In compliance with current legislation, Design Beyond Things (hereinafter also the Website) is committed to adopting the necessary technical and organizational measures according to the appropriate level of security based on the risk of the data collected.
Laws incorporated in this privacy policy
This privacy policy is adapted to current Spanish and European legislation on personal data protection on the internet. Specifically, it respects the following regulations:
Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016, on the protection of natural persons regarding the processing of personal data and the free movement of such data (GDPR).
Organic Law 3/2018, of December 5, on the Protection of Personal Data and Guarantee of Digital Rights (LOPD-GDD).
Royal Decree 1720/2007, of December 21, approving the implementing regulations of Organic Law 15/1999, of December 13, on Personal Data Protection (RDLOPD).
Law 34/2002, of July 11, on Services of the Information Society and Electronic Commerce (LSSI-CE).
Identity of the data controller
The data controller of the personal data collected on Design Beyond Things is: LABOH CONSULTANCY SL, with CIF: B66134925. Contact details are:
Address: CALLE CASPE 12 1ºJ-K, Barcelona CP 08010
Phone: +34610346186
Email: press@laboh.net
Personal Data Record
In compliance with the GDPR and LOPD-GDD, personal data collected by Design Beyond Things through forms on its pages will be incorporated and processed in our files to facilitate, expedite, and fulfill commitments between Design Beyond Things and the User, maintain relationships established through forms, or respond to requests or inquiries. In accordance with the GDPR and LOPD-GDD, unless the exception in Article 30.5 of the GDPR applies, a record of processing activities is maintained specifying the processing carried out and other circumstances required by the GDPR.
Principles applicable to personal data processing
The processing of User personal data will comply with the following principles from Article 5 of the GDPR and Articles 4 and following of Organic Law 3/2018:
Lawfulness, fairness, and transparency: User consent will be required at all times, with full transparency about the purposes of data collection.
Purpose limitation: Personal data will be collected for specific, explicit, and legitimate purposes.
Data minimization: Only the personal data strictly necessary for the stated purposes will be collected.
Accuracy: Personal data must be accurate and kept up-to-date.
Storage limitation: Personal data will be retained only as long as necessary for the purposes of processing.
Integrity and confidentiality: Personal data will be processed securely to ensure confidentiality.
Accountability: The data controller is responsible for ensuring compliance with the above principles.
Categories of personal data
Design Beyond Things processes only identifying data. Special categories of personal data under Article 9 of the GDPR are not processed.
Legal basis for processing personal data
The legal basis for processing personal data is consent. Design Beyond Things commits to obtaining explicit and verifiable consent for one or more specific purposes. Users have the right to withdraw consent at any time, and it should be as easy to withdraw as it is to give. Generally, withdrawal of consent does not affect the use of the Website.
When Users provide data through forms for inquiries, requests, or website-related purposes, they will be informed if completion is mandatory for the correct processing of the operation.
Purposes of data processing
Personal data is collected and managed to facilitate, expedite, and fulfill commitments between the Website and the User, maintain relationships established through forms, or respond to requests.
Data may also be used for commercial purposes, personalization, operational and statistical activities, marketing studies, or improving Website functionality, content, and user experience.
At the time of collection, Users will be informed of the specific purposes of data processing.
Data retention periods
Personal data will only be retained for the minimum necessary period for processing, specifically: 18 months, or until the User requests deletion.
Users will be informed of the retention period at the time of data collection or, if not possible, of the criteria used to determine it.
Recipients of personal data
User personal data will not be shared with third parties. Users will be informed of recipients or categories of recipients at the time of data collection.
Personal data of minors
In compliance with Articles 8 of the GDPR and 7 of Organic Law 3/2018, only those over 14 can lawfully consent to data processing by Design Beyond Things. For minors under 14, parental or guardian consent is required.
Confidentiality and data security
Design Beyond Things adopts technical and organizational measures to ensure data security and prevent accidental or unlawful destruction, loss, alteration, or unauthorized access.
However, as internet security cannot be fully guaranteed, Users will be promptly notified of any data breaches likely to pose high risk to their rights and freedoms. Personal data is treated as confidential, and the data controller ensures that confidentiality is respected by employees, associates, and anyone with access.
Rights regarding personal data processing
Users may exercise the following rights under the GDPR and Organic Law 3/2018:
Right of access: Confirm whether personal data is being processed and obtain details of processing, origin, and recipients.
Right to rectification: Correct inaccurate or incomplete personal data.
Right to erasure (“right to be forgotten”): Delete data when no longer necessary, consent is withdrawn, or processing is unlawful, among other conditions.
Right to restrict processing: Limit processing under certain conditions.
Right to data portability: Receive data in a structured, commonly used format and transmit to another controller when processing is automated.
Right to object: Prevent or stop processing of personal data.
Right not to be subject to automated decisions: Avoid decisions based solely on automated processing, including profiling.
Rights may be exercised by written communication to the data controller referencing “GDPR-https://designbeyondthings.eu/” including:
Full name and copy of ID (or legal representative if applicable)
Request with specific details
Notification address
Date and signature
Any supporting documents
Communications can be sent to:
Postal address: CALLE CASPE 12 1ºJ-K, Barcelona CP 08010
Email: press@laboh.net
Links to third-party websites
The Website may contain links to third-party websites, which are not operated by Design Beyond Things. These third parties are responsible for their own privacy policies and data processing practices.
Complaints to supervisory authority
Users may file complaints with the competent authority if they believe their data protection rights have been violated. In Spain, this is the Spanish Data Protection Agency (https://www.aepd.es/).
Users must read and agree to this Privacy Policy and consent to the processing of personal data for the purposes, duration, and methods described. Use of the Website implies acceptance of this Privacy Policy.
Design Beyond Things reserves the right to modify the Privacy Policy at its discretion or due to legal, regulatory, or doctrinal changes. Updates are not explicitly notified to Users; they should consult this page periodically.
This Privacy Policy has been updated to comply with Regulation (EU) 2016/679 and Organic Law 3/2018.