Privacy Policy

Last updated: December 15, 2024

1. USER INFORMATION

VALORYS GROUP LLC, hereinafter the CONTROLLER, is the Data Controller of the User's personal data and informs that this data will be processed in accordance with the provisions of the General Data Protection Regulation (GDPR) (EU) 2016/679 of April 27, 2016, and applicable U.S. data protection laws, for which the following processing information is provided:

Controller Identity:

  • Company Name: VALORYS GROUP LLC
  • Address: 1209 MOUNTAIN ROAD PL NE STE R, ALBUQUERQUE, NM 87110, United States
  • Contact Email: info@valorysgroup.com
  • Website: www.valorysgroup.com

2. PRINCIPLES APPLICABLE TO PERSONAL DATA PROCESSING

The processing of the User's personal data shall be subject to the following principles set forth in Article 5 of the GDPR:

  • Principle of lawfulness, fairness, and transparency: User consent will be required at all times after completely transparent information about the purposes for which personal data is collected.
  • Principle of purpose limitation: Personal data shall be collected for specified, explicit, and legitimate purposes.
  • Principle of data minimization: Personal data collected shall be only those strictly necessary in relation to the purposes for which they are processed.
  • Principle of accuracy: Personal data must be accurate and always up-to-date.
  • Principle of storage limitation: Personal data shall only be kept in a form that permits identification of the User for the time necessary for the purposes of its processing.
  • Principle of integrity and confidentiality: Personal data shall be processed in a manner that ensures their security and confidentiality.
  • Principle of proactive accountability: The Controller shall be responsible for ensuring that the above principles are met.

3. PURPOSES OF PERSONAL DATA PROCESSING

Personal data provided by the User through our website will be processed for the following purposes:

3.1. Management of Inquiries and Contact

When the User uses our contact form, we process their personal data (name, email, phone, and message) for the purpose of responding to their inquiries, requests, or information requests about our products and services.

Legal basis: Consent of the data subject (art. 6.1.a GDPR) and execution of pre-contractual measures (art. 6.1.b GDPR).

3.2. Commercial Management and Marketing

If the User checks the corresponding box, we will process their data to send commercial information about our products, services, promotions, and exclusive offers through electronic means (email, SMS, notifications).

Legal basis: Consent of the data subject (art. 6.1.a GDPR).

3.3. Order and Sales Management

To process requests for product information, quotes, and, if applicable, formalize orders for products offered through our website.

Legal basis: Performance of a contract (art. 6.1.b GDPR).

3.4. Compliance with Legal Obligations

We process certain personal data to comply with legal obligations applicable to our activity, particularly tax, accounting, and consumer protection obligations.

Legal basis: Compliance with legal obligations (art. 6.1.c GDPR).

3.5. Service Analysis and Improvement

We use browsing data in an aggregated and anonymized form to analyze website use, improve our services, and personalize user experience.

Legal basis: Legitimate interest of the controller (art. 6.1.f GDPR).

4. CATEGORIES OF PERSONAL DATA

The categories of data processed are:

  • Identification data: Name, surnames, postal address, email, phone.
  • Browsing data: IP address, browser type, pages visited, time spent, date and time of access.
  • Commercial data: Products of interest, inquiry history, commercial preferences.
  • Transaction data: Information related to orders placed (if purchase is formalized).

We do not process special categories of personal data (sensitive data such as racial origin, political opinions, religious beliefs, health data, sexual orientation, biometric or genetic data).

5. DATA RETENTION PERIOD

Personal data provided shall be retained:

  • Contact and inquiry data: During the time necessary to respond to the inquiry and subsequently for 1 year for possible claims.
  • Data for commercial purposes: Until the User revokes their consent or requests deletion.
  • Customer data: During the commercial relationship and subsequently during the applicable legal limitation periods (generally 6 years from the last transaction).
  • Data for legal obligations: During the periods established by applicable regulations (tax, accounting, etc.).

Once the processing purpose has been fulfilled and applicable legal periods have elapsed, data will be securely deleted or anonymized.

6. DATA RECIPIENTS

Your personal data will not be shared with third parties, except when necessary for service provision or by legal obligation:

6.1. Service Providers (Data Processors)

We may share your data with third-party providers who provide us with services related to:

  • Hosting and data storage services
  • Email marketing and communication platforms
  • Web analytics services (Google Analytics, etc.)
  • Payment gateways and transaction processors
  • Messaging and transportation services
  • Technology service providers (CRM, management software)

All these providers have signed confidentiality and data processing agreements that guarantee the protection of your personal information.

6.2. Public Authorities

When required by law, we may share your data with public authorities, courts, regulatory bodies, or law enforcement.

6.3. International Transfers

Some of our service providers may be located outside the European Economic Area (EEA). In such cases, we ensure that adequate safeguards exist such as:

  • European Commission adequacy decisions
  • EU-approved standard contractual clauses
  • Binding corporate rules
  • Certifications such as the EU-US Data Privacy Framework

7. USER RIGHTS

The User has the right to:

  • Right of access: Obtain confirmation about whether we are processing your personal data and, if so, access it.
  • Right of rectification: Request correction of inaccurate or incomplete data.
  • Right of erasure ("right to be forgotten"): Request deletion of your data when they are no longer necessary, you have withdrawn consent, or processing is unlawful.
  • Right to restriction of processing: Request limitation of processing of your data in certain circumstances.
  • Right to object: Object to the processing of your personal data when the legal basis is legitimate interest or for direct marketing purposes.
  • Right to data portability: Receive your data in a structured, commonly used, and machine-readable format, and transmit them to another controller.
  • Right to withdraw consent: Withdraw consent granted at any time, without affecting the lawfulness of previous processing.
  • Right not to be subject to automated decisions: Not be subject to decisions based solely on automated processing that produce legal effects or significantly affect you.

How to Exercise Your Rights?

To exercise your rights, the User may send a request to:

  • Email: info@valorysgroup.com
  • Postal Address: VALORYS GROUP LLC, 1209 MOUNTAIN ROAD PL NE STE R, ALBUQUERQUE, NM 87110, United States

The request must include:

  • Name and surnames of the User
  • Copy of identity document or equivalent document
  • Specific petition being made
  • Address for notification purposes
  • Date and signature of the applicant

We will respond to your request within a maximum period of one month from receipt, which may be extended by two additional months in case of special complexity.

Right to File a Complaint

If you consider that the processing of your personal data violates the regulations, you have the right to file a complaint with the competent supervisory authority:

  • United States: Federal Trade Commission (FTC) - www.ftc.gov
  • Spain: Spanish Data Protection Agency (AEPD) - www.aepd.es (if applicable)

8. SECURITY MEASURES

VALORYS GROUP LLC has implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Data encryption using SSL/TLS protocols
  • Access control through authentication and authorization
  • Intrusion detection and prevention systems
  • Regular backups
  • Staff training in data protection
  • Regular security audits
  • Security incident response plans
  • Processing activity records

However, transmission of information over the Internet is not completely secure. Although we implement industry best practices, we cannot guarantee absolute security of data transmitted to our website.

9. LINKS TO THIRD-PARTY WEBSITES

Our website may contain links to third-party websites. If you access these links, you will leave our website. We have no control over these third-party websites and are not responsible for their privacy policies. We recommend reading the privacy policies of each website you visit.

10. COOKIES AND SIMILAR TECHNOLOGIES

Our website uses cookies and similar technologies. For detailed information about cookie use, please consult our Cookie Policy.

11. MINORS

Our services are not intended for persons under 18 years of age. We do not knowingly collect personal information from minors. If you become aware that a minor has provided personal data, please contact us so we can delete such information.

12. PRIVACY POLICY UPDATES

This Privacy Policy may be updated periodically to reflect changes in our data processing practices or for legal reasons. The date of the last update is indicated at the beginning of this document.

We recommend reviewing this Privacy Policy regularly. Substantial changes will be communicated through our website or by email when appropriate.

13. DATA PROTECTION OFFICER CONTACT

For any matter related to the processing of your personal data, you may contact our Data Protection Officer (DPO):

  • Email: info@valorysgroup.com
  • Address: VALORYS GROUP LLC - Data Protection Officer, 1209 MOUNTAIN ROAD PL NE STE R, ALBUQUERQUE, NM 87110, United States

14. APPLICABLE LEGISLATION

This Privacy Policy is governed by applicable regulations on personal data protection, in particular:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 (GDPR)
  • Applicable United States regulations on data protection and privacy (including state-specific laws such as CCPA, CPRA, and others)
  • Federal Trade Commission Act and related consumer protection regulations
  • Other applicable federal and state privacy and data protection laws
Back to Home