We at Artesanía Graci, S.L. take your privacy very seriously. That is why this personal data protection policy (the “Policy”) has been created to help you understand the practices and conditions in which Artesanía Graci, S.L. (a limited company entered on the Spanish company and trade register under no. B95200895., having its offices at Ribera de Axpe, 11, Bizkaia, Spain) (“Graci”) gathers, uses and stores your personal data (the “Data”).

In this document you will find the various Data that we may collect and process or that you may provide to us when you access the https://graci.es website (the “Website”).

Use of the all the Website is subject to this Policy.

Given that laws and regulations on technology and personal data protection are constantly evolving, this Policy is likely to be updated.

If any of the clauses in this Policy should be declared null and void or contrary to regulations, that clause will be deemed nugatory, but will not result in any other clauses in this Policy becoming null and void.

This Policy applies to Data collected on forms enabling Users to:

  • Download the documentation available on the Website,
  • Register for the Forum and/or Userclub,
  • Contact us and/or contact our partner agencies,
  • Book training courses,
  • Notify us of illicit content,

Please read the Policy carefully to clearly understand our practices regarding the processing of your Data. Please be aware that you must agree to this Policy in order to view and/or use our Websites.

If you do not agree, please do not use our Websites.You are responsible for ensuring any Data provided to Graci is complete and up to date.



Depending on the nature and purpose of your interaction with Graci (downloading the solution, creating a user account in the Forum and Userclub, subscribing to one or more Newsletters, completing contact forms, and any telephone conversations), we may collect the following Data:

  • Your email address is required on all of our forms, specifically if you wish to:
    • Download the documentation available on the Website.
    • Register for the Forum and/or Userclub,
    • Contact us and/or contact our partner agencies,
    • Book training courses,
    • Notify us of illicit content,
  • Data relating to your identity, such as your full name, email address and telephone number may be required.
  • Data relating to browsing: Data relating to how you use the Websites, including: IP address, browser used, browsing duration, search history, operating system used, language and pages viewed.
  • Data about your visits to our Websites, including traffic data, logfiles and other data or communication resources used by you when accessing our Websites.
  • Data about social network use when you use those features.



Data can be collected in several ways on the Website.

It may be collected directly when you communicate with us through user account creation and Newsletter subscription forms available on our Websites, when you download the solution and documentation available on the Website, when you book training courses and when you notify us of illicit content.

Furthermore, we are likely to collect your Data when you use the various contact forms on the Website and/or communicate with Graci by telephone or email.

When you contact us via these various means, a copy of your conversation with Graci, including email addresses, is created and archived.

You can also send us information for publication (the “Contributions”) on our free access Websites or from other users and third parties.

Your Contributions posted on the Websites are published at your own risk.

Graci cannot control the actions of other users of the Websites on which you share your Contributions.

Therefore we cannot guarantee that your Contributions will not be viewed by unauthorised users.

Requests to delete Contributions published on the Websites must be sent to privacy@graci.es.

In some situations, Contributions cannot be deleted. In this case, you will be informed of the reason.

Graci also indirectly collects your Data through cookies and tracers. We invite you to read our Cookie Policy below, which is designed to help you better understand these technologies and how we use them on our Site and in our services, applications and tools..


Collect of your Data may be necessary:

  • To respect our contractual commitments;
  • To comply with the laws and regulations in force;
  • For Graci’s legitimate interest in order to develop its activity and improve its products and services.

We collect and use your Data to:

  • Display our Website and their content to you.
  • Enable us to contact you and/or put you in contact with our partner agencies,
  • Offer you the Newsletters, products and services you have requested,
  • Notify you of changes to our Websites and our range of products and services,
  • Uphold our rights and duties as stipulated in contracts signed with users, as well as for all other legal purposes.

Your Data is processed by Graci's employees tasked with:

  • Managing the Website,
  • Legal tasks.

Your Data may also, within the scope of our business and for external processing needs, be provided to subcontractors, service providers and other third parties.

Your Data may also be sent to any buyer or successor in the event of the merger, transfer, restructuring, reorganisation, dissolution or other sale or transfer of some or all of Graci’s assets due to uncertainties, bankruptcy, liquidation or other processes in which the Data of Users of Graci’s various websites are listed among the transferred assets.

Lastly, we may also disclose your Data:

  • To comply with legal mandates, laws and legal procedures, including governmental and regulatory requests,
  • If we deem that disclosure is required or appropriate within the scope of protecting the rights, ownership or security of Graci, our clients and other stakeholders. This disclosure includes exchanging information with other companies and organisations for the purpose of protecting against fraud and counterfeiting.

Links to third party websites

The Website may contain links to various social network platforms managed on third-party servers by people and organisations over which Graci has no control.

As such, we cannot under any circumstances be held liable for the way in which your Data is stored or used on those third-party servers.

We recommend that you read the applicable policy regarding personal Data protection for each third party website you access via our Website in order to understand how your Data will be used.



Graci only stores your Data for the period necessary for the purposes explained in Article 3.

This storage period varies according to the Data in question, as it may be affected by the nature and purpose of the collection. Similarly, certain legal obligations stipulate a specific storage period.

When you subscribe to our Newsletters, we store your email address until you unsubscribe.

When you contact Graci using the various contact forms or telephone number, your Data will be stored for three (3) years from the date of the last exchange with Graci, then deleted.


If you contact us to become a partner agency or partner, your Data will be stored for the full term of the contract period and for five (5) years from the date the contractual relationship ends.

Within the scope of the Forum and/or Userclub, your login data will be stored for one (1) year from the date of each login.

Data relating to your Forum and/or Userclub user account will be stored for the entire period of your registration and for two (2) years from the date you close your account.


When you want to download one of our guides and agree to receive our Newsletters or subscribe to our newsletters, your Data will be stored until you unsubscribe.

When you notify Graci of illicit content, the storage period for your Data may vary depending on the offence in question and its applicable statutory limitation period.

When you contact us through a contact form to take part in one of our training courses, all the Data relating to your participation in that course will be stored for ten (10) years from the course date.


Lastly, as regards the Data collected by means of cookies or tracers, they will be kept for the duration indicated in the Graci.es Cookie Policy below.



Your Data is stored on secure servers protected by firewalls and antivirus software.

We have implemented technical and organisational measures intended to protect the security and confidentiality of your Data against any accidental loss and any unauthorised access, use, modification or disclosure.


Given the inherent characteristics of the internet, we cannot guarantee the optimal security of information exchanged over this network.

We strive to protect your Data, but cannot guarantee the absolute security of information sent to the Website. You agree that you provide your Data at your own risk.

We cannot be held liable for any failure to comply with privacy settings and security measures implemented on our Website.

As such, you agree that the security of your information is equally your responsibility. For instance, you are responsible for keeping your user account password confidential.

Never provide it to any third parties. Similarly, be careful when you share information in the public sections of the Website as they can be viewed by all Website users.



You can choose how the Data you provide is used:

  • You can browse the Website without providing Data.
  • You can decide to no longer receive the newsletter.

Simply unsubscribe using the link in the email with the newsletter.

  • You can decide not to provide your email address in the various contact forms.

Please be aware that in this case you cannot receive a reply from Graci or the partner agency you want to contact.


In any case, you can access your Forum and Userclub user accounts at any time to view and update your Data.

In accordance with the provisions of the applicable regulations regarding Data protection, namely the European General Data Protection Regulation 2016/679 (the “GDPR”), you have the right to access and correct your Data.

You also have the right to stipulate directives relating to the fate of your Data in the event of your death.


Furthermore, subject to the conditions of the aforementioned regulation for exercising your rights, you have:

  • The right to erasure of your Data,
  • The right to limit processing of your Data,
  • The right to object to the processing of your Data on legitimate grounds, in accordance with article 21 of the GDPR,
  • The right to portability for the Data you have provided,
  • The right to withdraw consent, when it has been asked.


When processing of your Data has occurred based on your consent, you may withdraw that consent at any time. However, you acknowledge that any processing that occurred before your consent was withdrawn remains entirely valid.

You also have the right to object, without providing a reason, to Graci profiling you based on your Data, when content or communications are sent for commercial solicitation.


However, in accordance with Article 12.6 of the GDPR, when you exercise these rights, Graci, as the controller, reserves the right to require proof of your identity. Please be aware that the data required to prove your identity will be deleted once we have responded to your request.

You can exercise your rights by sending an email in French, English or Spanish to privacy@graci.es or writing to:

Artesanía Graci S.L

Ribera de Axpe, 11, Edif. C-2 Local 204, 48950, Bizkaia, Spain.


We are required to reply within one (1) month to all requests regarding the exercising of these rights. This timeframe may be extended to two (2) months for complex requests and large request volumes.


Lastly, you also have the right to lodge a complaint with CNIL (the French National Commission for Information Technology and Civil Liberties), namely via its website at www.cnil.fr.



Data collected within the scope of using the Websites is hosted by , 71 avenue André Roussin, BP 50067, 13321 Marseille, Cedex 16, France, whose servers are located in the European Union, Canada and the United States.

As such, your Data may be transferred outside of the European Union, to the United States for hosting purposes.

By using the Websites, you agree to your Data being transferred to those servers.




When you visit or use the website https://www.graci.es, Graci and our partner service providers may use cookies and any other tracing/tracking/automatic data collection technologies to store information that can be used to offer you an improved, faster, more secure experience.

The purpose of this cookies policy (the “Policy”) is to help you better understand these technologies and how we use them.


Cookies are small text files (normally comprising letters and numbers) stored in the memory of your browser or device when you visit a Website or view a message. 

They enable a Website to recognise the browser or device. Like most Websites, Graci mostly uses technologies through little data files stored on your device which enable us to save certain information when you visit or use our Website.

There are several types of cookies: 

- Session cookies: these expire when you close your browser and enable us to link your actions during this specific session.
Persistent cookies: these are stored on your device between browser sessions and enable us to remember your preferences and actions on several websites.
Proprietary cookies: these are issued by the website you are visiting.
Third-party cookies: these are issued by a third party website separate from the website you are visiting.


Our cookies have various purposes. They may: 

  1. Be required for our services to operate;
  2. Help us improve our performance;
  3. Offer you extra features; 
  4. Help us offer you relevant, targeted advertising.

We use cookies and other similar tracking technology stored on your device only while your browser is open (session cookies), and cookies and other similar technology stored on your device for a longer period (persistent cookies).


  • Necessary cookies  

Graci issues session cookies which are strictly necessary for the Websites’ correct operation and your browsing on them.


Cookie set by

Cookie name

Cookie purpose




Contains the current language.

12 months


Records the user session ID.

Identifies the http session of the user and its requests during a session.



Determines whether JavaScript is enabled for Drupal to perform operations that enhance the user experience.

End of browsing session


  • Analytical cookies 

No analytical cookies are used.


  • Advertising and profiling cookies

No advertising cookies are used


  • Cookies or tracers allowing you to personalize your navigation

No tracers are used.


  • Social network cookies

Graci’s services may include third-party applications giving you the option of sharing content on social networks.

For more information about the utilisation of data collected by social networks, you may consult the following pages :


Cookie set by

Cookie name

Cookie purpose




Encrypted Facebook ID and Browser ID

3 months




Enables tracking of the use of integrated services.

12 hours


Allows the storage of custom variables such as language.

End of the browsing session


Enables tracking of the use of integrated services.

12 months


Enables tracking of the use of integrated services.

24 hours


Allows Linkedin to offer you targeted advertising.

2 months




Identifies visitors from Twitter

13 months



Certain Website features, services, applications and tools are provided to you solely through these cookies and tracers.

You can block, delete and deactivate these technologies if your browser or device allows.

However, doing so may result in certain Website features, services, applications and tools becoming unavailable. It may also result in you being asked to enter your password more often during your browsing session if the Website requires a user account to be created.

For more information on blocking, deleting and deactivating these technologies, refer to your browser or device settings.

Cookies and tracers may be deactivated and deleted using tools available on most browsers. As each browser offers different features and options, you will need to configure your preferences for each separate browser you use.


Below is a guide to managing and blocking cookies and tracers:

1/ If you use Internet Explorer™

In Internet Explorer, click on Tools, then Internet Options. Click on the Privacy tab and Advanced to display the Advanced Privacy Settings window.

Next, select Ignore Automatic Cookie Management and also select Block in the Third Party Cookies column.


2/ If you use Firefox™

Go to the browser’s Tools tab and select the Options menu.

In the window that appears, select the Privacy tab and configure the Storage Rules menu by selecting Use Custom Settings for History.

In the menu, you can choose to deselect Accept Cookies or select Never in the drop-down menu named Accept Third-Party Cookies.

You can also click on Display Cookies to view files that contain the name Graci, select them and delete them.


3/ If you use Safari™

In your browser, select the Safari menu, then Preferences.

Click on Privacy.

Click on Display Cookies.

Select the cookies containing the name Graci and click on Delete or Delete All.

After deleting the cookies, click on Finished.


4/ If you use Google Chrome™

Click on the Settings menu then click on Display Advanced Settings (bottom of the page).

Next, click on Content Settings and select Block Third Party Data and Cookies, then click OK to confirm your selection.

You can also click on Display All Website Data and Cookies, then search for Graci in the search bar at top right. You can then select the cookies you want to delete or click on Delete All.


5/ If you use Opera™

Open the Tools or Settings menu and select Delete Private Data. Click on the Detailed Options tab, then select the options you want or follow this link: http://help.opera.com/windows/10.20/fr/cookies.html