KitCo For Personal Development (hereinafter, Responsible), is responsible for the processing of the User's personal data and informs you that these data will be processed in accordance with the provisions of Regulation (EU) 2016/679 of April 27 (GDPR ) and Organic Law 3/2018 of December 5 (LOPDGDD), for which the following treatment information is provided:


Treatment purposes

  • Maintain a contractual relationship, as well as manage the access and use of the User Services.
  • Maintain a commercial relationship with the User.
  • Send newsletters and commercial communications about KitCo Products and Services.

The operations planned to carry out the treatment are:

  • Sending of commercial advertising communications, communications in reference to the Services, technical issues or changes in them, by email, SMS, WhatsApp, social communities or any other electronic or physical means, present or future, that makes it possible to make communications. These communications will be made by the Responsible and related to its Services, or its collaborators or suppliers with whom it has reached a promotion agreement. In this case, third parties will never have access to personal data.
  • The data received by any of the means and/or contact channels indicated on the website are used for the purpose of managing commercial and/or technical assistance requests or any type of request made by the User.
  • Carry out statistical studies.
  • Submit the website newsletter.
  • Manage access and use of the User Services.

Legal bases of the treatment

  • The User has given his consent.
  • To respect a contractual obligation with the User.
  • To comply with legal obligations.
Data retention criteria

In compliance with the provisions of Law 25/2007, of October 18, on the conservation of data related to electronic communications and public communications networks, KitCo must retain certain data generated or processed by them, in order to make it possible for authorized agents to have them.

data communication 

The Responsible informs and expressly guarantees the User that their personal data will not be transferred in any case to third parties, except for:

  • In those cases in which it is necessary for the provision of certain services. 
  • Providers who need to access your data for the provision of services that KitCo has contracted with said providers, and with whom it has signed the necessary personal data processing contracts required by law to protect your privacy.
  • Public Administrations and banks to comply with the legal obligations to which KitCo is subject due to its activity.
    – We use PayPal to process your PayPal payments. You can find more information about how PayPal processes your personal data and your data protection rights, including the right to object, at
    – We use Stripe to process your payments through credit/debit cards. You can find more information about how Stripe processes your personal data and your data protection rights, including the right to object, at
Rights that assist the User

  • Right to withdraw consent at any time.
  • Right of access, rectification, portability and deletion of your data and the limitation or opposition to its treatment.
  • Right to file a claim with the control authority if you consider that the treatment does not comply with current regulations.
Contact information to exercise your rights

You can exercise the exposed rights, by writing, by sending an email to, attaching a copy of a legal document that identifies you.

Mandatory nature of the data provided

The Users, by marking the corresponding boxes and entering data in the fields, in the contact form or in the purchase form, expressly and freely and unequivocally accept that their data is necessary to meet their request, by of the Provider, the inclusion of data in the remaining fields being voluntary. The User guarantees that the personal data provided to the Controller is true and is responsible for communicating any changes to them.

All the data requested through the website are mandatory, since they are necessary for the provision of the Service to the User. In the event that all the data is not provided, the provision of the Service is not guaranteed.

Security measures

That in accordance with the provisions of current regulations on the protection of personal data, the Responsible Party is complying with all the provisions of the GDPR regulations for the processing of personal data for which it is responsible, and manifestly with the principles described in article 5 of the GDPR, for which they are treated in a lawful, loyal and transparent manner in relation to the interested party and adequate, pertinent and limited to what is necessary in relation to the purposes for which they are treated.

The Controller guarantees that it has implemented appropriate technical and organizational policies to apply the security measures established by the GDPR in order to protect the rights and freedoms of Users and has communicated the appropriate information so that they can exercise them.

Updated May 2021