Who we are
We are WEEROES a children superhero clothing company and our purpose is to create a world full of heroes!
WEEROES ensures user privacy and protects its users personal information. Most of our website can be navigated without the use of any shared information by the user.
WEEROES KIDSCLOTHING S.L., con el CIF B88188545 de España, domicilio social en Calle Santa Engracia 122 5 A, 28003 Madrid. Inscrita en el Registro Mercantil de Madrid, Tomo 38.256, Folio 90, Sección 8, Hoja M-680709, Inscripción 1.
Our website address is: https://www.weeroes.com
What personal data we collect and why we collect it
WEEROES website collects some general data when the users navigate its pages. This information is very generic and it’s registered by the server. The data collected by the server might be: date and hour the site was accessed; IP adress; used browser and its version; user’s OS; the user’s ISP (Internet Service Provider); the website from where the user arrives to our website.
Some other information and data might be stored, if we deem it would be useful to characterize attacks to our IT infrastructure.
WEEROES collects and analyzes the user data in an anonymous as possible(in order to comply with legal obligations) way, with the intent of giving its users the content in an improved and functional way, enabling the website as well as its content optimization, bettering the interaction and communication with the users/customers.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Who we share your data with
We only share your personal data with third-parties which are essential for our business activity and our site to run.
This other companies are: Google Analytics, Mailchimp, HUUB, ? Techy ?, Linode, Delivery Companies
How long we retain your data
Depending on how you provided us that information (e.g. form submisson, purchase, etc) we may keep the data you shared indefinitely, or for a period not longer than necessary.
Your personal data is always at your dispose, so it can be edited to keep it up to date and accurate, or it can be deleted if you wish. Although we may have to keep some data due to legal or administrative obligations (e.g. invoices), to enforce our legal rights or to cooperate with court orders and law enforcement.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
Your contact information
How we protect your data
At Weeroes we take your data protection and privacy very seriously, and as such we go to great extent to keep it safe. We use SSL (Secure Socket Layer) encryption in all our pages
We adopted the GDPR (General Data Protection Regulation) standards and we only do business with other companies that follow the GDPR, including the company where our server are hosted.
With that commitment in mind we:
-do pseudonymisation and encryption of personal data.
– ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services.
– regularly test, assess and evaluate the effectiveness of technical and organizational measures for ensuring the security of the processing.
However, data transmitted through the Internet are never 100% secure, so we or anyone can not guarantee absolute protection against data breaches and data leakage.
What data breach procedures we have in place
In the very unlikely event of a data breach, we shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the competent supervisory authority, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. When the notification to the supervisory authority is not made within 72 hours, it shall be accompanied by reasons for the delay.
Where, and in so far as, it is not possible to provide the information at the same time, the information may be provided in phases without undue further delay.
When the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons, the controller shall communicate the personal data breach to the data subject without undue delay.
The communication to the data subject referred to in the previous paragraph shall not be required if any of the following conditions are met:
the controller has implemented appropriate technical and organizational protection measures, and those measures were applied to the personal data affected by the personal data breach, in particular those that render the personal data unintelligible to any person who is not authorized to access it, such as encryption;
the controller has taken subsequent measures which ensure that the high risk to the rights and freedoms of data subjects referred to in paragraph 1 is no longer likely to materialise;
it would involve disproportionate effort. In such a case, there shall instead be a public communication or similar measure whereby the data subjects are informed in an equally effective manner.
What third parties we receive data from
We receive data from Google Analytics and Mailchimp.
What automated decision making and/or profiling we do with user data
Industry regulatory disclosure requirements