Privacy Policy

On this page we explain the privacy terms with which the personal data entered on our website will be managed.


In accordance with Regulation (EU) 2016/679 of the European Parliament and Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation – GDPR), Organic Law 3/2018 of 5 December on the Protection of Personal Data and the guarantee of digital rights and Law 34/2002 of 11 July on information society services and electronic commerce.

The person in charge of the treatment of the personal data of the users is: Bastida SCP, NIFJ01918127, located in c/ Sant Leopold, 63, (08221 – Terrassa). Email address:

Activity: Online sale of uniforms and accessories.

This Privacy Policy may vary depending on legislative or self-regulatory requirements, so users are advised to visit it periodically. It will be applicable in case users decide to fill in any of its contact forms where personal data is collected.

Bastida has adapted this website to the requirements of Regulation (EU) 2016/679 of the European Parliament and Council of 27 April 2016 (RGPD), as well as to the Organic Law 3/2018 of 5 December on the Protection of Personal Data and the guarantee of digital rights and Law 34/2002 of 11 July on Information Society Services and Electronic Commerce (LSSICE or LSSI). For the purposes of the provisions of the General Data Protection Regulation mentioned above, the personal data you send us through the forms on the website will be treated as “web users and subscribers”.

For the treatment of our users’ data, we implement all the technical and organizational security measures established in the current legislation.


At Bastida we respect the right to privacy of the users of our platforms. Among our principles we highlight the following:

  • To protect your privacy and your data as diligently as possible, and to offer a tailor-made service.
  • Personal data is collected for specific purposes based on user consent.
  • We do not sell your personal data to anyone.
  • Principle of legality, loyalty and transparency: We will always require your consent for the processing of your personal data for one or more specific purposes which we will inform you of beforehand with absolute transparency.
  • Principle of data minimization: We will only request data that is strictly necessary in relation to the purposes for which we require it.
  • Principle of limitation of the period of conservation: the data will be kept for no longer than necessary for the purposes of treatment, depending on the purpose, we will inform you of the corresponding period of conservation, in the case of subscriptions, we will periodically review our lists and remove those records inactive for a considerable time.
  • Principle of integrity and confidentiality: Your data will be treated in such a way as to ensure adequate security of personal data and guarantee confidentiality. You should know that we take all necessary precautions to prevent unauthorized access or improper use of our users’ data by third parties.

This Data Protection Policy applies to data that Bastida collects from individuals or entities through various sources (e.g., websites, social networking pages, events or consumer involvement services) and, on occasion, through third parties. The company collects the following personal data:

Shared by the user with Bastida (identifying data).

Bastida collects personal data when you request information, place an order, register for a contest or use a company application. When the user is providing this information, the user will be informed which data is mandatory and which data may be provided by the user on a completely voluntary basis. We highlight the following types of personal data:

  • Contact information (name and surname, email, telephone, address).
  • Information for account login or to fill in some kind of survey.
  • Economic data for the purchase.
  • User generated content.
  • Employment information.

The data comes from:

  • Contact form.
  • Newsletter subscription form.
  • Service request form.
  • Sales process.

Shared automatically when interacting with our web.

Bastida uses cookies and other tracking technologies that collect certain types of information when you interact with Bastida’s website. We highlight IP addresses, web browsing preferences, pages the user has visited, and the browsing experience, such as time of visit. For more information, you may refer to our Cookie Policy

Data collection also takes place on third-party social networking sites (such as the “Like” feature on Facebook and Instagram or the “Follow” feature on Twitter) through social plugins. The purpose of data collection and the further processing and use of data by providers on their pages, as well as the rights and options for settings to protect your privacy, can be found in the data protection references of the respective providers. If the user does not want the websites of such third-party social networks to distribute data collected through Bastida website to the user’s account on such social network, the user must log out of the social network website before visiting the website.

Collected from other sources

 Bastida collects information from other sources as well:

  • Promotional partners and other companies (subject to their privacy policies and current legislation).
  • Payment processors to protect all our customers against possible fraud.
  • Third party data aggregators/collectors.
  2. a) Right of access

The user shall have the right to obtain from “Bastida” confirmation as to whether or not personal data concerning him are being processed, and to the following information: the purposes of the processing; the categories of data being processed; the recipients or categories of recipients to whom they have been or will be communicated; if possible, the intended period of retention of the personal data or, if not possible, the criteria used to determine this period. In such cases, Bastidawill provide you with a copy of the personal data being processed. In addition, when requested by electronic means, information will be provided in a commonly used electronic format. The user may exercise this right every six months, unless there is legitimate cause to request it more than once within that six-month period. In cases where clearly unfounded or excessive requests are made, especially for repetitive ones, Bastida may charge a fee to compensate for the administrative costs of dealing with the request, which will correspond to the actual cost of processing the request. Bastida will inform you of the action taken on your request within one month (which may be extended by two months in the case of particularly complex applications, which we will notify you of within the first month). If Bastida decides not to process an application, it will inform you of this, and will give reasons for the refusal, within one month of the user submitting the application.

  1. b) Right of rectification

The user shall have the right to obtain from Bastida the rectification of inaccurate personal data concerning him/her. Furthermore, taking into account the purposes of processing, he shall have the right to have incomplete personal data completed, including by means of an additional declaration. To do so, you must indicate in your application what data you are referring to and the correction to be made; as well as accompany, when necessary, the documentation justifying the inaccuracy or incompleteness of the data being processed.

  1. c) Right of suppression

The user shall be entitled to obtain from Bastida the removal of the personal data concerning him/her when one of the following circumstances occurs: that it is not necessary in relation to the purposes for which it was collected or processed; that he/she withdraws consent and the processing is not based on any other legal basis; that he/she opposes the processing and no other legitimate reasons for the processing prevail; that it has been processed unlawfully.

When the removal results from the exercise of the right of opposition for direct marketing purposes, Bastida may retain your identification data in order to prevent future processing for direct marketing purposes.

Where Bastida has made personal data public and is required to delete such data, taking into account the technology available and the cost of implementation, it will adopt reasonable measures, including technical measures, with a view to informing those responsible for processing personal data of the request to remove any link to such personal data, or any other copy or replica thereof.

The foregoing shall not apply: for the exercise of the right to freedom of expression and information; for the fulfilment of a legal obligation requiring the processing of data, or for the performance of a mission carried out in the public interest or in the exercise of public powers vested in the person responsible; for the purposes of scientific or historical research or statistical purposes, to the extent that the right of suppression could make it impossible or seriously impede the achievement of such objectives; for the formulation and exercise or defence of claims.

  1. d) Right to limit processing

The user shall be entitled to obtain from Bastida the limitation of data processing when any of the following conditions are met:

  • When you have contested the accuracy of your personal data, for as long as it allows Bastida to verify the accuracy of the data.
  • In the event that you consider the processing to be unlawful and Bastida has objected to the deletion of the personal data and requests instead to limit its use.
  • That Bastida no longer needs the personal data for the purposes of processing, but that the user needs it for the formulation, exercise or defence of claims.
  • In the event that you have objected to the processing, while verifying whether Bastida’s legitimate reasons prevail over your own.

Where the user has obtained a limitation on treatment under this section, he or she will be informed by Bastida prior to the lifting of such limitation.

Bastida will communicate any rectification or deletion of personal data or limitation of processing to each of the recipients to whom the personal data has been communicated, unless this is impossible or requires a disproportionate effort. Bastidawill inform the data subject about such recipients, if requested.

  1. e) Right to the transfer of data

The user shall have the right to obtain from Bastida personal data concerning him/her, which he/she has provided to Bastida, in a structured, commonly used and machine-readable format, and to transmit it to another data controller without being prevented from doing so by Bastida, where processing is based on consent, and is carried out by automated means.

In exercising your right to data portability, you are entitled to have personal data transmitted directly from controller to controller where technically possible. The exercise of this right shall be without prejudice to the powers granted by the right of withdrawal.

This right to portability shall not apply to treatment that is necessary for the fulfilment of a mission carried out in the public interest or in the exercise of public powers conferred on Bastida.

The right to portability shall not extend to data that Bastida would have inferred from data directly derived from the use by Bastida of the services provided.

  1. f) Right of opposition

The user shall have the right to object to the processing of data concerning him/her, at any time, including the drawing up of profiles.

Should the user exercise this right, Bastida will cease to process his or her personal data, unless Bastida can demonstrate compelling legitimate reasons for the processing to prevail over the interests, rights and freedoms of the user, or for the formulation, exercise or defense of claims.

Where the processing of personal data is for the purpose of direct marketing (a form of advertising using one or more means to communicate directly with a target audience and obtain a measurable response from them), the user shall have the right to object at any time to the processing of personal data concerning him/her, including the drawing up of profiles insofar as it relates to such marketing. Where he objects to the processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.

  1. g) Right in relation to automated individualized decisions

In relation to automated individualized decisions, including profiling, you have the right not to be the subject of a decision based solely on automated processing, including profiling, unless it is necessary for the conclusion or performance of a contract between you and Bastida; is authorized by law and also provides for appropriate measures to safeguard your rights and freedoms and your interests; or is based on your explicit consent.

Where it is necessary for the conclusion or performance of a contract and/or is based on consent, Bastida will take appropriate steps to safeguard your rights and freedoms and your legitimate interests, giving you, at a minimum, the right to obtain human intervention by Bastida, as well as the right to express your point of view and to challenge the decision.

Additionally, we inform you that you may contact the Spanish Data Protection Agency to obtain additional information about your rights. We also inform you, that in the case that consent has been given for a specific purpose, which has the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent prior to withdrawal. Likewise, we inform you that you can file a complaint with the competent Data Protection Control Authority, especially when you have not obtained satisfaction in the exercise of your rights.

You may exercise the rights described above by contacting the following e-mail address:

The interested parties will also have the right to effective judicial protection and to file a complaint with the control authority, in this case, the Spanish Data Protection Agency, if they consider that the processing of personal data concerning them infringes the Regulation.


Purposes, legitimization and conservation of the processing of the data sent through:

Contact form

Purpose: To provide you with a means to contact us and answer your requests for information, as well as to send you communications about our products, services and activities, including by electronic means, if you check the acceptance box.

Legitimation: The user’s consent when requesting information from us through our contact form and by checking the acceptance box for sending information.

Conservation period: Until your request is resolved or answered by email, if you have not generated a new treatment. In case you have accepted to receive commercial advertisements, until you request the cancellation of the same.

Sending of e-mails.

Purpose: To answer your requests for information, attend to your requests and answer your questions or doubts.

Legitimation: The consent of the user when requesting information through the email address.

Conservation: Until after your request has been answered by email, if it has not generated a new treatment.

Management of orders:

Purpose: We use your personal information to accept and process orders, deliver products and services, process payments and communicate with you regarding orders, products, services and promotional offers.

Legitimacy: The provision of a service, processing is necessary for the execution of a contract to which the person concerned is a party or for the implementation at his request of pre-contractual measures;


Purpose: To contact the user for purposes related to marketing, including marketing and social functions within the framework of social networks, which includes:

  • Sending newsletters (bulletins), if the user is subscribed to such service.
  • Suggesting products or services that it considers to be of interest to the user.
  • Offering the opportunity to take part in competitions or promotions.

Legitimacy: consent as a legal basis (according to Article 6, paragraph 1, letter a of the GDPR – General Data Protection Regulation.


Retention: Until the user cancels his consent for communications.


In accordance with the provisions of the General Regulations on Data Protection (GDPR) 2016/679 Bastida with address at c/ Sant Leopold, 63, 08221, Terrassa will be responsible for the processing of the data corresponding to Users of the website and subscribers.

Bastida does not sell, rent or lease personal data that may identify the user, nor will it do so in the future, to third parties without prior consent. However, in some cases, collaborations with other professionals may be possible. In such cases, users will be required to give their consent, informing them of the identity of the collaborator and the purpose of the collaboration. It will always be carried out with the strictest security standards.


The categories of data that are processed are identification data, as well as economic data (credit or debit card number) to process orders. Specially protected data categories are not processed.


The personal data provided will be kept until you request the removal, as described above, according to the purpose of the treatment.

We will keep the data for the shortest possible time, and in any case for 5 years since the last business relationship with the user. This period should take into account the reasons why the data processing is needed, as well as the legal obligations to keep the data for a certain time (such as national labour, tax or anti-fraud legislation requiring the retention of personal data on employees for a certain period, the duration of product warranty, etc.).


Some of the tools we use to manage your data are contracted out to third parties.

In order to provide services that are strictly necessary for the development of the activity, www.bastidaforwork,com, shares data with the following providers under their corresponding privacy conditions

Paycomet: PAYCOMET is a PCI – DSS Level 1 platform, the most advanced certification. We encrypt your customers’ card details and store them in the form of tokens: process transactions without having access to the card details, reducing the risk of fraud. Improve the user experience when making 1-click purchases, subscriptions or recurring payments.

Hosting: cdmon, 10DENCEHISPAHARD, S.L., NIF nº B62844725 located in C/ Girona 81-83 local 6, Malgrat de Mar 08380, e-mail More information at: Cdmon processes the data for the purpose of providing hosting services to Bastida.

Authorities, for legal reasons and potential buyers, to carry out a specific transaction. This includes government or police authorities who request that Bastida disclose the information in accordance with current legislation.


While browsing may collect non-identifiable data, which may include, IP addresses, geographic location (approximately), a record of how the services and sites are used, and other data that cannot be used to identify the user.


Bastida is committed to the use and processing of users’ personal data, respecting their confidentiality and using them in accordance with their purpose, as well as to fulfilling its obligation to safeguard them and adapt all measures to avoid their alteration, loss, processing or unauthorized access, in accordance with the provisions of current data protection regulations.

This website includes an SSL certificate. It is a security protocol that makes your data travel in an integral and safe way, that is, the transmission of the data between a server and web user, and in feedback, it is totally encrypted. cannot guarantee the absolute impregnability of the Internet network and therefore the violation of data through fraudulent access to them by third parties.

With respect to confidentiality of processing, Bastida will ensure that any person who is authorized by Bastida to process customer data (including its staff, collaborators and providers), will be under an appropriate obligation of confidentiality (whether a contractual or legal duty).

When a Security Incident occurs, upon realization by Bastida, Bastida shall notify the Client without undue delay and shall provide timely information related to the Security Incident as known or as reasonably requested by the Client.


As a user, you are solely responsible for the truthfulness and correctness of the data you submit to exonerating Bastida from any responsibility in this regard.

Users guarantee and are responsible, in any case, for the accuracy, validity and authenticity of the personal data provided, and undertake to keep them duly updated. The user agrees to provide complete and correct information in the contact or subscription form.


The user declares that he or she has been informed of the conditions regarding the protection of personal data, accepting and consenting to the treatment of such data by Bastida in the manner and for the purposes indicated in this privacy policy.


The consent given, both for the treatment and for the transfer of the data of the interested parties, can be revoked at any time by communicating it to Bastida in the terms established in this Policy for the exercise of the rights. This revocation will in no case be retroactive.


Bastida reserves the right to modify this policy to adapt it to new legislation or case law, as well as to industry practices. In such cases, Bastida will announce on this page the changes made with reasonable notice prior to their implementation.


In accordance with the LSSICE, Bastida does not engage in SPAM, and therefore does not send commercial mailings by electronic means that have not been previously requested or authorized by the user. Consequently, in each of the forms on the website, the user has the opportunity to give their express consent to receive the newsletter, regardless of the commercial information requested.

In accordance with the provisions of Law 34/2002 on Services of the Information Society and Electronic Commerce, undertakes not to send commercial communications without properly identifying them.

Last date modification: November 17th, 2021