Privacy Policy

DATA CONTROLLER

Ignacio Vicente Vargas, with Tax ID 80.067.666-C, and registered address at Plaza Mayor, nº 2 - 06186 Guadiana - Badajoz (Spain), hereinafter referred to as UNIVACK RECORDS.

Address for data protection notifications: Plaza Mayor, nº 2 - 06186 Guadiana - Badajoz (Spain).

For any privacy-related inquiries, you may contact us at: info@univack.com.

---

PURPOSE OF DATA PROCESSING

Personal data is collected and processed in accordance with applicable legal bases (performance of a contract, legal compliance, legitimate interest, and, where applicable, consent), for the following purposes:

• Contact forms and customer relationship management: managing inquiries, requests, or any communication submitted via website forms.
• User registration and purchases: processing and managing orders, including order confirmation, status updates, delivery, returns, incidents, claims, and after-sales service.
• Shipping and on-demand production management: handling the manufacturing, preparation, and delivery of orders through external production and logistics providers.
• Newsletter distribution: sending information about updates, releases, events, news, and merchandising products from UNIVACK RECORDS, where the user has given consent.
• Commercial communications: sending promotional communications related to our products and services, where the user has provided consent or where permitted by law based on a prior contractual relationship.
• Website security and fraud prevention: protecting the integrity of the website, preventing unauthorized access, misuse, and fraudulent transactions.

In all forms, consent for marketing communications will be optional and not pre-selected.

---

LEGAL BASIS FOR PROCESSING

• Performance of a contract: managing orders, payments, on-demand production, shipping, returns, and after-sales service.
• Legal obligations: compliance with tax, accounting, consumer protection, and other applicable legal requirements.
• Legitimate interest: website security, fraud prevention, service improvement, analytics, and general inquiries, always ensuring respect for user rights and freedoms.
• Consent: sending marketing communications, newsletter subscriptions, and acceptance of non-essential cookies. Consent may be withdrawn at any time.

---

TYPES OF DATA COLLECTED

The website may collect the following categories of personal data:

• Contact information: name, surname, email address, phone number.
• Billing information: name, address, postal code, city, region, country, phone number, and additional address details.
• Shipping information: name, address, delivery details, country, and phone number.
• User account data: username, encrypted password, order history, and account preferences.
• Browsing data: IP address, device identifiers, approximate location, browser type, operating system, pages visited, session duration, and website usage data.

We may also use cookies and similar technologies to collect additional browsing information. For more details, please refer to our Cookie Policy.

Users are responsible for the accuracy of the personal data provided and agree to keep it updated.

---

PAYMENT DATA

UNIVACK RECORDS uses secure payment gateways provided by financial institutions or trusted providers such as Redsys and/or PayPal.

UNIVACK RECORDS does not store or access full card details, as payment data is entered directly by the user on the secure platform of the payment provider.

During the payment process, users may be redirected to the payment provider's platform, where data will be processed in accordance with their own privacy policies.

Regulatory Compliance

Payment gateways comply with applicable security standards and, where relevant, the Payment Card Industry Data Security Standard (PCI DSS).

Payment Providers

• Redsys: Privacy Policy
• PayPal: Privacy Policy

Some providers may operate outside the European Economic Area (EEA). In such cases, international transfers are protected through adequacy decisions, standard contractual clauses, or other GDPR-compliant mechanisms.

---

DATA RECIPIENTS

Personal data may be shared with service providers necessary for business operations:

• Hosting and technical providers
• Payment processors
• Logistics and shipping companies
• Print-on-demand providers (e.g., Printful)
• Email marketing and transactional communication tools
• Administrative and accounting services

International data transfers may occur where required, particularly when providers operate outside the EEA (e.g., United States).

Appropriate safeguards will be applied in accordance with GDPR Articles 44 and following.

---

USER RESPONSIBILITY

Users confirm that they are of legal age or properly represented, and that all data provided is accurate and up to date.

If users provide third-party data, they confirm they have the necessary legal basis and have informed the data subject.

---

USER RIGHTS

Users have the right to:

• Access
• Rectification
• Erasure
• Objection
• Restriction
• Portability
• Withdraw consent

Requests can be sent to info@univack.com.

Users may also lodge complaints with the Spanish Data Protection Authority (AEPD).

---

DATA RETENTION

Data will be retained as long as necessary and in accordance with legal obligations.

• Customers: contractual + legal retention periods
• Inquiries: up to 12 months
• Marketing: until consent is withdrawn

---

SECURITY MEASURES

We implement appropriate technical and organizational measures, including SSL encryption and access control.

Absolute security cannot be guaranteed due to the nature of the Internet.

---

SECURITY INCIDENTS

In case of a data breach, appropriate legal procedures will be followed.

---

COOKIES

Cookies are used only with user consent where required.

---

CHANGES TO THIS POLICY

This policy may be updated to reflect legal or operational changes.

Last updated: January 8, 2026

---

CONTACT

For inquiries: Contact form