PRIVACY POLICY

This Privacy Policy informs you about how we collect, process, and protect your personal data when you use our website and services. Please read it carefully before providing your data.

1. Data Controller

Kendu Retail S.L. (hereinafter, “Kendu”) is the data controller responsible for the processing of personal data collected through this website and related business activities.

Registered address: Calle Iribar 2, C29, 20018 SAN SEBASTIÁN, Gipuzkoa, España
Contact email: info@kendu.com

Kendu operates as part of an international group of companies, including affiliated entities such as Kendu POS Corp. (United States).

2. Data We Collect

We may collect and process personal data through the following channels:

1. -Publicly available professional source
2. -Directly from you (e.g. contact forms, email communications)
3. -Participation in trade fairs, networking events, or business meetings
4. -Visits to our showroom or facilities
5. -Third-party data providers (e.g. business data providers such as ZoomInfo)

The data processed is limited to professional contact information, such as:

• -Name
• -Job title
• -Company
• -Business email
• -Business phone number

3. Purpose of Processing

We process personal data for the following purposes:

• -Managing commercial relationships
• -Managing contact requests and communications
• -Identifying and contacting potential business clients
• -Sending business-related communications

4. Legal Basis

We process personal data under the following legal bases:

• –Consent, where applicable
• -Legitimate Interest (Article 6(1)(f) GDPR) for B2B marketing and business development

Our legitimate interest consists of promoting our products and services to professionals in a business context where such processing is expected and has minimal impact.

5. B2B Marketing

We may contact professionals in relation to our products and services.

Where we rely on legitimate interest:

• -Communications are relevant to the recipient’s role
• -We provide clear information about how we obtained the data
• -We include an opt-out option in every communication

6. Data Obtained Indirectly

Where personal data is not obtained directly from you, it may come from:

• -Third-party data providers
• -Business events
• -Public sources

7. Data Sharing and Group Companies

We may share personal data within the Kendu group of companies, including Kendu POS Corp. (USA), for business and operational purposes.

Kendu Retail S.L. acts as the primary data controller, and such intra-group transfers are carried out in accordance with applicable data protection laws.

8. Third-Party Providers

We may use third-party providers, including:

• -CRM platforms (e.g. Pipedrive)
• -Email marketing platforms (e.g. Mailchimp)
• -Business data providers (e.g. ZoomInfo)

These providers process personal data under appropriate contractual safeguards.

9. International Data Transfers

We may transfer personal data outside the European Economic Area (EEA), including to the United States.

Such transfers are safeguarded through:

• -The EU-U.S. Data Privacy Framework (DPF)

Our providers (e.g. ZoomInfo, Mailchimp) are certified under this framework.

10. Data Retention

We retain personal data only as long as necessary.

11. Data Subject Rights

You have the right to:

• -Access your data
• -Rectify inaccurate data
• -Request deletion
• -Object to processing (including marketing)
• -Restrict processing

You may exercise your rights by contacting: marketing@kendu.com

If you object to marketing, your data will no longer be used for that purpose

12. Security Measures

We implement appropriate technical and organizational measures to protect personal data.

13. Updates

We may update this Privacy Policy from time to time.