Data Protection Policy
Data Protection Policy
Last updated: April 2026
Bass Lab Hub respects your privacy and is committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR – Regulation (EU) 2016/679) and the Spanish Organic Law 3/2018 on Personal Data Protection and Guarantee of Digital Rights (LOPDGDD).
1. Data Controller
Controller: Danev Rado Georgiev (trading as Bass Lab Hub)
NIE: Z3430395L
Registered Address: Calle Rojas 2, Floor 2, Apartment 4, 29014 Málaga, Spain
Phone: +34 627 898 763
Email: danevrado@gmail.com
2. Personal Data We Collect
We collect the following categories of personal data:
- Identification & Contact Data: name, surname, email address, phone number, postal address
- Account & Order Data: username, password, order history, purchased products, payment and delivery details
- Technical Data: IP address, browser type, device information, operating system, cookies and website usage data
- Marketing Data: communication preferences and consent records
3. Purposes and Legal Basis
| Purpose | Legal Basis (GDPR) |
|---|---|
| Creating and managing your user account | Performance of a contract (Art. 6.1(b)) |
| Processing orders, payments, shipping and returns | Performance of a contract + Legal obligation |
| Providing customer support and handling warranty claims | Performance of a contract + Legitimate interest |
| Sending newsletters, offers and promotional communications | Consent (Art. 6.1(a)) or Legitimate interest |
| Improving our website, analytics and fraud prevention | Legitimate interest (Art. 6.1(f)) |
| Complying with legal and tax obligations | Legal obligation (Art. 6.1(c)) |
4. Sharing Your Personal Data
We may share your data with:
- Payment service providers and banks
- Courier and logistics companies (SEUR, MRW, DHL, Correos, etc.)
- IT and hosting service providers (acting as data processors)
- Public authorities when required by law
We do not sell your personal data to third parties.
5. International Transfers
Some service providers may be located outside the European Economic Area. In such cases, we ensure adequate protection through Standard Contractual Clauses approved by the European Commission.
6. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected or as required by applicable law (generally up to 6 years for contractual and fiscal purposes).
7. Your Rights
You have the following rights under GDPR and LOPDGDD:
- Right to access, rectify or erase your data
- Right to restrict or object to processing
- Right to data portability
- Right to withdraw consent at any time
- Right to lodge a complaint with the Agencia Española de Protección de Datos (AEPD) at www.aepd.es
To exercise any of these rights, please contact us at danevrado@gmail.com.
8. Cookies
Our website uses cookies and similar technologies. Please see our We Use Cookies page for more details.
9. Changes to This Policy
We may update this Data Protection Policy from time to time. Any changes will be posted on this page with an updated date.