Privacy Policy

Confidentiality and security are fundamental values of INDO OPTICAL, S.L.U., with Tax Identification Number B66232976 and registered office at Avda. Alcalde Barnils 72 08174 Sant Cugat del Vallès (BARCELONA) and registered in the Mercantile Registry of MADRID in Volume 36.641, Folio 185, Section 8, Page M-4657291. Consequently, we are committed to always guaranteeing the User’s privacy and to not collecting unnecessary information. Below, we provide you with all the necessary information on our Privacy Policy in relation to the personal data we collect, explaining:

  • Who is responsible for the processing of your data.
  • For what purposes we collect the data we request from you.
  • What is the legitimacy for its processing.
  • How long we keep them.
  • To which recipients your data are disclosed.
  • What your rights are and how to exercise them.

1. RESPONSIBLE

see data in the heading. If you have any questions regarding the processing of your personal data, you may contact our Data Protection Officer at the following email address: privacy@indo.es.

2. PURPOSES, LEGITIMACY AND CONSERVATION of the processing of the data sent via:

Contact Form

Purpose: To provide you with a means of contacting us and answering your requests for information, as well as sending you communications about our products, services and activities, including by electronic means (e-mail, SMS, etc.), if you tick the acceptance box.

 

Legitimation: The user’s consent when requesting information from us through our contact form and by ticking the acceptance box to send information.

 

Storage: The personal data provided will be kept for the time necessary to comply with the purpose for which they are collected and to determine the possible responsibilities that may arise from the purpose, in addition to the periods established in the regulations on files and documentation. In case you have agreed to receive commercial mailings, the personal data provided will be stored until you request to unsubscribe from further commercial information.

Sending e-mails

Purpose: To answer your requests for information, deal with your requests and answer your queries or doubts. In the event of receiving your CV, your personal and curricular data may form part of our databases in order to participate in our present and future selection processes.

 

Legitimation: The user’s consent when requesting information from us via email address or sending us their data and CV to participate in our selection processes.

 

Storage: The personal data provided will be kept for the time necessary to comply with the purpose for which they are collected and to determine the possible responsibilities that may arise from the purpose, in addition to the periods established in the regulations on files and documentation. In case of receiving your CV, your data may be kept for a maximum of one year for future selection processes.

Obligation to provide us with your personal data and consequences of not doing so.

The provision of personal data requires a minimum age of 16 years or, where appropriate, the minimum age established by the applicable data protection regulations and/or sufficient legal capacity to contract.

The personal data requested are necessary to manage your requests, register you as a user and/or provide you with the services you may contract, so if you do not provide them to us, we will not be able to attend you correctly or provide you with the service you have requested.

In any case, we reserve the right to decide whether or not to incorporate your personal data and other information into our databases, always within the framework of current legal provisions.

3. RECIPIENTS OF YOUR DATA.

Your data are confidential and will not be passed on to third parties, unless there is a legal obligation to do so.

To whom will your data be disclosed?

Your personal data may be disclosed to the following categories of recipients, only when there is a legal basis that justifies such communication:

  • Public administrations, judicial authorities, and law enforcement bodies, when required by applicable law or within the framework of legal proceedings.
  • Technology service providers and cloud storage providers, necessary for the operation of this website (e.g., hosting services, email, analytics tools, or CRM platforms).
  • Financial entities and payment gateways, for managing payments and collections related to contracted products or services.
  • Legal, tax, or accounting advisors, when necessary for compliance with legal or contractual obligations.
  • Courier and transport companies, in cases where physical delivery of products or communications is required.
  • Insurance companies, if applicable depending on the service provided or the coverage contracted.
  • Third-party marketing and analytics service providers, only when you have given your clear, informed, and explicit consent.
  • Other users of the website, solely in cases where the service involves publishing information or interactions visible to third parties (such as in forums, public profiles, or reviews).

All data processors providing services to the data controller are properly contracted in accordance with Article 28 of the General Data Protection Regulation (GDPR), ensuring compliance with necessary security, confidentiality, and legal standards.

4. COOKIES

Our website uses cookies and similar technologies to ensure functionality, store preferences and improve the user experience. This may involve the processing of personal data.

Details on the cookies used, their purpose, their storage period and your options can be found in our cookie policy.

5. USER’S RIGHTS IN RELATION TO THEIR PERSONAL DATA.

Any person may withdraw their consent at any time, when it has been granted for the processing of their data. In no case shall the withdrawal of this consent condition the execution of the subscription contract or the relations previously generated.

Likewise, in the event that the requirements established in the General Data Protection Regulation are met, as well as in Organic Law 3/2018, of 5 December, on the Protection of Personal Data and guarantee of digital rights, you may exercise the following rights:

  • Request access to your personal data or their rectification when they are inaccurate.
  • Request their deletion when, among other reasons, the data are no longer necessary for the purposes for which they were collected.
  • Request the limitation of their processing in certain circumstances.
  • Request opposition to the processing of your data on grounds relating to your particular situation.
  • Request data portability in the cases provided for in the regulations.
  • Other rights recognised in the applicable regulations.

Where and how to request your Rights: To exercise your rights, please write to the data controller via postal mail or e-mail. You may use the e-mail address: info@indo.es, with a copy to: privacy@indo.es using “Personal Data” as the subject or reference and specifying the right you wish to exercise, along with details about the personal data concerned.

In the event of disagreements with the company in relation to the processing of your data, you can file a complaint with the Spanish Data Protection Agency (www.aepd.es).

6. SECURITY OF YOUR PERSONAL DATA

In order to safeguard the security of your personal data, we inform you that we have adopted all the technical and organisational measures necessary to guarantee the security of the personal data provided from alteration, loss and unauthorised processing or access.

7. FUNCTIONALITIES AND WEB LINKS TO OTHER WEBSITES

Our websites may provide links to other websites for your convenience and information. Our website may also contain certain features for which we partner with other entities. These entities may collect information about your visit whether or not you use these features. These websites and features, which may include social media activities and geolocation tools, operate independently from INDO and are clearly identified as such. In accordance with Law 34/2002, of 11 July, on Information Society Services and Electronic Commerce (LSSI), we inform you that the inclusion of such links does not imply any association, merger, or participation with the linked entities, unless expressly stated. To the extent that any linked websites or functionality that you visit or use are not owned or controlled by INDO, we encourage you to review the privacy practices of the websites.

We process your personal data based on the following legal grounds, in accordance with the General Data Protection Regulation law (GDPR):

  • Consent (Art. 6.1(a)): When you explicitly agree to optional processing such as cookies, newsletters, or marketing communications.
  • Performance of a Contract (Art. 6.1(b)): When processing is necessary to deliver products or services you have requested.
  • Legal obligation (Art. 6.1©): When we must process data to comply with legal or regulatory requirements, such as tax or accounting obligations.
  • Legitimate interest (Art. 6.1(f)): When we process data to ensure website security, provide useful features like external links, perform analytics, or improve our services, provided this does not override your rights.

INDO offers you the possibility to share, link to or mention items on social networks about INDO products and services. For example, you can ‘like’ an offer via your Facebook account or ‘tweet’ an offer via X. When you visit a website that has a button belonging to a social network, your browser establishes a direct connection to that social network provider, so that certain information related to your visit, including your IP address, is transferred to the social network provider. If you have an account with the social network provider, the provider may link your visit to your account, even if you are not logged in to your account.

You may also choose to use certain functionality on our websites that can be accessed through, or for which we partner with, other entities that are not affiliated with INDO. These features, including geolocation tools, are operated by third parties and are clearly identified as such.

Social media providers such as Facebook and X, and these other third parties, are independent of INDO and do not necessarily share the same policy as INDO regarding privacy protection. Please check their privacy notices if you choose to use their services and consult your social media account settings if you want to disable certain features.

8. INTERNATIONAL DATA TRANSFERS

In certain circumstances, your personal data may be transferred to countries outside the European Economic Area (EEA), for example, when using IT or cloud services provided by international providers. In such cases, we ensure that appropriate safeguards are in place prior to the transfer, as required under Articles 44 et. Seq. of the General Data Protection Regulation (GDPR). These safeguards include, in particular, the use of Standard Contractual Clauses (SCCs) approved by the European Commission. Furthermore, we regularly assess whether additional protective measures are necessary to ensure an adequate level of data protection. You may request further information about the safeguards in place at any time.

9. UPDATING YOUR DATA

In order for us to keep your personal data up to date, it is important you inform us whenever there has been any change in them, otherwise, we are not liable for their accuracy.

We are not liable for the privacy policy regarding the personal data that you may provide to third parties through the links available on our website.

This Privacy Policy has been modified on September 9, 2025 and may be modified to adapt it to any modifications made out to our website together with any legal or jurisprudential modifications regarding personal data which may appear, so you are therefore requested to read this policy every time you supply your data through this website.