The purpose of this Privacy Policy is to let you know how we collect, process and protect the personal data provided through our website or blog (hereinafter referred to as the Website) and freely decide whether you wish us to process it. 
Visiting this website does not imply that the user is obliged to provide any information. In the event that the user provides some personal information, the data collected on this website will be treated fairly and lawfully at all times subject to the principles and rights set out in the General Regulation on Data Protection (EU) 2016/679 (RGPD) and Organic Law on Personal Data Protection and digital rights guarantee, LOPD 3/20018.

Data of the Person Responsible

CIF/NIF: A02152510
P.I. El Mugrón III Phase - C/ Ronda Sur, 27-29, 02640, Almansa (Albacete) España.
Registered in the Mercantile Registry of Albacete, Volume 285, Book 49, Folio 152, Section 8, Page 965
Processing of personal data

The personal data you have provided will be treated confidentially and will be incorporated into the corresponding processing activity owned by our entity.
We request those essential data to meet your request, invoice if you make a purchase or contract or maintain the relationship with your person if you request or when we are obliged to provide services and / or meet their purchases on this website.

Your personal data will be processed for the sole purpose of responding to your requests.
We do not send advertising without the prior consent of the user.

The processing of your data is carried out on the following bases:
  • Requesting information, applying for employment and/or contracting our services and/or purchasing products.
  • Free, specific, informed and unequivocal consent, given that we inform you of this privacy policy, which after reading it and if you agree, you can accept by ticking the boxes provided for this purpose.
You can change your mind at any time and withdraw your consent.
Security Measures

Our company has implemented all the necessary technical and organisational measures to protect the personal data processed, preventing their loss, theft or unauthorised use.
These measures are periodically verified in our controls of compliance with specific regulations.
Conservation of data

The personal data provided will be kept for as long as necessary to fulfil the purpose for which they are collected and to determine any liabilities that may arise from the purpose.
In the case of job applications, they will be kept for a maximum period of 1 year or until the interested party asks us to delete their data.
Rights of data subjects

You have the right to know whether our entity is processing your personal data; therefore, you have the right to access your data, rectify them if they are inaccurate or request their deletion when the data are no longer necessary.
You can also exercise your right of limitation or portability if you deem it convenient and for this you can do it in writing to our entity by email to attaching a copy of your ID to identify you.
If you have any suggestions or queries regarding the processing of your data, you can contact our data protection consultants here.
If you wish to make a claim for understanding that your rights have been violated, you can do so before the Spanish Data Protection Agency.

Elaboration of profiles

We do not create profiles using your personal data, but if you do, you will be informed and asked for permission to do so.

Similarly, you have the right to object to this type of processing at any time.

Transfer of data

Your personal data will not be transferred to other countries or third parties except in cases where there is a legal obligation.

In case of purchase of products or hiring of services, your personal data may be transferred to those entities necessary to deliver the products purchased or provide our services.

Our bank will know your data to manage the collection of products or services, as well as those in charge of processing necessary for the execution of contracts and / or purchases.

In the case of transfers to other entities or to other countries, we will inform you and request your prior consent.

Social media

From our website, you can access our social media profiles, such as Facebook, which are open to all users. Users can register on these websites and follow us free of charge. On these social media, users can find out about our activities, opinions and access photos and videos. Users of these social media should be aware that they are independent of the website and are open, that is to say, visible to all users, and the privacy policies applicable to that content are those laid down by Facebook. Sancho Boots does not own social media.

Corporate Commitment to Data Protection

Scope of application

This Code of Conduct shall be binding on all departments, employees of our entity and those acting on our behalf.


We have established protocols for the processing of personal data, in accordance with the provisions of Spanish and European data protection regulations, so as to guarantee the security and confidentiality of such data at all times.


Lawfulness, Loyalty, Transparency, Minimization of data, Accuracy, Limitation of conservation period, Integrity, Confidentiality and active Responsibility.

Special category of data

The processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, the processing of genetic data or biometrics, data concerning health or data concerning sexual orientation shall be prohibited, except in the case of legally authorised exceptions and with the prior consent of the data subject.

Rights of the data subjects

Data subjects shall have the right of access to their personal data, as well as the right to rectify them when they are inaccurate, erase them when their processing is no longer necessary or not desired, limit them to certain processing, have the possibility to receive their data easily and in structured formats commonly used by the controller, and have their data used for profiling purposes and to object to their processing at any time.

Activity Log, Impact Assessment and Security Measures

Our entity will carry out a register of processing activities and will analyse the purposes of the processing, categories of data subjects and data, recipients, international transfers, storage periods, etc., in order to assess the risks of the processing and to implement the necessary security measures to safeguard personal data under the principles of confidentiality and secrecy. Likewise, we have analyzed the need to appoint a Data Protection Delegate, establishing if necessary that the person appointed to this position will have sufficient knowledge and experience in accordance with the provisions of current regulations.


We have hired the services of an external consultant to carry out a periodic audit to evaluate compliance with this commitment and all legal obligations in this area.

The Management