The Directorate / Governing Body of Nougats Esteban CandelaEspi (hereinafter, the controller), assumes the maximum responsibility and commitment to the establishment, implementation and maintenance of this Data Protection Policy, ensuring the continuous improvement of the controller in order to achieve excellence in relation to compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council, 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (OJEU L 119/1, 04-05-2016), and spanish personal data protection legislation (Organic Law) , specific sectoral legislation and its implementing standards).

The ESTEBAN CANDELA ESPI Nougat Data Protection Policy rests on the principle of proactive liability, according to which the controller is responsible for compliance with the regulatory and jurisprudential framework governing this Policy, and is able to demonstrate it to the competent supervisory authorities.

In this sense, the controller will be governed by the following principles that must serve all its staff as a guide and reference framework in the processing of personal data:

1.- Protection of data from the design: the controller will apply, both at the time of determining the means of processing and at the time of the processing itself, appropriate technical and organizational measures, such as pseudonymization, designed to effectively apply the principles of data protection, such as the minimization of data, and integrate the necessary guarantees in the processing.

2.- Default data protection: the controller will apply the appropriate technical and organizational measures with a view to ensuring that, by default, only the personal data that are necessary for each of the specific purposes of the processing are processed.

3.- Protection of data in the information lifecycle: measures to ensure the protection of personal data will be applicable during the entire cycle of the information life.

4.- Legality, loyalty and transparency: personal data will be treated in a lawful, fair and transparent manner in relation to the data subject.

5.- Limitation of the purpose: personal data will be collected for specific, explicit and legitimate purposes, and will not be further processed in a manner incompatible with those purposes.

6.- Minimization of data: personal data will be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.

7.- Accuracy: personal data will be accurate and, if necessary, updated; all reasonable measures shall be taken to have unexpactable personal data without delay deleted or rectified with respect to the purposes for which they are processed.

8.- Limitation of the retention period: personal data will be kept in such a way as to allow the identification of the interested parties for no longer than is necessary for the purposes of the processing of personal data.

9.- Integrity and confidentiality: personal data will be treated in such a way as to ensure adequate security of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, through the application of appropriate technical or organizational measures.

10.- Information and training: one of the keys to ensure the protection of personal data is the training and information provided to the personnel involved in the processing of them. During the information lifecycle, all personnel with access to data will be conveniently trained and informed about their obligations in relation to compliance with data protection regulations.

The Data Protection Policy of TURRONES ESTEBAN CANDELA ESPI is communicated to all the staff of the controller and made available to all interested parties.

Consequently, this Data Protection Policy involves all the personnel of the controller, who must know and assume it, considering it as their own, being each member responsible for implementing it and verifying the data protection rules applicable to its activity, as well as identifying and providing the opportunities for improvement that it deems appropriate in order to achieve excellence in relation to its compliance.

This Policy will be reviewed by the Directorate / Governing Body of TURRONES ESTEBAN CANDELA ESPI as many times as deemed necessary, to adapt, at all times, to the current provisions on the protection of personal data.

Your safe data with us

Since our inception we have complied with the LOPD (Organic Data Protection Law and LSSICE) because we are interested that your data is safe and that you have a good shopping experience and services in our online store. Our files are registered with the Spanish Data Protection Agency, although with the new European law, the GDPR, is no longer necessary. The GDPR is a law at European level, very similar to the LOPD and aims for all users to be informed of what the data will be used for.

As a summary, without too many technical words:

It is important to note that since July 2018 our website is secure. We have implemented the https secure protocol (you can see it in the address bar) so that all communications are encrypted. Your passwords and data will be secure by secure algorithms and certificates. Moreover, our website is certified by Confianza Online, an agency that is responsible for auditing the online store to comply, among other things, with data protection in the forms, the conditions of contract, returns, etc.

When an order comes in we need the data for delivery. They are on our online platform, The delivery data of the order is obviously shared with the transport company so that the order is delivered (mails, shipping, redyser, fedex...). Even when it is shipped directly from the factory when it is shipped directly from the factory, only a reference known only to the transport company is not included. When the relevant invoices are made you can also share it with the advice.

When users sign up for our newsletter or ask us for discounts such as free shipping, they usually pass (name and email) a marketing email program like mailchimp, which takes care of making the relevant shipments where coupons or discounts appear. We use cookies to measure visits and advertise, like all websites. We also use advertising on Google and Facebook (also remárketing). If you are a customer, you will have been able to verify that the information we usually send especially in the time near Christmas, although our nougat motto all year round makes the rest of the year campaign in a timely manner.

If you have any questions about your data, you can send us an email to

Below is the most technical text on data protection.

Basic information on data protection

The privacy of all users of is very important to us, and below we will explain all the data that is saved in the system to make you a more enjoyable user experience.

We will not bombard you to emails and calls, much less considering that practically all of our activity is done during the last months of the year. At most, we will eventually inform you of some news and offer whenever you have registered as a user, or we will call you at the phone number provided by you if we need any information, for example, of an order.

Responsible for the turRONES ESTEBAN CANDELA ESPI treatment

Address of the responsible Avenida Alfonso x el sabio s/n, in front of the central market (Alicante)

Purpose Your data will be used to fulfill your requests and provide our services to you.

Advertising We will only send you advertising with your prior authorization, which you can provide us by means of the corresponding box established for this purpose.

Legitimation We will only process your data with your prior consent, which you can provide us by means of the corresponding box established for this purpose.

Recipients In general, only the staff of our entity that is duly authorized may be aware of the information we ask for.

Rights You have the right to know what information we hold about you, correct it and delete it, as explained in the additional information available on our website.

Additional information More information in the "YOUR INSURANCE DATA" section of our website.

Your safe data

In Europe and Spain there are data protection rules designed to protect your personal information of mandatory compliance for our entity.

Therefore, it is very important for us that you fully understand what we are going to do with the personal data we ask for.

Thus, we will be transparent and give you control of your data, with simple language and clear options that will allow you to decide what we will do with your personal information.

Please, if you have any questions with this information, do not hesitate to ask us.

Thank you very much for your cooperation.

Who are we?


Our CIF/NIF:21505344E

Our main activity: Online food sales

Our address: Avenida Alfonso X el Sabio s/N in front of the central market (Alicante)

Our contact phone number: +34 966297865--637494625

Our contact email address:

Our website:

For your trust and security, we are discharged from social security and finance as self-odd.

We are at your disposal, do not hesitate to contact us.

What are we going to use your data for?

In general, your personal data will be used to be able to relate to you and to provide you with our services.

They may also be used for other activities, such as sending you advertising or promoting our activities.

Why do we need to use your data?

Your personal data is necessary in order to be able to relate to you and to be able to provide you with our services. In this sense, we will provide you with a series of boxes that will allow you to decide clearly and easily on the use of your personal information.

Who will know the information we ask for?

In general, only the personnel of our entity that is duly authorized may have knowledge of the information we ask for.

Likewise, those entities that need access to it may be aware of your personal information so that we can provide our services to you. For example, our bank will know your details if the payment of our services is made by card or bank transfer.

In addition, public or private entities to which we are required to provide your personal data in connection with compliance with any law will be aware of your information. By giving it an example, the Tax Law requires the tax office to provide certain information about economic transactions that exceed a certain amount.

In the event that, apart from the above assumptions, we need to disclose your personal information to other entities, we will first ask for your permission through clear options that will allow you to decide in this regard.

How are we going to protect your data?

We will protect your data with effective security measures based on the risks involving the use of your information.

To this end, our entity has approved a Data Protection Policy and annual checks and audits are carried out to verify that your personal data is secure at all times.

Will we send your data to other countries?

In the world there are countries that are safe for your data and others that are not so safe. For example, the European Union is a secure environment for your data. Our policy is not to send your personal information to any country that is not secure from the point of view of the protection of your data.

In the event that, in order to provide the service to you, it is essential to send your data to a country that is not as secure as Spain, we will always ask in advance for your permission and apply effective security measures that reduce the risks of sending your personal information to another country.

How long are we going to keep your data?

We will retain your data during our relationship and as long as we are required by law. Once the applicable legal deadlines have been completed, we will proceed to eliminate them in a safe and environmentally friendly manner.

What are your data protection rights?

At any time you can contact us to find out what information we have about you, rectify it if it is incorrect and delete it once our relationship is terminated, if this is legally possible.

You also have the right to request the transfer of your information to another entity. This right is called "portability" and can be useful in certain situations.

To request any of these rights, you must make a written request to our address, along with a photocopy of your ID, in order to identify you.

In the offices of our entity we have specific forms to request these rights and we offer our help for their completion.

To learn more about your data protection rights, you can consult the website of the Spanish Data Protection Agency (

Can you withdraw your consent if you change your mind at a later time?

You may withdraw your consent if you change your mind about the use of your data at any time.

For example, if you were once interested in receiving advertising for our products or services, but no longer wish to receive further advertising, you can make it available to us through the object to the processing form available at our entity's offices.

If you understand that your rights have been neglected, where can you make a claim?

In case you understand that your rights have been neglected by our entity, you can make a complaint in the Spanish Data Protection Agency, through one of the following means:

Electronic headquarters:

Mailing address: Spanish Data Protection Agency C/ Jorge Juan, 6 28001-Madrid

Phone: Telf. 901 100 099 Telf. 91 266 35 17

Making a complaint with the Spanish Data Protection Agency comes at no cost and no lawyer or solicitor assistance is required.

Will we profile you?

Our policy is not to profile the users of our services.

However, there may be situations in which, for the purposes of providing the service, commercial or otherwise, we need to profile information about you. An example could be the use of your purchase history or services in order to offer you products or services tailored to your tastes or needs.

In such a case, we will apply effective security measures that protect your information at all times from unauthorized persons who intend to use it for your own benefit.

Will we use your data for other purposes?

Our policy is not to use your data for purposes other than those we have explained to you. If, however, we need to use your data for different activities, we will always ask for your permission in advance through clear options that will allow you to decide about it.

Browsing history

Turrones candela espi can store references of the last items visited by every user, both anonymous (visitors) and registered, in order to improve the browsing experience. This information may be used by candela espi nougats for the sending of information of interest to the registered user.

Access logs

These logs usually indicate data such as IP, ISP, browser and browser used, etc. although always anonymously. Specifically, we use Google Analytics to obtain all this statistical data that helps us know how users move around the web

Subscription to news

Turrones candela espi provides an alert system to alert its customers and users of the news that are being incorporated into the catalog of their website. In order to offer this service it is necessary that turrons candela espi souls the user's email address. Any user of the website is free to register in such email alert system. The user undertakes to register for the service only email addresses of which he/she owns. Turrones candela espi reserves the right to deny access to the service to those users who abuse it, in breach of these privacy conditions and / or the conditions of use of the website, being able to store the necessary user or machine data. The user will be able to claim to Candela Espi nougats their total and permanent discharge from the alert service by simply writing an email to the address: jijona [arroba] turronsCandela