Skip to content

ENVÍO PREMIUM A TODA EUROPA. IMPUESTOS Y ADUANAS INCLUIDOS (DDP). SABER MÁS


OFFICIAL DOCUMENTATION | REV. JANUARY 2026

REGULATORY COMPLIANCE DOSSIER

Total transparency. Below, we outline the legal matrix, privacy directives (GDPR), and traceability protocols operating within the PHOENIX ecosystem.


SEC. 01

DIGITAL IDENTITY (LSSI-CE)

In compliance with Article 10 of Law 34/2002, of July 11, on Information Society Services and Electronic Commerce (LSSI-CE), the identifying details of the owner and party responsible for this platform are hereby disclosed.

REGISTERED COMPANY NAME
PHOENIX TECHNOLOGIES SPAIN CES S.L
NIF
B-18810119
HEADQUARTERS
Parque CITAI, C/ Los Visos, Nº 14, CP: 18130, Escúzar, Granada (España)
COMERCIAL REGISTRY
Commercial Registry of Granada, Volume 1251, Folio 1, Page GR-31817. Incorporated: 12/21/2006.
OPERATIONAL CONTACT
gestion@phoenixtechnologies.es| (+34) 958 18 76 96
CONTACT DPO
dpo@phoenixtechnologies.es

SEC. 02

ASSET PROTECTION

The source code, industrial designs, logos, product images, 3D renders, animations, software, and texts hosted on this website are strictly protected by intellectual and industrial property laws in favor of Phoenix.


Reproduction, computer processing, distribution, dissemination, modification, transformation, or decompilation of any asset is prohibited without prior written consent from Phoenix. All derivative rights are expressly reserved. We reserve the right to initiate legal action in response to any infringement or unauthorized use of our assets or brand.

SEC. 03

PRIVACY MATRIX (GDPR)

As Data Controllers, we guarantee that your personal data will be processed in accordance with Regulation (EU) 2016/679 (GDPR) and the current LOPD-GDD 3/2018. Accessing, browsing, and using our services implies acceptance of this privacy matrix.

CLASSIFICATION OF PROCESSED DATA

We collect identifying data (first and last name), contact information (address, phone, email), data required for affiliate network registration, newsletter subscriptions, received resumes, and telemetry stored during your visit (browser, temporary IP, time on page).


PURPOSE OF OPERATIONS (OBJECTIVES)

  1. Structural Execution:
    Processing orders, managing affiliate platform registrations, providing technical support, and maintaining the contractual relationship.
  2. Strategic Communications:
    Sending newsletters and information regarding our engineering, high-performance chairs, and gaming ecosystem (subject to prior authorization).
  3. Recruitment Protocols:
    Processing candidate resumes for integration into selection processes.
  4. Events and Deployments:
    Processing registrations for promotional activities, where visual material may be published subject to unequivocal consent.

SEC. 04

LIFE CYCLE AND LEGITIMIZATION

CONSERVATION CRITERIA

Data will be retained as long as there is a mutual interest. Once this interest ends, pseudonymization or destruction protocols will be applied. Specific operational timeframes:


  1. Commercial / Billing Data:
    4 years (Tax Law) and 6 years (Commercial Code).


  1. Subscriptions (Newsletters):
    Until consent is revoked by the Operator.


  1. Labor Documentation (Candidates):
    A maximum of 2 years for future processes, unless otherwise stated.


  1. Video Surveillance Systems (Physical Facilities):
    30 days, in accordance with AEPD instructions.

LEGAL BASIS

We operate under the following legal bases: Express consent (web forms, subscriptions), Performance of a contract (hardware purchase, affiliate network), Legitimate interest (security telemetry, communications with existing customers), and Legal obligation (billing, commercial regulations).


SEC. 05

DATA FLOWS AND INTEGRATION

AUTHORIZED ENTITIES AND CORPORATE GROUP

Your data is not sold. To execute our services, we may share information with infrastructure providers (hosting, cloud, logistics). Furthermore, notice is given of the existence of a Corporate Group. Where a legitimate interest exists, data may be transferred for the same purposes to subsidiaries or companies with which we maintain structural relationships: Megasur, La Tienda Directa, and Dynos Online.


INTERNATIONAL DATA TRANSFERS

Based on the European Commission's adequacy decision (July 10, 2023), data flowing to providers in the U.S. will be handled under the EU-U.S. Data Privacy Framework, ensuring a level of protection equivalent to European standards. For transfers outside this framework, we apply strict safeguards such as Standard Contractual Clauses (SCC).


SEC. 06

OPERATOR RIGHTS (ARCO)

As the data subject, regulations grant you absolute control over your information. You may exercise the following rights by contacting our DPO at dpo@phoenixtechnologies.es or by mail to our headquarters:


  1. Right of Access:
  2. To obtain confirmation of the processing of your data and receive a copy of it.


  1. Right to Rectification:
    To modify inaccurate or incomplete data.


  1. Right to Erasure (Right to be Forgotten):
    To request the deletion of your data when it is no longer necessary for the purposes for which it was collected.


  1. Right to Object:
    To object to processing for reasons related to your particular situation, especially regarding direct marketing.


  1. Restriction and Portability:
    To temporarily restrict processing and receive your data in a structured, machine-readable format.


  1. Automated Decisions:
    The right not to be subject to decisions based solely on algorithms that produce legal effects.


In the event of a disagreement, you have the right to lodge a complaint with the Spanish Supervisory Authority (AEPD - www.aepd.es).


SEC. 07

CYBERSECURITY AND SOCIAL NODES

CYBERSECURITY PROTOCOLS

We have implemented mechanisms to ensure the confidentiality, integrity, availability, and resilience of our systems. We maintain a Record of Processing Activities (ROPA), have an official Data Protection Officer (DPO), and follow security breach notification protocols (Art. 33 GDPR). Data is protected against unauthorized access through encryption techniques and firewalls.


SOCIAL ECOSYSTEM (SNS)

Phoenix operates on Facebook, Instagram, YouTube, X (Twitter), and TikTok. The processing of our followers' data will be limited to what the social network permits for corporate profiles. We will not extract data without your prior consent. By interacting with these nodes, you accept the native privacy policies of each platform.


SEC. 08

TRACEABILITY MATRIX (COOKIES)

Our platform uses traceability files (cookies) to optimize system load and personalize the Operator experience. By interacting with the initial configuration panel, you can define the level of access permitted.


File Type

Structural Purpose

Status

Technical (Core)

Essential for keeping your session active, remembering your Operator ID, and processing the forge cart. They do not collect cross-referenced personal data.

Mandatory

Analytical (Telemetry)

Anonymously analyze navigation flows to help us detect interface bottlenecks and optimize server performance.


Optional

Marketing (Impact)

Third-party modules that evaluate the efficiency of our campaigns and prevent showing you redundant information on other platforms.

Optional

Manual Management: You have full control. You can revoke permissions at any time by blocking the deployment of cookies directly through your browser's security protocols or by clearing your local cache.

SEC. 09

USAGE PARAMETERS AND JURSDICTION

Accessing the platform implies acceptance of these regulations. The introduction of malicious code, denial-of-service (DDoS) attacks, or any attempt to compromise our infrastructure is strictly prohibited. Violators will lose access to the platform and be reported to the competent authorities.


  1. Limitation of Liability:
    We are not liable for supply failures due to force majeure, incidents on third-party networks, errors in data entry by the user, or cyberattacks beyond our corporate good faith.


  1. Dispute Resolution:
    Access and acquisitions are governed by Spanish law. Any dispute shall be submitted to the exclusive jurisdiction of the Courts of Granada.


  1. European Mechanism (Update):
    Please be advised that the European Commission's ODR platform ceased service in July 2025. For alternative digital assistance, consumers may consult the "Consumer Redress in the EU" portal.