Onshindo Biotechnology, S.L. («Onshindo») – Privacy policy

Privacy Policy

Introduction

Onshindo Biotechnology, S.L. («Onshindo») respects your privacy and is committed to protecting your personal data. This privacy notice will lay out how we collect, protect and process your data when you visit our website, letting you know about your rights and how the law protects them. 

You can download a PDF version of this policy here.

We aim to continually improve our systems and procedures, so the terms of this notice may be updated from time to time.

It is important for the personal data we hold about you to be accurate and up to date. Please keep us informed if your personal data changes during the course of your relationship with us.

Who are we? Who is responsible for the processing of your personal data?

Onshindo Biotechnology, S.L., whose identification and contact details are:

  • Registered address: Calle Copenhague, 12, Oficina 205 Edificio, 28232 Las Rozas (Madrid).
  • NIF: B88161708.
  • Registered on the Madrid Mercantile Registry in Volume 38013, Folio 24, Section 8, Page M 676838, I/A 1
  • Email: customer_care@onshindosaka.com 
  • Phone: +34 910 459 783 
  • Customer service hours:

Monday to Thursday: 10am-2pm and 3pm-5pm

Friday: 9am-3pm

Onshindo Biotechnology, S.L. is, in general, the entity responsible for your data, as well as being in charge of fulfilling your orders. 

When we use «Onshindo» or «us» in this notice, it will refer to Onshindo Biotechnology, S.L. Mentions of a “website” or “site” will refer to https://onshindosaka.com.

What personal data do we collect?

The information we collect about you may fall into one or more of the following categories:

  • Identification data: First name, surname, user name or equivalent identifier, marital status, treatment, date of birth, geographical location and gender.
  • Contact data: Billing address, delivery address, email address and telephone number.
  • Financial data: During the purchasing process, essential data will be collected in order to carry out the transaction. This includes, but is not limited to, the payment card information you use to make the purchase. It is important to note that, although we collect the data necessary to process your order, payments made on our website are made through third-party payment gateway providers, and we do not maintain direct access to your payment card details.

These providers operate autonomously and are responsible for processing your payment information securely. For our part, we take steps to ensure that interaction with these payment gateways meets the required security and privacy standards.

  • Transaction data: Information about payments made by and to you, and other information about products purchased.
  • Technical data: Internet protocol (IP) address, login details, browser type and version, time zone, browser plug-in types and versions, operating system and platform and other technologies installed on the devices used to access this website. 
  • Data regarding orders: Information related to the products selected by the customer, including product identification, quantities, and prices. This also includes data such as the date and time orders were placed, and customer identification where applicable. In addition, any information relevant to returns, including transaction numbers, shipping costs, currency used, taxes applied, and the net value of sales, will be documented, thereby retaining a complete record of the customer's purchase history.
  • Data regarding preferences: We collect information about our customers' preferences and interests to provide a personalised and relevant experience. This includes data about the products you are most attracted to, your interaction with our website, and specific details related to your lifestyle and your beauty and personal care needs. We also take your responses and reactions to our marketing campaigns into account. This information allows us to adjust our services and communications to better align them with your expectations and preferences. 
  • Marketing and communications data: When you subscribe to our newsletter or other marketing communications, we collect your details through the subscription form, which includes your explicit consent to receive said communications. This data allows us to send you relevant information about our products and activities. Additionally, we monitor your interaction with our brand and products to ensure that our marketing communications are relevant to you. This monitoring helps us determine whether it is appropriate to continue to send you newsletters or make adjustments to the communications you receive, always seeking to provide valuable content that aligns with your interests.
  • Messages generated by users: We value our clients’ contributions and we encourage the exchange of experiences related to the use of our products or services. This may include content such as tips, testimonials, survey responses and comments that you voluntarily choose to share with us, as well as posts on our social media accounts, such as Facebook. These may contain photos, videos, personal stories and other types of media or content.

When you share this content, we request that you make sure that it is accurate and does not infringe the intellectual property rights of third parties. In addition, it is essential to avoid the transmission of sensitive data, including, but not limited to, political opinions, religious beliefs, sexual orientation, ethnic or racial origin. We are committed to managing this information in a way that respects the privacy and safety of our users, in accordance with the relevant data protection legislation.

  • Information on adverse effects and health consultations: When you report adverse effects or make enquiries regarding specific ingredients in our cosmetic products, we collect data relevant to your health, such as allergies, intolerances or reactions. The purpose of this data collection is to monitor the safety of our products and to respond appropriately to your questions, thereby fulfilling our legal obligations and product safety commitments under EU regulations.

We ensure the responsible and secure handling of this information, applying appropriate protection measures and limiting its use to these specific purposes, in line with data protection legislation.


How do we gather this data? 


Personal data is collected through the interaction of our website technology with your browser, device and cookies, as well as through other similar technologies. We track the pages you visit, the advertising messages you open and the links you follow based on cookies set by advertising providers, ad networks, social media platforms, search engines, analytics providers and Google.


We sometimes collect information you have provided us with through your direct interactions with Onshindo, third-party sources and/or the technical data referred to below. We use this data to improve the services and information we provide you with.  


We may need to collect your personal data because we are required to do so by law or contract. If you do not provide it, we may not be able to adequately comply with said legal and/or contractual provisions (e.g., to provide you with our products or services). In this case, we may have to cancel a service or the delivery of a product that you have requested. We will always bring this matter to your attention. 


For what purposes do we use your data, and who has access to it? 

Purpose of processing

Legal basis for processing the data

Personal data we might have regarding you

Who can access your data


Management of the contractual relationship

  • Completion of purchases: Contact to complete purchases if it is detected that you have left products in your basket without completing the checkout process.
  • Order management: Organisation and tracking of your orders to ensure efficient delivery. 
  • Notifications of availability: Information about the availability of products that might interest you. 
  • Payment processing: Secure management of payments for orders.
  • Shipping: Coordination of the delivery of orders to the address specified by you. 
  • Customer support: Answering questions related to orders and direct communication to clear up any doubts you have or provide assistance.
  • Assessment of satisfaction: Gaging satisfaction with our products and services for continual improvement.
  • Dispute resolution: Handling of any discrepancies or disputes arising in connection with a purchase.
  • Loyalty programme: Management of benefits and rewards within our loyalty programme.
  • Participation in promotional activities: Management of your participation in contests, games and surveys, including analysis of comments and suggestions.
  • Publication of user-generated content: Facilitating the sharing of your experiences through reviews or content on our platforms.
  • Services requested: Offering specific services on request.

Fulfilment of the contractual relationship with you
  • Identification and contact: Includes first name and surname or alias, gender, email address, postal address (both delivery and billing), telephone number, and photo.
  • Login details: ID, username and password.
  • Demographic and location information: Date of birth or age range, nationality, location and geolocalisation. 
  • Well-being data: Information about your skin tone and skin/hair type.
  • Personal preferences: Personal description, preferences, and social media profile (related to logging into social media or shared information).
  • Details of interaction with Onshindo: Including order details, any content generated by you (such as photos, reviews, participation in contests, games, surveys, or questions via chat functions), transaction information and purchase history.


Important note: Payment information (credit card number, PayPal information, bank account details) is collected directly by our payment service providers and not by us, ensuring greater security for your transactions.
  • Courier service: For the distribution of products or samples, we collaborate with postal and courier services.
  • Payment services and credit reference agencies: For the verification of details in the context of the conclusion of contracts, we work with payment service providers and credit reference agencies.
  • IT service providers: Includes assistance with technology platforms, web hosting, database maintenance, and support for software and applications containing user data.
  • Marketing and advertising agencies: We collaborate with specialised agencies for the purposes of advertising, marketing and digital campaigns, to analyse their effectiveness and manage user contacts and questions.
  • Providers and digital services and email: Includes services for enhancing the digital experience such as social media analytics, loyalty programmes, identity management, rating and review systems, CRM, web analytics and search engine optimisation tools, as well as user-generated content management.
  • External advisers: We may share your data with our professional advisers, including accountants, auditors, lawyers and insurers, where necessary to receive their expert advice.


These third parties are committed to protecting your data and operate under strict confidentiality agreements, ensuring that your information is handled with the utmost care and security.

Sending of commercial and promotional communications:

  • Coordination of participation in promotional campaigns, including prize draws, distribution of samples and special offers.
  • Invitations to exclusive events.
  • Distribution of direct marketing materials.
  • Submission of samples of selected products.
  • Active promotion of our product range.

Consent
  • Personal identification data: Includes full name, gender for personalisation of content and communications, date of birth or age range to verify eligibility for certain products or promotions, and nationality for regional adjustments to offers and products.
  • Contact information: Email address for electronic communications, postal address for delivery of orders and product samples, and telephone number for contact if necessary, or for order confirmations.
  • Credentials for accessing the service: Unique identifiers such as ID, username and password for secure access to the user's account.
  • User profile and preferences: Profile picture if you choose to share, personal description or preferences for personalised recommendations, and details of previous orders to facilitate future purchases.
  • Social media interactions: Social media profile if social login is used or data is shared personally, allowing for a more integrated and personalised experience.
  • User-generated content: Includes any content voluntarily shared with us, such as photos, product reviews, questions through chat features, or participation in contests, games or surveys, that helps us better understand your interests and improve our product and service offerings.
  • Other voluntarily shared information: Any other information you choose to share with us through the "My Account" page, by contacting us directly, or by participating in promotional activities, which is used to enhance the user experience and provide a more personalised service.
  • Courier service: For the distribution of products or samples, we collaborate with postal and courier services.
  • IT service providers: Includes assistance with technology platforms, web hosting, database maintenance, and support for software and applications containing user data.
  • Marketing and advertising agencies: We collaborate with specialised agencies for the purposes of advertising, marketing and digital campaigns, to analyse their effectiveness and manage user contacts and questions.
  • Providers and digital services and email: Includes services for enhancing the digital experience such as social media analytics, loyalty programmes, identity management, rating and review systems, CRM, web analytics and search engine optimisation tools, as well as user-generated content management.


These third parties are committed to protecting your data and operate under strict confidentiality agreements, ensuring that your information is handled with the utmost care and security.


Statistics

  • User knowledge: Analysis of how users discover our websites and applications, in order to optimise our marketing strategies and online presence. 
  • Analysis and improvement: Compilation of reports and statistics to evaluate the effectiveness of our advertising campaigns and understand how users react to them. 

Offer optimisation: Use of statistical insights to refine and improve our product and service offerings.

Consent

Legitimate interest
  • Digital identifiers: IP address, browser information, device information, and a unique identifier for each visitor.
  • Personal data First name and surname or alias, gender, date of birth or age range, and nationality.
  • Contact information: Email and postal address (for delivery and billing), telephone number.
  • Login details: ID, username and password.
  • Location information: Location and geolocalisation:
  • Well-being data: Information about your skin tone and skin/hair type.
  • Personal preferences: Personal description, preferences and social media profiles:
  • Interactions and activities: Order details, information about products searched for, products placed in the basket, and any other information voluntarily shared, including user-generated content.
  • Interaction history: Data related to the use of our websites or applications, pages visited, videos watched, advertisements selected, and duration of the session.
  • Transactions and consumption: Transaction information, including products purchased, and purchase history.


  • Important note: Payment information (credit card number, PayPal information, bank account details) is collected directly by our payment service providers and not by us, ensuring greater security for your transactions.
  • IT service providers: Includes assistance with technology platforms, web hosting, database maintenance, and support for software and applications containing user data.
  • Providers and digital services and email: Includes services for enhancing the digital experience such as social media analytics, loyalty programmes, identity management, rating and review systems, CRM, web analytics and search engine optimisation tools, as well as user-generated content management.


  • These third parties are committed to protecting your data and operate under strict confidentiality agreements, ensuring that your information is handled with the utmost care and security.

Behaviour-based advertising:

  • Personalised adverts: We use your history of interaction with our site to show you online advertising for products that match your interests.
  • Social media advertising: We present relevant ads and content on social media platforms, leveraging your profile and preferences.
  • Basket management: We create and record your shopping basket to make your purchasing experience easier and more personalised.
  • Personalised recommendations: Based on your profile and interests, we send you recommendations, marketing and adapted content to enrich your experience with our products and services. 

Consent
  • Digital identifiers: IP address, information about your browser and device, and a unique identifier for each visitor with an expiry date.
  • Usage data: Includes information about how you interact with our websites or applications, the pages and products you visit, and the videos or advertisements you click on.
  • Browsing history: Details of the website you were on before arriving at our site, as well as your browsing history within our site.
  • Registration and login information: Data about your registration and logged-in sessions, including the creation and reminders of your login details.
  • Interactions and preferences: Information about searched products, selected products, and the duration of your stay on our site.
  • Location: Location data to personalise relevant ads in your area.
  • IT service providers: Includes assistance with technology platforms, web hosting, database maintenance, and support for software and applications containing user data.
  • Marketing and advertising agencies: We collaborate with specialised agencies for the purposes of advertising, marketing and digital campaigns, to analyse their effectiveness and manage user contacts and questions.
  • Providers and digital services and email: Includes services for enhancing the digital experience such as social media analytics, loyalty programmes, identity management, rating and review systems, CRM, web analytics and search engine optimisation tools, as well as user-generated content management.


These third parties are committed to protecting your data and operate under strict confidentiality agreements, ensuring that your information is handled with the utmost care and security.


Profile creation

  • Optimisation of digital platforms: Improves the user experience on our websites and applications by continually evaluating and improving their functionality.
  • Enriching the user’s profile: Use their account information to enrich your profile with additional details when you make a purchase, which allows us to offer you a more personalised service.
  • Improvement of applications and devices: Monitor and improve the performance and usability of our applications and devices, guarantee the best possible experience for the user.
  • Personalised analysis: Assess your wellness characteristics to recommend appropriate products and routines, including customised solutions that specifically meet your needs.
  • Personalised recommendations: Provide specific product suggestions and care routines based on your profile and preferences, with the aim of optimising your personal care experience.

Consent

Legitimate interest
  • Identification and contact: Includes first name and surname or alias, gender, email address, postal address (both delivery and billing), telephone number, and photo.
  • Login details: ID, username and password.
  • Demographic and location information: Date of birth or age range, nationality, location and geolocalisation.
  • Well-being data: Information about your skin tone and skin/hair type.
  • Personal preferences: Personal description, preferences, and social media profile (related to logging into social media or shared information).
  • Details of interaction with Onshindo: Including order details, any content generated by you (such as photos, reviews, participation in contests, games, surveys, or questions via chat functions), transaction information and purchase history.


Important note: Payment information (credit card number, PayPal information, bank account details) is collected directly by our payment service providers and not by us, ensuring greater security for your transactions.
  • IT service providers: Includes assistance with technology platforms, web hosting, database maintenance, and support for software and applications containing user data.
  • Marketing and advertising agencies: We collaborate with specialised agencies for the purposes of advertising, marketing and digital campaigns, to analyse their effectiveness and manage user contacts and questions.
  • Providers and digital services and email: Includes services for enhancing the digital experience such as social media analytics, loyalty programmes, identity management, rating and review systems, CRM, web analytics and search engine optimisation tools, as well as user-generated content management.


These third parties are committed to protecting your data and operate under strict confidentiality agreements, ensuring that your information is handled with the utmost care and security.


Optimised function of website 

  • Improvement of the user experience: We ensure optimal display of content and remember your login details to facilitate access.
  • Personalisation: We adjust the interface to your preferences, including language and device-specific settings such as screen resolution.
  • Optimisation and safety: We are always working to improve our websites and applications and to ensure their security and protection against unauthorised access.
  • Social integration: We facilitate the option of sharing content on social networks through specific buttons.

Consent

Legitimate interest
  • Digital identifiers: IP address, information about your browser and device, and a unique identifier for each visitor with an expiry date.
  • Usage data: Includes information about how you interact with our websites or applications, the pages and products you visit, and the videos or advertisements you click on.
  • Browsing history: Details of the website you were on before arriving at our site, as well as your browsing history within our site.
  • Registration and login information: Data about your registration and logged-in sessions, including the creation and reminders of your login details.
  • Interactions and preferences: Information about searched products, selected products, and the duration of your stay on our site.
  • IT service providers: Includes assistance with technology platforms, web hosting, database maintenance, and support for software and applications containing user data.
  • Marketing and advertising agencies: We collaborate with specialised agencies for the purposes of advertising, marketing and digital campaigns, to analyse their effectiveness and manage user contacts and questions.
  • Providers and digital services and email: Includes services for enhancing the digital experience such as social media analytics, loyalty programmes, identity management, rating and review systems, CRM, web analytics and search engine optimisation tools, as well as user-generated content management.


These third parties are committed to protecting your data and operate under strict confidentiality agreements, ensuring that your information is handled with the utmost care and security.


Customer service hours: We provide assistance and respond to your queries through our websites and applications, ensuring effective communication to resolve doubts or provide requested information.

Consent

Legitimate interest
  • Persona identification: Name and surname to personalise communication and ensure correct identification.
  • Contact information: Telephone number and email address to facilitate direct communication and to respond effectively to your queries.
  • Details of the consultation: Any additional information you share with us in relation to your enquiry, in order to provide more targeted assistance tailored to your needs.
  • IT service providers: Includes assistance with technology platforms, web hosting, database maintenance, and support for software and applications containing user data.
  • Providers and digital services and email: Includes services for enhancing the digital experience such as social media analytics, loyalty programmes, identity management, rating and review systems, CRM, web analytics and search engine optimisation tools, as well as user-generated content management.


These third parties are committed to protecting your data and operate under strict confidentiality agreements, ensuring that your information is handled with the utmost care and security.

Purpose of processing: Create and maintain up-to-date suppression lists to respect requests not to be contacted for marketing or promotional communications.

Legal obligation:

In accordance with GDPR, we are entitled to retain your data on a suppression list following your request to cease sending marketing communications.
  • Personal identification: Full name to ensure correct identification on our suppression list.
  • Contact information: Email address to identify your specific request not to receive communications.
  • Preferences: Personal description or stated preferences that help us understand the context of your request.
  • Social interactions: Data related to your social media profile, only if you have used your login details or provided this information directly to us.
  • IT service providers: Includes assistance with technology platforms, web hosting, database maintenance, and support for software and applications containing user data.
  • Marketing and advertising agencies: We collaborate with specialised agencies for the purposes of advertising, marketing and digital campaigns, to analyse their effectiveness and manage user contacts and questions.
  • Providers and digital services and email: Includes services for enhancing the digital experience such as social media analytics, loyalty programmes, identity management, rating and review systems, CRM, web analytics and search engine optimisation tools, as well as user-generated content management.


These third parties are committed to protecting your data and operate under strict confidentiality agreements, ensuring that your information is handled with the utmost care and security.


How can you stop receiving our marketing messages? 


You can request that we stop sending you marketing messages at any time:

  • By following the unsubscribe or manage your preferences links, available in any marketing messages you receive from us.
  • Getting in touch with us through the email address customer_care@onshindosaka.com, 
  • And contacting us using any of the contact data appearing at the end of this notice.


Once you unsubscribe from these marketing communications, we may need to use some of your personal data for other purposes (e.g. to manage your warranty or execute another transaction).


Who do we share your personal data with?


Onshindo's partner companies can access and share your personal data.


At Onshindo, we engage external service providers to assist in the supply of products, the provision of services, the administration of the company and the operation and maintenance of systems. 


When we use these providers, we only disclose the personal data necessary to provide the services in question. There will be a contract in place between the third party and Onshindo that requires the third party to keep your personal data secure, not to use it for marketing purposes and, of course, only to use it to provide the contracted service. For a complete list of the service providers we collaborate with, please contact us at customer_care@onshindosaka.com.


We may only disclose your personal data to third parties, other than as set out above, if we are required to do so by law (e.g., because we are ordered to do so by court order) or in connection with the prevention of fraud or other crimes.


How do we protect your personal data?

We have implemented appropriate security measures to prevent your personal data from being accidentally lost or used, improperly accessed and/or altered or disclosed in an unauthorised manner. In addition, we limit access to your personal data to those employees, agents, contractors or third parties who need to know your personal data for professional and/or contractual reasons. They will only access and/or process your personal data in accordance with our instructions and will be bound by the duty of confidentiality and any applicable legal obligations. 

We continually update our policies to address any suspected breach of your personal data. In the event of a breach, it will be reported to you, as well as to the competent authority and/or regulator where we are legally obliged to do so.

How long will we keep your data for?

At Onshindo, we are committed to retaining your personal data for only as long as necessary to fulfil the purposes set out in this Privacy Policy.

Retention periods are determined on the basis of the following criteria:

  • Relationship with the user: The duration of our commercial relationship with you, including the use of our website, applications and services.
  • Legal obligations: Any legal obligation that requires us to retain your data for a specific period.
  • Legal time periods: Legal Permissions: The time periods for which applicable laws permit or require us to retain your data, including beyond the end of our business relationship.

We are constantly working to improve our Data Protection programme. This includes integrating new data retention policies and practices into our systems to further strengthen the security and privacy of your personal information.

Will your data be sent abroad?  

Onshindo, with headquarters in Spain and operations in several countries in the European Economic Area, may need to transfer your personal data to these countries in order to facilitate our business activities and to provide our services effectively. These transfers will take place exclusively within the EEA, ensuring that your personal data is protected in accordance with the strict data protection laws applicable in these countries.

We are committed to ensuring that any transfer of data within the EEA is carried out in accordance with appropriate safeguards and security measures, thus ensuring the protection and privacy of your personal data in line with applicable data protection regulations.

What rights do you have relating to your personal data?

Under the current data protection regulations, you enjoy the following rights with regard to the personal data handled by Onshindo, free of charge:

  • Access: You can request access to your personal data held by us and confirm whether it is being processed.
  • Rectification: You have the right to correct or modify incorrect personal data, or data that is incomplete. 
  • Erasure: You can ask us to not process your personal data in specific legal circumstances, although for legal or legitimate reasons, we may need to keep some of it. 
  • Objection to processing: You can object to the use of your data when it is based on legitimate interests, especially for the cessation of using your data in direct marketing.
  • Restriction of processing: In cases covered by the law, you may request that we limit the use of your personal data.
  • Data portability: In cases covered by the law, you may request that we limit the use of your personal data.
  • Withdrawal of consent at any time in cases where we rely on your consent to process your personal data. 

This does not apply in all cases, as there are also legal exemptions that may apply depending on the reason why we have collected your data, and the legal basis on which we hold it. We will be happy to provide you with explanations if you have any questions in this regard.

If you would like to request information, make changes to the personal data we hold about you, or not be contacted for marketing or commercial purposes, you can contact us at customer_care@onshindosaka.com. You can also use this address to send us your questions regarding this privacy notice.


To exercise any of these rights or to resolve doubts about the processing of your data, you can contact us in the following ways:

Online contact form: Through our website (https://onshindosaka.com).

Postal address:

Data protection

Onshindo Biotechnology, S.L.

Registered address: Calle Copenhague, 12, Oficina 205, Edificio, 28232 Las Rozas (Madrid), España.

Email and phone number: customer_care@onshindosaka.com and +34 910 459 783.

Proof of identity may be requested in order to process your request.

Complaints:

If you believe that your personal data has not been processed correctly or if you are not satisfied with our response, you have the right to lodge a complaint with the data protection authority in the country where you are located.