Why do we need your explicit consent to use cookies?

The AEPD’s July 2023 Guide, incorporating information and criteria from the European Data Protection Board (EDPB), EU GDPR 2016/679 Articles 5, 6, 7, and 13, and LOPDGDD 3/2018 Article 6, must be interpreted to mean that consent is valid only if it is explicit.

DATA SUBJECT’S CONSENT: In order to process your personal data, which will be treated with privacy and security, your consent is required in compliance with GDPR-EU 2016/679 and Articles 5, 6, 7, and 13 thereof, as well as with LOPDGDD 3/2018, Title II. By checking a box or clicking a button labeled “I accept,” the user of this website/app gives explicit consent to the processing of their data and the information provided thru cookies on their device.

With a “Check” or “Reject Button” provided by the user, cookies are rejected except for those exempt from the consent requirement, such as first-party or session cookies.

 

A “Check” or “Button” for more information, which will allow access to this Cookie Policy

 

Minor’s consent: The EU GDPR 2016/679, in Article 8, sets out the conditions applicable to a child’s consent in relation to information society services.

1. The EU GDPR 2016/679, in Article 8, sets out the conditions applicable to a child’s consent in relation to information society services. 2. Where Article 6(1)(a) applies in connection with the direct offering of information society services to children, the processing of a child’s personal data shall be considered lawful if the child is at least 16 years old. When Article 6(1)(a) applies in relation to the direct offering of information society services to children, the processing of a child’s personal data shall be considered lawful if the child is at least 16 years old. If the child is under 16 years of age, such processing shall only be considered lawful if consent was given or authorized by the holder of parental responsibility or guardianship over the child, and only to the extent that it was given or authorized.

2. If the child is under 16 years of age, such processing shall only be considered lawful if consent was given or authorized by the holder of parental authority or guardianship over the child, and only to the extent that it was given or authorized. 3. The data controller shall make reasonable efforts to verify in such cases that consent was given or authorized by the holder of parental authority or guardianship over the child, taking into account available technology. The data controller shall make reasonable efforts to verify in such cases that consent was given or authorized by the holder of parental authority or guardianship over the child, taking into account the available technology.

The data subject may exercise the rights of access, portability, restriction of processing, objection, rectification, and erasure of data, and may file a complaint with the relevant Supervisory Authority.

What are cookies?

Cookies are small data files that are received on the user’s device from the visited website and are used to record certain browsing interactions on the website by storing data that can be updated and retrieved. These files are stored on the user’s device and contain anonymous data that is not harmful to their computer. They are used to remember user preferences, such as the selected language, login credentials, or website or app personalization.

 

 

Cookies or storage devices have traditionally been associated with web pages. However, they are now used both on websites and on other types of platforms and applications (for example, smartphone and tablet apps).

Cookies can also be used to record anonymous information about how a visitor uses a site. For example, from which website or app they accessed, or whether they used an advertising banner to get there.

Information society services may be provided by the publisher thru a platform, a computer application, or a website/app that the user accesses from their terminal device.

1. Why do we use cookies? Why do we use cookies?
We use our own and third-party cookies to analyze website usage and display advertising based on preferences derived from a profile built on the user’s browsing habits.

CAN PIZZA uses technical and analytical cookies on our website that enable you to access secure areas, personalized options, and more. Additionally, CAN PIZZA uses cookies that collect data related to website usage analysis. These are used to improve the user experience by measuring website usage and performance, and to optimize and personalize it.

• Google Analytics cookie: Google Analytics is a free service offered by Google Inc. that collects information about the web pages visited, the time of day, the web browser used, etc. Subsequently, this information is sent to Google Inc.’s servers.

2. What do we use the different types of cookies for? What do we use the different types of cookies for?
According to their purpose:

• Technical cookies: these are those that allow the user to navigate a website, platform, or application and use the various options or services. For example, those used to maintain the session, manage response time, performance, or option validation, implement security measures, and share content.

• Preference or personalization cookies: They are the ones that allow information to be remembered so that the user can access the service co

Certain features that can differentiate your experience from that of other users, such as, for example, the language, the number of results to display when you perform a search, the appearance or content of the service based on the type of browser you use to access it or the region from which you access it, etc.

• Analytics or measurement cookies: These cookies enable the party responsible for them to track and analyze the behavior of users of the websites or apps to which they are linked, including quantifying the impact of advertisements. The information collected thru this type of cookie is used to measure the activity of websites, applications, or platforms, in order to introduce improvements based on the analysis of service users’ usage data.

• Advertising cookies: These are cookies that, when processed by the App administrator or by third parties, allow us to analyze your Internet browsing habits so that we can show you advertising related to your browsing profile. Advertising cookies enable the management of advertising spaces based on specific criteria.

They are the ones that store information about users’ behavior obtained thru continuous observation of their browsing habits, which allows for the development of a specific profile to display advertising based on it.

Types of cookies based on how long they remain active:

• Session cookies: They are those designed to collect and store data while the user accesses a website or app. They are typically used to store information that is only relevant for providing the service requested by the user on a single occasion (for example, a list of purchased products) and disappear when the session ends.

• Persistent cookies: These are cookies whose data remain stored on the user’s device and can be accessed and processed for a period defined by the cookie’s controller, ranging from a few minutes to several years. In this regard, it should be specifically assessed whether the use of persistent cookies is necessary, since privacy risks could be reduced by using session cookies. In any case, when persistent cookies are installed, it is recommended to limit their lifespan to the minimum necessary, taking into account the purpose for which they are used.

The legal obligations imposed by the regulations are twofold: the obligation of transparency and the obligation to obtain the explicit consent of the website user.

Depending on the nature of your business activity, the business model you employ, and the scope of your responsibility, it is recommended that you conduct a review of the cookies you use, either internally or with the assistance of specialized entities.

This review will aim to identify the cookies being used, analyze whether they are first-party or third-party, session or persistent cookies, and specify their function in order to determine whether they fall within the scope of Article 22.2. Given the potential changes that may occur in the management and use of cookies, it is advisable to conduct this review periodically to update the information available about these cookies. In any case, it is advisable that the solutions implemented to comply with the obligations of Article 22.2 of the LSSI be technologically neutral and, therefore, be solutions that most browsers recognize.

3. LINK FOR COOKIE IDENTIFICATION:

It is advisable that the information provided on how you manage cookies (including how to revoke consent and delete cookies) be made available in an accessible and permanent manner at all times via the website, app, or online service in question.

For these purposes, and without prejudice to any other solutions that may be adopted, the requirement shall be deemed met when the cookie management system (configuration panel or CMP, which allows website or app owners to obtain, manage, and disseminate consumer consent) is integrated into the cookie policy itself, or when the policy includes a link that leads directly to the management system or configuration panel.

AEPD Guide, 3.2.10. Possibility of denying access to the service if cookies are rejected:

There may be certain circumstances in which refusing to accept the use of cookies prevents access to the website or the full or partial use of the service, provided that the user is adequately informed and offered an alternative—not necessarily free—for accessing the service without having to accept the use of cookies.

These cookies must comply with EU Regulation 2016/679 (GDPR), Spanish Organic Law 3/2018 (LOPDGDD), Law 34/2002 (LSSI-CE), as updated on May 9, 2023, and the AEPD’s July 2023 Guide on the Use of Cookies, in accordance with the EDPB’s criteria.