1. INTRODUCTION

This Privacy Policy and "cookies" (hereinafter, the "Privacy Policy") provides detailed information on how EPIARTE, SL (hereinafter, "EPIARTE "), uses and protects your personal data when you browse our website www.institutomoll.com (hereinafter, the "Website"), as well as your rights in this respect.

This Privacy Policy is applicable to the processing of personal data that you provide to us or that we obtain from you when you access and use the Website, whether to browse the website, request information, contact us or make use of the functionalities or services available on the Website.

EPIARTE respects your right to privacy and complies with current legislation on the protection of personal data, including the Organic Law 3/2018 , of December 5 , Protection of Personal Data and Guarantee of digital rights , its regulations development and any other rules that may modify, supplement or replace in the future, and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and the free movement of such data and the Directive 95/46/EC ( the “General Data Protection Regulation") applicable from 25 May 2018, and any other rules which may further develop or complement it in the future.

We recommend that you carefully review our Privacy Policy to ensure that you understand how your personal data will be used when you browse the Website.

2. WHO IS RESPONSIBLE FOR PROCESSING YOUR DATA?

The person responsible for processing your data, or data controller, is the legal entity that determines the purposes and means of the processing of personal data. In other words, the data controller decides how and for what purposes the personal data are processed.

For the purposes of this Privacy Policy, the data controller is EPIARTE, S.L., with registered offices at c/ Montevideo 18 bis, 08034 Barcelona (Spain), registered in the Barcelona Companies Register, Volume 21,566, Folio 130, Page 24,397, and holding Tax ID B-08849978.

3. WHO IS YOUR CONTACT AT EPIARTE FOR PERSONAL DATA PROTECTION PURPOSES?

Should you have any questions or wish to receive further information on the processing or protection of your personal data, you can contact us by any of the following means:

Data controller: EPIARTE, S.L.
c/ Montevideo 18 bis, 08034 Barcelona (Spain)
Email: redaccion.philostrato@institutomoll.es

4. WHAT IS PERSONAL DATA?

Personal data is any information about an identified or identifiable natural person.

5. WHAT PERSONAL DATA ARE PROCESSED BY EPIARTE?

For the purposes established in this Privacy Policy, EPIARTE collects and processes the personal data detailed below:

a) Identifying data: name, surname, identity card (tax identification number or code, foreign national identification number, passport or residency permit number).
b) Contact information: postal address, email address, landline phone number, mobile phone number.
c) Electronic data: IP address, device type and identification, browser type and language, domain through which you access the Website, browsing data, and activity on the Website.

EPIARTE does not intentionally collect information about minors, unless it has the express consent of their parents or legal guardians. You warrant that you are 14 years of age or older. If you know or suspect that EPIARTE has personal information about minors, please contact us through any of the channels indicated in Section 3 of this Privacy Policy, and they will be eliminated.

6. COLLECTING AND OBTAINING PERSONAL DATA.

EPIARTE collects and treats the personal data that you voluntarily provide us through your interaction with our Website, specifically:
• by subscribing to our Website
• by subscribing to our notifications

You will only be obliged to provide the personal data that is necessary for EPIARTE to be able to provide you with the services or to put at your disposal the functionalities of the Website that you have requested.

For example, if you wish to receive notifications from EPIARTE, you will need to provide us with your email. If you request information from us or wish us to contact you, you must provide us with the necessary contact information for this purpose. If you do not provide this personal information, it would be impossible for us to provide our services to you.

The forms available on the Website, will be marked with an asterisk (*) indicating the fields that are required to be completed. If we do not provide all the obligatory data or if we receive any abnormal or incorrect response, we will not be able to attend your request or provide the corresponding service or functionality.

You warrant and acknowledge that you are accountable, in any case, for the truthfulness, accuracy, validity and authenticity of the personal data provided and agree to keep them duly updated.

It is not necessary for you to provide your personal data when browsing our Website. However, when you do visit our site, EPIARTE collects the following information automatically and through cookies and other tracking technologies, according to the specific setup of your browser: IP address, device type and identification, browser type and language, domain through which you access the Website, browsing data, and activity on the Website. For more information, please check the Cookies Policy.

7. WHAT DO WE USE YOUR PERSONAL DATA FOR? PURPOSES AND LEGAL GROUNDS FOR PROCESSING.

The personal information you provide us and that we collect from you is used to provide you with high quality service and to inform you about notifications that we believe will be of interest to you.

The specific purposes for which we treat your personal data are detailed below:
a) To provide you with information requested by you. In this case, the legal basis for the processing of your data is your consent.
b) b) To send you notifications and news about products and services from EPIARTE. In this case, the legal basis for the processing of your data is your consent.
c) To communicate with you for different purposes, including answering your questions or informing you about our activity or security problems (in this case, the legal basis for processing is the execution of the agreement between EPIARTE and you).
d) To guarantee the security of our Website and the information. In this case, the legal basis for the processing of your data is the legitimate interest in providing a secure environment and avoiding damage to the EPIARTE systems and the information of its users, as well as unauthorized access and improper use thereof.
e) As regards the purposes of the use of cookies, see section 12 of this Privacy Policy “USE OF COOKIES”. In this case, the legal basis for the processing of your data is your consent.

When the basis of the treatment is consent, you can revoke it at any time by sending us a communication to protecciondatos@epi.es , accompanying a copy of your ID or document proving your identity, indicating your address for communication purposes and providing the necessary details to process your request. You can always contact us through any of the channels indicated in section 3 of this Privacy Policy.

To what extent will decision-making be automated?
EPIARTE does not use fully automated decision-making processes to establish, develop or terminate a contractual relationship with you. If we use these processes in a particular case, we will keep you informed and notify you of your rights in this regard if required by law.

8. WHO DO WE SHARE YOUR PERSONAL DATA WITH?

We only use, transfer or share personal data with third parties under the terms described in this Privacy Policy. EPIARTE neither sells nor rents your personal data to third parties and will only communicate them to individuals or entities if we obtain your prior consent or in compliance or in accordance with applicable law where such consent is not necessary for a specific transfer.

We will share or give third parties access to your personal data when doing so is necessary to achieve one of the purposes described below and in accordance with applicable law:

a. Our suppliers. EPIARTE will communicate or allow access to your personal data to companies that provide services to us under a contract, when necessary for the fulfilment of the purposes described in Section 7 of this Privacy Policy web platform services, email distribution, web positioning services, marketing and promotional campaign organisation. If any of these service providers need access to your personal data, they use it only to provide us with a service and in accordance with our instructions. We also require them to maintain the confidentiality and security of the data and to return or destroy the data when they no longer need it.

b. Legal obligations: EPIARTE may communicate your personal data when the transfer is authorised by law or is necessary to comply with a legal obligation, including the transfer to the competent authorities, judges and courts.

c. International transfers. Your data will not be transferred outside the European Economic Area (hereinafter EEA). If in order to comply with the purposes described in this Privacy Policy it is necessary to transfer your personal data to countries where the level of protection may not be the same as that provided in Spain, EPIARTE will duly inform you and comply with the applicable legal provisions, requesting your consent or offering adequate guarantees.

9. WHAT MEASURES DO WE TAKE TO KEEP YOUR PERSONAL INFORMATION SECURE?

EPIARTE takes the appropriate technical and organisational measures in accordance with current legislation to protect your personal data against any misuse, destruction, loss, accidental or unlawful alteration, disclosure or unauthorised access, including those necessary to deal with any suspected data breaches.

You agree to maintain and use the username with due diligence. The use of the password is personal and non-transferable, and it may not be assigned, even temporarily, to third parties. In this regard, you must take the necessary measures to safeguard the password, avoiding its use by third parties. Consequently, you are solely responsible for the use made of your password, with complete indemnity for EPIARTE.

If you know or suspect that your password has been used by a third party or that it may be misused or accessed without your consent, please let us know as soon as possible through any of the channels described in Section 3 of this Privacy Policy.

10. HOW LONG DO WE KEEP YOUR DATA?

EPIARTE will retain your personal data for the time necessary to fulfil the purposes for which it was collected, provided that you do not exercise your right of deletion or revoke your consent.

The data shall then be removed, unless the law requires or permits a longer retention period (e.g. for the formulation, exercise or defence of claims), in which case they shall be kept duly blocked for the time necessary before being removed.

To determine an appropriate retention period for your data, we apply the following criteria:
a) The data necessary to provide you with information requested by you, will be kept for the time necessary to respond to and process such requests, in accordance with the applicable legal provisions and the time limits for actions established by law.
b) The data required to send you the notifications will be processed as long as you do not revoke your consent and inform us that you no longer wish to receive it, in accordance with the applicable legal provisions and the time limits for actions established by law.
c) The data needed to meet your requests related to EPIARTE services will be kept for the time necessary to meet and process such requests, in accordance with the applicable legal provisions and the time limits for actions established by law.
d) When you have consented to receive commercial communications, they will be kept as long as you do not revoke your consent and inform us of your wish to no longer receive them, in accordance with the applicable legal provisions and the time limits for actions established by law.
e) When cookies are installed on your device, the data will be stored in accordance with applicable legal requirements and recommendations issued by the competent authorities.

11. WHAT ARE YOUR RIGHTS REGARDING THE PROCESSING OF YOUR PERSONAL DATA?

Pursuant to applicable regulations, you have a number of rights in relation to the collection and processing of your personal data.

These rights include:
a) Right to be informed: You have the right to be informed in a concise, transparent, intelligible and easily accessible manner, in clear and simple language, about the use and processing of your personal data.
b) Right to access: You have the right to ask us at any time to confirm whether we are processing your personal data, to provide you with access to your personal data and information about their processing and to obtain a copy of such data. The copy of your personal data that we provide to you will be free of charge, although requests for additional copies may be subject to a reasonable fee based on administrative costs. We may ask you to provide proof of your identity or request further information as necessary to process your request.
c) Right of correction: You have the right to request the correction of inaccurate, outdated or incomplete personal data concerning you. You may also request that incomplete personal data be supplemented, including by means of an additional statement.
d) Right of deletion: You have the right to request the deletion of your personal data if, among other reasons, the data is no longer necessary for the purposes for which it was collected. However, this right is not absolute, and EPIARTE may continue to keep the data duly blocked in the cases provided for by applicable regulations.
e) Right to limit processing: You have the right to request that we restrict the processing of your personal data, which means that we may continue to store it, but not process it further if any of the following conditions are met:
- that you dispute the accuracy of the data, for a period of time allowing the data controller to verify the accuracy of the data;
- the processing is unlawful and you object to the deletion of the data and instead request the limitation of its use;
- EPIARTE no longer needs the data for processing purposes, but you need it for the formulation, exercise or defence of claims;
- You have objected to processing, while verifying whether EPIARTE's legitimate reasons prevail over yours.
f) Right to data portability: You have the right to have your data transmitted to another controller in a structured, commonly used and machine-readable format. This right applies when the processing of your personal data is based on your consent or on the performance of a contract and such processing is carried out by automated means.
g) Right to object: This right allows you to object to the processing of your personal data, including for the purpose of creating profiles. We will not be able to comply with your right only when we process your data if we can prove legitimate and compelling reasons for the processing or for the formulation, exercise or defence of claims.
h) Right to revoke consent: In cases where we have obtained your consent to the processing of your personal data in connection with certain activities (for example, for the purpose of sending you commercial information), you may withdraw your consent at any time.
i) Right to lodge a complaint with a supervisory authority: You have the right to file a complaint with the Spanish Data Protection Agency (AEPD), which can be contacted at http://www.aepd.es.

You may exercise your rights by sending us an email to redaccion.philostrato@institutomoll.es, attaching a document proving your identity and providing the necessary details to process your request.

12. USE OF COOKIES

Cookies allow us, among other purposes, to remember your preferences and recognize you in successive visits. This is achieved by storing certain information on your computer.

What is a cookie?
A cookie is a device that is downloaded to a user's terminal equipment in order to store data that can be updated and retrieved by the entity responsible for its installation.

When you access the Website and consent to its installation, small files with information are installed on your device (computer, tablet, telephone, etc.). These files (which are the cookies themselves) are part of the technology necessary for the proper functioning of the Website and are not inherently harmful.

Cookies are installed and stored on your device and allow tracking of your activity on the Internet.

You can completely disable the use of cookies in the configuration section of your browser. You can disable cookies, but the Website or some of its sections may not work properly.

What type of cookies do we use?
Depending on the entity that manages them, the cookies can be:
• Own cookies: Are those that are sent to the terminal equipment of the interested from a computer or domain managed by the editor and from which the service requested by the user is provided.
• Cookies third s: those that are sent to the terminal user’s computer from a computer or domain that is not managed by the editor, but by another entity that is data obtained through cookies.

The Website uses both own and third-party cookies.

According to the period of time they remain activated:
• Session cookies: They are a type of cookies designed to collect and store data while the user accesses a web page. They are usually used to store information that only interests to keep for the provision of the service requested by the user on a single occasion (e.g. a list of products purchased).
• Persistent cookies: They are a type of cookies in which the data is stored in the terminal and can be accessed and processed during a period defined by the person responsible for the cookie, which can range from a few minutes to several years.

The Website uses both persistent cookies and session cookies.

For what purposes can the cookies of the Website be used?
• Technical cookies: are those that allow the user to navigate through a web page, platform or application and the use of different options or services that exist in it, such as controlling traffic and data communication, identifying the session, access restricted access parts, use security elements during navigation, store contents for the dissemination of videos or sound or share content through social networks.
• Analysis Cookies: These are those that allow the person responsible for them to monitor and analyse the behaviour of the users of the websites to which they are linked. The information collected through this type of cookies is used in the measurement of the activity of the websites, application or platform and for the elaboration of navigation profiles of the users of said sites, applications and platforms, in order to introduce improvements in function of the analysis of the usage data made by the users of the service.

The Website uses cookies for the aforementioned purposes.

Next, a table with the information of the cookies used in the Website is collected:

The information collected below has been provided by these third parties.

Record files
Every time you access our website, your internet browser transmits certain usage data for technical reasons that are stored in protocol files, known as log files. These usage data are the following: date and time of access to the web; name of the web consulted; IP address of your computer or mobile device; address of the web from which you have accessed to the Institute Moll website; volume of data transferred and name and version of your browser.

The analysis of the log files helps us to improve our internet products and to facilitate their query, to find and eliminate errors quickly and to control the capabilities of the server.

Social plugins
A "plug-in" or add-on is an application (or computer program) that is related to another to add new and usually very specific information. In EPIARTE we do not use social plugins.

Web beacons and embedded scripts
The web beacons (web beacons, web bugs, web beacons ...) and embedded scripts are other technologies that we use on the Website, as well as in some of the emails and advertisements.

Web beacons (or "tags") are fragments of programming code included in the Website, emails and advertisements to inform EPIARTE (or the companies that help us conduct our operations) that such web pages, emails electronic or announcements have been viewed or clicked on.

Embedded scripts are snippets of programming code that are included in the Website to measure the use of these web pages, such as in which links are clicked. We use this information to improve the Web site and adapt it to the issues that probably more interested nand to conduct market research.

You can disable functions r scripts, such as JavaScript language, in your browsed r (see the help function of your browser). Remember that if you completely disable scripting functions, Adobe websites may not work correctly.

How can I disable cookies?
You can set your browser to reject all cookies. However, it is possible that some features or services of the Web may not work properly without cookies. Most browsers allow cookies to be completely deactivated, so that you can at any time choose which cookies you want to work on this Website by modifying the configuration of your browser. You can find more information in the configuration of your browser. Next, we also provide you with links to the websites of the main browsers:
• Apple Safari*
• Google Chrome*
• Microsoft Internet Explorer*
• Mozilla Firefox*

13. AMENDMENTS

EPIARTE may amend the Privacy Policy to adapt it to changes that may occur on the Website or in connection with the processing of your personal data. In such a case, EPIARTE will contact you through the usual channels of communication, notify you in advance of any changes, and send you the updated privacy policy.

Up-to-date and previous versions of the Privacy Policy will be available at all times on the Website.