BIOMKET PRIVACY POLICY

Last updated: April 29, 2025

1. Data Controller Identification

In compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 (GDPR), and Spanish Organic Law 3/2018 on Personal Data Protection and Digital Rights, CAINMANI RESOURCES S.L., the owner of the BIOMKET platform, informs users about its data protection policy.

2. Purposes Of Data Processing

BIOMKET processes users’ personal data to manage their registration and maintenance on the platform, enable contact between parties, facilitate organic waste trading, handle claims, issue invoices, process payments through authorized third parties, and perform internal analysis to improve services. It may also send commercial communications with user consent and comply with legal obligations including anti-money laundering and fraud prevention regulations.

3. Legal Basis For Processing

BIOMKET processes personal data based on various legal grounds depending on the purpose: contract execution (when users register or use the platform), explicit consent (e.g. for marketing communications), legal obligations (e.g. invoicing or anti-money laundering laws), and the company’s legitimate interest in ensuring proper service operation and security.

4. Categories Of Data Processed

• Identification data: name, surname, address, phone, email, ID/passport.
• Financial data: bank account, payment method.
• Commercial data: transaction-related data.
• Technical data: IP, cookies (see Cookie Policy).
• Legal data if acting on behalf of a company.

5. Data Controller Commitments

• Process data only for the stated purposes.
• Not share data with third parties except when legally required or necessary for service delivery (e.g. logistics or verifiers).
• Not subcontract data processing without prior notice, except for authorized payment and logistics providers.
• Ensure data security and confidentiality through technical and organizational measures.
• Maintain an activity log and perform impact assessments if required.
• Report any security breach within legal deadlines (maximum 72 hours).

6. Recipients And Subprocessors

We may share data with:

• Public administrations, courts or authorities to meet legal obligations.
• Data processors such as:
• Payment service providers
• Transport and logistics companies
• Goods verifiers
• Technology providers (hosting, CRM software, etc.)

BIOMKET ensures all processors offer GDPR-compliant guarantees and has signed data processing agreements with them in accordance with Article 28 of the GDPR.

7. International Transfers

If any international data transfers occur, BIOMKET will ensure they are carried out in accordance with the European Commission’s Standard Contractual Clauses or other adequate GDPR-compliant safeguards.

8. Security Measures

BIOMKET applies the following measures:

• Encryption and pseudonymization of sensitive data.
• Access control and secure authentication.
• Backup and recovery protocols.
• Ongoing monitoring of security incidents.
• Staff training and confidentiality commitments.

9. Data Retention

• Data will be retained during the contractual relationship and for legally required periods (tax, accounting, etc.).
• Up to 10 years if required under anti-money laundering laws.
• Afterward, data will be blocked until any legal liability periods expire.

10. User Rights

You may exercise the following rights:

• Access your data.
• Request rectification of inaccurate data.
• Request deletion when data is no longer needed.
• Limit processing.
• Object to processing for legitimate reasons.
• Request portability to another controller.
• Withdraw consent at any time.

To exercise your rights, email us at:
legal@biomket.com
Attach a copy of your ID or equivalent identification document.
If you are not satisfied, you can file a complaint with the Spanish Data Protection Agency (AEPD): www.aepd.es
We will respond within one month, extendable to two months for complex requests, as per Article 12 of the GDPR.

11. Cookies And Browsing

BIOMKET uses cookies to ensure proper website functionality, and for statistical and customization purposes, based on user consent when legally required. For full details, please refer to our Cookie Policy.

12. Changes To This Policy

BIOMKET reserves the right to modify this Privacy Policy at any time to reflect regulatory or functional updates. Any substantial changes will be communicated to users via appropriate channels.