier provides them for that purpose.

4.4. Job Applicants:
For this category of data subjects, we will process curriculum, identification, and contact data, as well as other information related to their professional or personal characteristics, which may be provided by the applicant when submitting their application (e.g., in person, by email, or through web forms). Such data may also be collected during recruitment interviews (in person or online) or received through a collaborator to whom we have delegated certain functions.

4.5. Social Media Users:
We are present on different social media platforms and may process identification, contact, commercial, and other data made visible or shared by the user with other members of the platform, including curriculum data (e.g., LinkedIn). For more information, please refer to our Social Media Policy.

4.6. Complainants:
We will process identification and contact data, as well as personal information belonging to the complainant or third parties, provided in the context of the complaint.

4.7. Whistleblowers:
Through our internal whistleblowing channel, reports can be made anonymously. However, you may also voluntarily provide identification and contact data, as well as other personal information about yourself or third parties related to the report, as provided for under Law 2/2023 of February 20, on the protection of persons who report regulatory infringements and the fight against corruption. More information is available in the terms of the Internal Whistleblowing Channel.

4.8. Visitors:
We will process identification and contact data, as well as company information if the visit is for business purposes. These data are collected either when the visitor provides them to request access to our facilities or when their contact person within our company provides them to facilitate entry.

4.9. Website Users:
When visiting our website, and only with the user’s express authorization, analytical data (e.g., visit duration, pages visited) and demographic data (e.g., gender, age, country, language) may be collected. For more information, please refer to our Cookie Policy.

4.10. Additional Information for Data Subjects:
All legally required information will be made available to data subjects through the corresponding information clauses included in the different data collection methods, so that individuals may freely and explicitly decide whether they wish their personal data to be processed by our company. All categories and types of personal data processed will be duly identified in our company’s respective data processing records.

5. For what purposes will your data be processed?

In general, the processing of personal data by our company aims to fulfill and maintain relationships with the different groups of individuals with whom we interact. Depending on the type of relationship, your data may be processed for different purposes, which are described below — by way of example, but not limitation:

5.1. Customers:
Your personal data will be processed for identification purposes and to establish, fulfill, and maintain the pre-contractual and contractual relationship. This includes sending commercial communications through different means, responding to inquiries, conducting quality control and commercial statistics, managing the sale and delivery of goods, accounting and billing management, transaction of goods and services, payment management, incident handling, complaints, and the exercise of rights, as well as any other purposes required to comply with such relationship, with applicable laws, or to pursue our legitimate interests.

5.2. Information Requesters:
We will process your personal data to respond to any requests for information you may make, to identify you, and to send or provide quotations and information about goods and/or services of interest to you. Our responses (verbal or written) may include commercial information related to your inquiry. We may also conduct follow-up communications through different means to learn about your decisions regarding the commercial proposals we have sent.

5.3. Job Applicants:
Your data will be processed to include you in our recruitment processes and job pool, to identify you, and to contact you with information about job openings, interview coordination, and other matters related to your application.

5.4. Suppliers:
Your personal data will be processed to maintain pre-contractual and contractual relationships, to manage business relations such as quotation requests, purchases of goods, or contracting of services, to make inquiries and identify you, for accounting management and transactions of goods and services, as well as for other purposes necessary to fulfill the relationship, comply with legal obligations, and safeguard our legitimate interests.

5.5. Social Media Users:
We will process your personal data to maintain our relationship as users of the same social media platform, to identify and contact you, share news or advertising, and process other personal data that the social media user allows to be shared with other members of the platform. For more information, please refer to our Social Media Policy.

5.6. Complainants:
Personal data will be processed to identify you, manage your complaint, and contact you regarding its status, as well as to comply with our legal obligations and legitimate interests.

5.7. Whistleblowers:
The personal data you choose to provide in your report will be processed to register and manage the report, identify and contact you (unless the report is anonymous), acknowledge receipt, and keep you informed about the status of our investigations within the timeframes and terms established under Law 2/2023 of February 20. We may also process your data based on our legitimate interests and when necessary to comply with other legal obligations. More information is available in the terms of the Internal Whistleblowing Channel.

5.8. Visitors:
Data relating to visits to our facilities will be processed to identify you and to comply with our obligations regarding occupational risk prevention, as well as for safety and access control purposes.

5.9. Website Users:
By accepting the installation of cookies when visiting our website, data may be processed for different purposes (e.g., website visit analysis). For more information, please refer to our Cookie Policy.

5.10. Additional Information for Data Subjects:
All legally required information will be made available to data subjects through the corresponding information clauses included in the various data collection methods (e.g., forms, audio recordings, contracts, etc.), so that you may freely and explicitly decide whether you wish for the requested personal data to be processed by our company. Similarly, this information will be reiterated in the various documents or communications we share with data subjects (e.g., signage, invoices, legal notices, etc.).

If the data subject fails to provide the requested information or provides incomplete or incorrect data, it may not be possible for us to process your information request or maintain a relationship with you. Data will not be processed for any purposes other than those accepted by the data subjects.

The purposes underlying the processing of personal data will be duly identified in the corresponding processing activities under the responsibility of our company.

6. Why do we process your data (legal basis)?

The processing of your personal data by our company is carried out on one or more of the following legal bases:

1. When you provide your express, free, informed, and unequivocal consent, after having been informed at the time of data collection and in more detail through this Privacy Policy. After reading it and agreeing with its terms, you may voluntarily authorize us to process your data for one or more specific purposes by ticking the appropriate boxes on our web forms or by giving your consent through the signature of the information clauses provided to you whenever we request your personal data.
2. For the performance of a contract to which you are a party or in order to take pre-contractual steps at your request.
3. When processing is necessary to comply with a legal obligation to which our company is subject.
4. When processing is necessary for the purposes of legitimate interests pursued by our company or by a third party, provided that such interests are not overridden by your interests or fundamental rights and freedoms. In this regard, we inform you that our company has conducted an assessment weighing our legitimate interests against the rights and freedoms of the data subject, always ensuring respect for fundamental rights.

If the user is under 14 years of age, the consent of their parents, guardians, or legal representative will be required in order to process their data. The user is solely responsible for the accuracy and truthfulness of the data they provide.

7. Data Retention

The personal data provided will be retained for as long as we maintain a relationship with the data subject and for the time necessary to fulfill the purpose for which the data was collected.

Once that relationship has ended, the data will be blocked in cases where it is necessary to retain them until the expiration of any potential liabilities — solely for the purpose of handling claims or legal actions — as well as to comply with our legal obligations, for example:

8. Profiling

We do not create profiles nor make automated decisions using your personal data. However, should we ever decide to do so, you will be duly informed and your prior authorization will be requested.

Likewise, you have the right to object to this type of processing at any time by contacting our company in writing at info@trolliberica.com.

9. Data Disclosure

As a general rule, our company does not share personal data with third parties without prior consent. However, it may be necessary to disclose data in the following cases:

For customers or suppliers, personal data may be shared with third parties due to legal obligations (e.g., the Tax Agency), or with entities necessary to provide our services or process payments (e.g., banking institutions). In cases involving the delivery of goods, data may be shared with transport companies collaborating with our organization.

Additionally, the personal data of customers or suppliers may be processed by third parties to whom we delegate certain obligations (e.g., accounting advisors). All such entities have signed a data processing agreement, committing to implement the same security measures as our company and to uphold strict confidentiality and secrecy obligationsregarding the personal data they process, among other data protection requirements.

In the case of job applicants, their data will not be shared with third parties unless we are legally required to do so.

Regarding information requesters or website users, their data will not be shared with third parties except in the cases described above, which will always be communicated at the time of data collection and only with their explicit consent, unless our legitimate interest prevails or there is a legal obligation, in which case consent will not be required.

For whistleblowers, their data may be lawfully processed by individuals other than those responsible for the internal reporting system. Data may also be shared with third parties when necessary to adopt corrective measures within our company or to pursue disciplinary or criminal proceedings, as provided under Article 32.2 of Law 2/2023.

In general, we may disclose your personal data to courts, public prosecutors, and/or competent public authoritieswhen required to do so by law or in response to potential claims.

10. International Data Transfer

In the event of data transfers to third parties located in countries outside the European Economic Area, we will inform the data subjects and request their prior and explicit consent.

11. Security Measures

Our organization has implemented all the necessary technical and organizational measures to protect the personal data we process, preventing its loss, theft, or unauthorized use. These measures have been designed according to the type of data processed and the purposes for which it is handled. They are periodically verified through our internal controls for compliance with personal data protection regulations and through external audits.

12. Your Rights

You, as the owner of your personal data and acting on your own behalf or through your legal representative (e.g., individuals under 14 years old), may contact our organization at any time to exercise your rights regarding personal data protection. Below is an explanation of these rights:

12.1 Right of Access

You have the right to know and request at any time the following information:

Whether or not we are processing your personal data.

The purposes of the processing, as well as the categories of personal data involved.

The source of your data, if you did not provide it directly to us.

The recipients or categories of recipients to whom your personal data have been or will be disclosed, including, where applicable, recipients in third countries or international organizations.

Information on the appropriate safeguards applied when your data is transferred to a third country or international organization, where applicable.

The expected retention period, or, if not possible, the criteria used to determine such period.

Whether automated decision-making exists, including profiling, along with meaningful information about the logic involved, and the significance and foreseeable consequences of such processing.

A copy of the personal data undergoing processing.

12.2 Right to Rectification

You may request the rectification of your personal data if it is inaccurate, as well as request completion of incomplete data.

12.3 Right to Object

You may object to the processing of your data when it is incorrect or no longer necessary for its intended purpose.
If you are acting as a reported person or an affected party within the framework of Law 2/2023, you may not exercise your right to object, since it is presumed (unless proven otherwise) that legitimate grounds exist for processing your personal data, as established in Article 31.4 of the Law.

12.4 Right to Erasure

You may request the deletion of your data for any of the following reasons:

The data is no longer necessary for the purposes for which it was collected or processed.

You did not provide consent for the processing of your data.

You have exercised your right to object.

The data has been processed unlawfully.

The data must be erased to comply with a legal obligation.

12.5 Right to Restriction of Processing

You may exercise this right in any of the following situations:

When you contest the accuracy of your data, for a period that allows us to verify it.

When processing is unlawful and you oppose erasure and request restriction instead.

When the data is no longer needed for processing purposes, but you require it for the establishment, exercise, or defense of legal claims.

When you have objected to processing under Article 21(1) while we verify whether our legitimate grounds override yours.

12.6 Right to Data Portability

This refers to your right to obtain your personal data in a structured, commonly used, and machine-readable format, and to transmit it to another controller for further processing.

12.7 Right Not to Be Subject to Automated Decision-Making

You have the right not to be subject to a decision based solely on automated processing, including profiling, that produces legal effects concerning you or significantly affects you in a similar way.

To exercise any of your rights, you must contact TROLLI IBÉRICA, S.A. in writing, either by postal mail at: C/ Bombers, 22, 46980, Paterna (Valencia), Spain or by email at: info@trolliberica.com, indicating the rights you wish to exercise and providing your contact information for us to send you a response. If acting on behalf of another person, you must provide proof of representation. If you wish to submit any suggestion or inquiry regarding the processing of your personal data, you may contact our Data Protection Officer:: - BUSINESS ADAPTER, S.L. - Ronda Guglielmo Marconi, 11, 26, (Parque Tecnológico) 46980 Paterna (Valencia). - Data Subject Contact Form. You are also informed that you have the right to file a complaint with the Spanish Data Protection Agency at: C/ Jorge Juan, 6, 28001 Madrid o en www.aepd.es.

12.8 How to Exercise Your Rights

To exercise any of your rights, you must contact TRASTORNOS ALIMENTARIOS Y OBESIDAD, S.L. in writing, either by postal mail at: Calle Finlandia, 21 Bajo izq. 46010 Valencia (Valencia) or by email at: info@trolliberica.com, indicating the rights you wish to exercise.
If acting on behalf of another person, you must provide proof of representation.

If you wish to submit any suggestion or inquiry regarding the processing of your personal data, you may contact the Data Protection Officer:

BUSINESS ADAPTER, S.L.

Ronda Guglielmo Marconi, 11, 26, (Parque Tecnológico) 46980 Paterna (Valencia).

Data Subject Contact Form

Le informamos que usted tiene derecho a realizar una reclamación ante la Agencia Española de Protección de Datos en: C/ Jorge Juan, 6, 28001 Madrid o  en https://www.aepd.es

13. Commitment to the Protection of Personal Data

Scope of Application

Our commitment to the protection of personal data is mandatory for all departments and employees of our organization, as well as for any third parties acting on our behalf.

Purpose

We have established protocols for the processing of your personal data in accordance with European and Spanish data protection regulations.

Principles

We will process your data lawfully, fairly, transparently, applying data minimization, accuracy, storage limitation, integrity, confidentiality, and accountability.

Special Categories of Data

Our organization prohibits the processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data, health data, or data concerning sexual orientation, except in legally authorized circumstances and with the explicit prior consent of the data subject.

Rights of Data Subjects

Our organization will handle and respond to your requests to exercise your rights as quickly and diligently as possible.

Record of Processing Activities, Impact Assessment, and Security Measures

Our organization will maintain a record of processing activities and analyze the purposes of the processing, categories of data subjects and data, recipients, international transfers, retention periods, etc., in order to assess processing risks and implement the necessary security measures to guarantee the confidentiality, integrity, and availability of personal data.
In addition, for each processing activity, we have assessed the need to carry out a Data Protection Impact Assessment and determined whether there is an obligation to appoint a Data Protection Officer, ensuring, where required, that the designated individual has sufficient knowledge and experience in accordance with applicable regulations.

Monitoring

We rely on external support that advises us in this area, monitoring all publications issued by the competent supervisory authorities and other European and Spanish entities related to data protection regulations, in order to ensure compliance at all times.

15. Presence on Social Media

In compliance with Articles 13 to 24.2 of the European Data Protection Regulation 2016/679 (GDPR) and Law 34/2002 on Information Society Services and Electronic Commerce (LSSI-CE), the Data Controller informs users that it has created a profile on the following Social Media platforms:

• Facebook
• Instagram
• LinkedIn
• Tik Tok

with the primary purpose of promoting our services and engaging with other users.

If you, as a user, have a profile on the same Social Media platform as our organization, you may freely join the page we have created, thereby expressing interest in the information we publish on that platform.

By joining, you allow us visibility of certain personal data that you have made publicly available on your profile.

Only if you join our page on the specified Social Media platforms will your profile data be processed by our organization, and solely within the Social Media platform itself. Under no circumstances will it be processed by us outside the platform without your prior consent.

As a user, you may access the privacy policies of the Social Media platform at any time and configure your profile to ensure the privacy of any data you do not wish to make public. You may also unfollow us whenever you choose.

16. Posts

Once you have joined our page, you may, if you wish, publish comments, links, images, photographs, or any other type of multimedia content supported by the Social Media platform. Please remember that in all cases you must be the owner of such content, hold the copyright and intellectual property rights, or have the consent of any affected third parties.

The publication of any content on the page—whether text, graphics, photographs, videos, etc.—related to minors, or that harms or may harm honor, morality, ethics, good taste, decency, and/or that infringes, violates, or breaches intellectual or industrial property rights, image rights, or any other rights protected by law, is expressly prohibited. In such cases, our organization reserves the right to immediately remove the content and may request the permanent blocking of the user.

Our organization will not be responsible for the content freely posted by a user. The user must be aware that their publications will be visible to other users, and therefore they will be solely responsible for their posts and for their own privacy.

17. Advertising

Our organization may use the Social Media platform for advertising purposes, always in compliance with the requirements of the applicable Data Protection regulations and the LSSI-CE.

Recommending our pages to other users so that they can also benefit from promotions or stay informed about events or activities of our organization will not be considered advertising.

18. Contests and Promotions

Our organization reserves the right to carry out contests and promotions in which users who wish to participate and who follow our page may do so. The terms and conditions of each contest or promotion, when conducted through the Social Media platform, will be published on the platform itself, always in compliance with the applicable laws and regulations.

The Social Media platform does not sponsor, endorse, or administer our promotions in any way, nor is it associated with them.

19. Personal Data

As the Data Controller, our organization will carry out the following actions:

• Access the public information on the user’s profile.
• Respond to user requests.
• Send individual messages to the user through the Social Media platform’s messaging channels.
• Publish information related to our organization on the user’s profile.
• Post page status updates that will appear on the user’s profile.

The user may unfollow our organization on social media at any time, manage their connections, remove content they are no longer interested in, and restrict who they share their connections with. To do so, they must access their privacy settings.

Below, we provide links to the privacy policies of the different Social Media platforms:

Facebook: https://www.facebook.com/help/323540651073243/

Instagram: https://es-la.facebook.com/help/instagram/155833707900388/

LinkedIn: https://www.linkedin.com/legal/privacy-policy?_l=es_ES

21. Your Rights

You have the right to know whether our organization is processing your personal data; therefore, you have the right to access your data, rectify it if it is inaccurate, or request its deletion when the data is no longer needed, whenever legally possible.

You may also exercise your right to object, restrict, or request the portability of your data if you deem it appropriate. You may also withdraw your consent, and to exercise any of these rights, you must do so in writing to info@trolliberica.com.

f the person wishing to exercise their rights is under 14 years of age, they may do so through their parents, guardians, or legal representative.

If you wish to submit any suggestion or inquiry regarding the processing of your personal data, you may contact the Data Protection Officer, indicating the name of our company or our trade name:

BUSINESS ADAPTER, S.L.
Ronda Guglielmo Marconi, 11, 26, 
Parque Tecnológico 
46980 Paterna 
Valencia

Email: info@businessadapter.es 

Data Subject Contact Form

You are hereby informed that you have the right to file a complaint with the Spanish Data Protection Agency at: C/ Jorge Juan, 6, 28001 Madrid, or at www.aepd.es.

For more information about the processing of personal data, you can consult our Privacy Policy.

23. Identification of the Data Protection Officer

Our organization has appointed a Data Protection Officer to whom you may address any questions or complaints regarding the processing of your personal data, indicating the name of our company or our trade name. You may contact them through the following means:

BUSINESS ADAPTER, S.L.
Ronda Guglielmo Marconi, 11, 26, 
Parque Tecnológico 
46980 Paterna 
Valencia

Email: info@businessadapter.es 

Data Subject Contact Form

24. Definitions

To comply with section two of Article 22 of the LSSICE, the information provided in this policy must be clear and complete regarding the use of data storage and retrieval devices and, in particular, regarding the purposes of the data processing, ensuring that user data is processed transparently. To achieve this, we provide some basic preliminary definitions that will be used in this policy for greater clarity and better understanding by the user:

User:
The natural person who accesses our website.

Editor:
In the case of this website, this refers to the entity (natural or legal person) that owns the website. Also referred to as the controller or provider of information society services.

Cookies:
Cookies and/or similar technologies (hereinafter, cookies) store and retrieve information when you browse. In general, these technologies may serve various purposes, such as recognizing users, obtaining information about their browsing habits, or customizing how content is displayed.

Data:
This is the information about the user obtained through cookies.

The data may be considered personal data when it relates to identified or identifiable natural persons, as established in Article 4 of the GDPR.

Information society service:
Any service provided at the individual request of a user, whether paid or unpaid, at a distance and by electronic means, provided that it constitutes an economic activity for the editor and its provision involves the use of cookies.

25. Types of Cookies

Below is a classification of cookies based on several categories. However, the same cookie may fall into more than one category:

25.1 Types of Cookies According to the Entity that Manages Them

Depending on the entity that manages the device or domain from which the cookies are sent and processes the data obtained, we can distinguish between:

First-Party Cookies:
These are cookies for which our organization is responsible and which are generally sent to the user’s terminal device from a device or domain managed by our organization and from which the service requested by the user is provided.

Third-Party Cookies:
These are cookies managed by an entity other than our organization and which are generally sent to the user’s terminal device from a device or domain not managed by our organization but by another entity that processes the data obtained through the cookies.

If cookies are sent from a device or domain managed by our organization but the information collected through them is managed by a third party, they will also be considered third-party cookies (for example, cookies used to improve the services offered or provide advertising services on behalf of other entities).

Please note that if you accept third-party cookies and later wish to withdraw your consent, you must delete them through your browser settings or through the system provided by the third party itself. Below, we provide websites you can visit to learn more about third-party cookies (deactivation, possible international data transfers, etc.):

• Google Chrome
• Mozilla Firefox
• Microsoft Edge
• Chrome para Android
• Safari (Apple)
• Opera
• And Google AdWords

If other browsers are used, we recommend checking their cookie use and management policies.

The following tool may be very useful for users https://www.youronlinechoices.com/es/ to manage the use of cookies and to protect your privacy on the internet.

25.2 Types of Cookies According to Their Purpose

There are many purposes for using cookies. Depending on the purpose for which the data obtained through cookies is processed, some of the possible purposes include:

Technical Cookies

Technical cookies may be used without the users’ consent.

These are cookies that allow the user to browse our website and use the different options or services available on it, including those used by our organization to manage and operate the website and enable its functions and services. For example: controlling traffic and data communication, identifying the session, accessing restricted areas, remembering the items in an order, carrying out the purchase process, managing payment, controlling fraud related to service security, submitting registration forms or participation requests for an event, counting visits for software license billing (website, platform, or application), using security elements during browsing, storing content for video or audio playback, enabling dynamic content (e.g., loading animations), or sharing content via social networks.

Cookies used to manage, in the most efficient way possible, advertising spaces included by the editor as part of the design or layout of the service provided to the user—based on criteria such as edited content and without collecting user information for other purposes, such as personalizing advertising—also fall under this category.

Preference or Personalization Cookies

These cookies allow the website to remember information so that the user can access the service with specific characteristics that may differentiate their experience from that of other users. Examples include language settings, the number of results to display in search queries, the appearance or content of the service depending on the browser used, or the region from which the user accesses the service.

To be exempt from requiring user information and consent, these cookies must be strictly limited to their intended purpose, and the information derived from user selection cannot be used for other purposes (e.g., advertising personalization) nor to create user profiles.

Analytics or Measurement Cookies

These cookies, either processed by our organization or by third parties, allow us to quantify the number of users and perform statistical measurement and analysis of how users interact with the services offered.

We analyze browsing behavior on our website in order to improve the products or services we offer.

The use of these cookies is unlikely to pose a risk to users’ privacy.

Behavioral Advertising Cookies

These cookies, either processed by us or by third parties, allow us to analyze users’ browsing habits on the internet so that we can display advertising tailored to their browsing profile.

25.3 Types of Cookies According to Their Duration

Depending on how long they remain active on the user’s device, cookies can be classified as:

Session Cookies:
Designed to collect and store data while the user accesses a website.
These are typically used to store information needed for the service requested by the user on a single occasion (e.g., a list of purchased products) and are deleted when the session ends.

Persistent Cookies:
These allow data to remain stored on the device and be accessed and processed for a period defined by the cookie’s controller, which may range from a few minutes to several years.

These cookies may pose privacy risks for users. In any case, when persistent cookies are installed, their duration will be limited to the minimum necessary according to their purpose.

25.4 Types of Cookies Exempt from Consent

The following cookies fall outside the scope of Article 22.2 of the LSSICE and therefore do not require information or consent from the user:

• “User input” cookies
• Authentication or user identification cookies (session-only)
• User security cookies
• Multimedia player session cookies
• Load-balancing session cookies
• User interface customization cookies
• Certain plug-in cookies for sharing social content
• Cookies enabling communication between the user’s device and the network
• Cookies used to provide a service expressly requested by the user
• Audience measurement cookies when meeting the following guarantees:
  • Their purpose is strictly audience measurement
  • Data obtained is anonymous
  • The data is not shared with third parties
  • The data is not used to combine with other processing
  • Cookie lifespan is limited to the strictly necessary period (maximum 13 months)
  • Information stored is kept no longer than strictly necessary (maximum 25 months)

25.5 Types of Cookies Used on This Website

Below is a list of the cookies used on this website, organized according to their purpose, including whether they are first-party or third-party cookies and their specific function:

At any time, the user may withdraw the consent initially granted by reopening the cookie information window from which consent was given. This window can be accessed from the home page of our website.

We recommend reviewing our Cookie Policy each time you access our website to stay informed of any changes regarding the use of our cookies. Our organization reserves the right to modify this Policy without prior notice.

26. Profiling

As part of the information duty established in Article 13.2(f) of the GDPR, we inform you that, should we carry out profiling activities concerning you, we will request your prior consent. However, you should be aware that you may object to being subject to an automated decision based on your personal data, where personal aspects are evaluated, such as analyzing or predicting factors related to job performance, economic situation, health, personal preferences or interests, reliability, or behavior, when such decisions produce legal effects concerning you or significantly affect you in a similar way.

Our organization will adopt appropriate security measures to protect your rights and freedoms, as well as your legitimate interests, including your right to obtain human intervention on our part, to express your point of view, and to contest the decision.

27. Data Transfer

Your personal data will not be transferred to other countries or to third parties. In the event of transfers to other entities or to countries outside the European Union, we will inform you and request your prior and explicit consent.

28. Legal Basis for the Use of Cookies

If the user clicks the “ACCEPT cookies” button included in the cookie information window displayed upon accessing our website, it is understood that they freely give their explicit consent for the use of all cookies, allowing our organization to use the user’s information.

If the user freely clicks the button intended to customize or configure cookie usage, they will be provided with an area where they can select the cookies they wish to allow.

At any time, the user may change their mind and withdraw the consent initially granted for the use of cookies.

29. Retention Period

The retention period for personal data will be the shortest possible, in accordance with the purpose for which the data was collected and in compliance with the principle of data minimization.

For more information about the processing of personal data, please consult our Privacy Policy

30. Your Rights

You have the right to know whether our organization is processing your personal data; therefore, you have the right to access your data, rectify it if it is inaccurate, or request its deletion when the data is no longer necessary, whenever legally possible.

You may also exercise your right to object, restrict, or request the portability of your data if you deem it appropriate. You may even withdraw your consent, and to exercise any of these rights, you must do so in writing to info@trolliberica.com.

If the person wishing to exercise their rights is under 14 years of age, they may do so through their parents, guardians, or legal representative.

If you wish to submit any suggestion or inquiry regarding the processing of your personal data, you may contact the Data Protection Officer:

BUSINESS ADAPTER, S.L.
Ronda Guglielmo Marconi, 11, 26, 
Parque Tecnológico 
46980 Paterna 
Valencia

Email: info@businessadapter.es 

Data Subject Contact Form

You are hereby informed that if you believe your rights have been disregarded, you have the right to file a complaint with the Spanish Data Protection Agency at: C/ Jorge Juan, 6, 28001 Madrid, or at www.aepd.es.

31. Rejecting the Use of Cookies

If the user freely clicks the “REJECT cookies” button included in the cookie information window displayed upon accessing our website, they choose not to allow the use of cookies.

In the cookie information window, the user has a button designed to customize or configure the use of cookies, providing a space to deselect any cookies they may have previously consented to.

The user may withdraw the consent given at any time, easily and visibly, through the system available on the website that allows them to reopen the cookie information and management window and configure the settings as they wish.