Legal Notice and Privacy Policy

I. Legal Notice

The data contained herein corresponds to the entity that owns the B2Brouter.net website.

  • Company name: B2Brouter Global S.L.,
  • Address: Avenida Diagonal 433.1-1, CP 08036, Barcelona (Spain)
  • Telephone: +34930132858
  • Email: comercial@b2brouter.net
  • Tax ID: ESB63276174
  • Registration: Registered in the Commercial Registry of Barcelona, Volume 35869, Folio 220, Page B-269081
  • Legal representative: Oriol Bausà Peris

II. Data Controller, scope

B2Brouter is a service provided by B2BROUTER Global S.L. (hereinafter, the “Provider”), which acts as Data Controller in accordance with the relevant data protection provisions. The full company details can be found on the website.

The protection of personal data is of the utmost importance to us. Therefore, we would like to inform you about what data we collect, and when and how we process it. This Privacy Notice describes the collection and processing of personal data on the website www.B2Brouter.net (hereinafter, the “Website” or “Platform”).

The Data Controller offers a service for issuing, sending and receiving electronic invoices, in accordance with the applicable regulatory provisions. The service is intended only for Users acting for commercial purposes and who, therefore, do not qualify as consumers.

The Data Controller also processes Personal Data for statistical and market analysis purposes, for example, based on user groups, type of business and market areas, and evaluates such data anonymously. You will find more details in the relevant sections of this Privacy Notice.

III. General information on data processing

1. Purpose of processing

In principle, we only process Users’ personal data if this is necessary to provide a functional Platform, offer our content and services, and conclude or perform contracts with Users.

2. Legal basis for the processing of personal data

Most of the time, we process personal data in accordance with one of the following legal bases:

  • Consent. Whenever we collect the data subject’s consent for the processing of personal data, art. 6.1 letter b. of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
  • Legal obligation. If the processing of personal data is necessary to comply with a legal obligation to which the Data Controller is subject, art. 6.1 letter c GDPR serves as the legal basis.
  • Contract or pre-contractual measures. If the processing of personal data is necessary for the performance of a contract to which the data subject is party, art. 6 para. 1 letter b GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
  • Legitimate interests. If the processing is necessary for the legitimate interests pursued by the Data Controller or a third party and if such interests are not overridden by the interests, rights and fundamental freedoms of the data subject, art. 6.1 letter f GDPR serves as the legal basis.

Unless otherwise specified in this Privacy Notice, the processing of your personal data is necessary for the performance of a contract with you or in the context of pre-contractual measures carried out at your request and, therefore, the legal basis for the processing is art. 6. 1 letter b) GDPR.

3. Data deletion and retention period

In principle, and unless otherwise stated, your personal data will only be retained until the purpose of the collection and storage has been achieved. If the retention is based on your consent, personal data may be stored for as long as such consent is not withdrawn.

In addition, data may be retained if required by legal provisions, laws or European or national regulations to which we are subject. Personal data will be blocked or deleted if the retention period established by such regulations expires, unless further storage is necessary for the conclusion or performance of a contract.

4. International transfers

Unless otherwise stated, all data processing operations take place within the countries of the European Economic Area.

  • Where the law of the Member States of the Union or of a third country requires the transfer of certain information, such transfer shall be carried out solely on the basis of the following safeguards:
  • Where the entities receiving the data are located in a country that has been declared by the European Commission as providing an adequate level of protection, such as Japan, New Zealand or the United Kingdom.
  • A legally binding and enforceable instrument between public authorities or bodies
  • Binding corporate rules.
  • Standard data protection clauses adopted by the Commission

IV. Processing of personal data in general.

Regardless of whether you use any of the website’s functions, such as creating user accounts, we automatically collect data about your use of the website. This includes, in particular, the URL from which the website was accessed, the date and time of access, the volume of data transferred, the HTTP status code of the access response, the web browser and the HTTP referrer, as well as the IP address.

We collect and process this data to ensure the operation and availability of the website. It is also used to analyse, store and evaluate information about user behaviour anonymously and to continuously improve and develop our service.

We only store your IP address in log files for a limited period of time, where necessary for security reasons.

These purposes constitute our legitimate interest, which justifies the processing of data in accordance with art. 6. 1 letter f) GDPR.

V. Processing of data when creating a user account and company profiles

When creating a user account, we store the following data: name and surname, email address, language. Your user account will be completed with this data, enabling you to set preferences and track your activity.

The following additional personal data will be collected once the user account has been created in order to create one or more profiles (“Company Profile”) and use the electronic invoicing functions: name and surname (if a natural person), trade name and/or company name (if a legal entity), tax ID and/or other tax identification number, full address, name and surname of a reference person, telephone number, currency, self-employed professional status (yes/no).

The provision of all the data mentioned above is necessary to perform the contract we have entered into with you and to provide you with the corresponding service. Failure to provide this data will result in the unavailability of our services.

Additional data and information may be provided voluntarily.

VI. Processing of personal data when issuing or receiving invoices

When issuing invoices through our system, you must provide the data relating to the invoice recipient: country, VAT number and/or other tax identification number, name and surname (if a natural person), trade name and/or company name (if a legal entity), full registered address, currency, email address of a contact person.

Additional data and information may be provided voluntarily.

Your responsibility when providing personal data or information relating to third parties to our Platform is governed by the B2Brouter Terms and Conditions of Service and by applicable law.

VII. Processing of personal data when receiving support or contact requests

If you send us a support request through the Platform, we will only collect the data and information you provide when describing the reason for your request. The provision of personal data is not necessary for this purpose. If personal data is provided, it will only be used to process and respond to your request.

If you contact us through the contact form available on our website, you must provide the following personal data: name, surname, email address and telephone number. This information will only be used to process and respond to your enquiry.

VIII. Processing of data through Data Processors

In order to provide our services, we may cooperate with selected external providers that process data on our behalf (“Data Processors”). This may be the case, for example, when we need to send email notifications to Users for contractual purposes. Such email could be managed and sent through a third-party service.

Similarly, if the service is provided for a fee, payments will be processed through one of the Data Processors with whom we cooperate. Therefore, payment data will be collected and processed directly by the selected payment service provider, which will inform us about the status of the payment. We do not collect or store any personal data regarding payment methods, except for the data necessary to process the payment, following acceptance of these conditions.

If you decide to use our factoring option, your personal data and that of your invoice recipients will be transferred to the factoring service provider with whom we work. The transfer of data will only be carried out with your authorisation.

To the extent required by law, we enter into agreements in accordance with article 28 of the GDPR with Data Processors, including payment service providers that process your personal data on our behalf.

IX. Processing of data through a Data Processor

B2Brouter is part of the team.blue group. Without prejudice to the fact that B2Brouter maintains its activity and service provision independently, certain data communications within the group may be carried out under the terms indicated below:

The team.blue group, led by team.blue N.V. and made up of several brands and subsidiaries, may improve coordination and resource allocation through the internal exchange of data. This enables more efficient collaboration on product improvements, campaigns and customer support.

Customer data, such as contact details, user data, billing data and purchase information, may be shared with team.blue N.V. for marketing statistics, internal administration and reporting purposes, but only to the extent necessary for the intended use and with appropriate protection measures to prevent unauthorised access or disclosure.

X. Additional information on the processing of Personal Data. Files uploaded to the B2Brouter validator

B2Brouter guarantees the privacy and security of the files uploaded to the Validator, ensuring that no data is extracted, stored or processed beyond what is necessary to carry out the required validation. If the Validator user decides to register, the data will be used solely to create the account, subject to express acceptance of the use of this information.

XI. Use of Cookies

1. Description and scope of data processing

In order to improve the user experience on our website and enable certain functions, we implement cookies or other similar technologies (hereinafter collectively referred to as “Cookies”) on various pages. These are small data sets that are stored on the device. Some of the Cookies we use expire at the end of the browser session, i.e. after you close your browser (so-called session Cookies). Other Cookies remain on your device and allow us or our partner companies to recognise your browser or device on your next visit (persistent Cookies).

You can configure your browser preferences so that you are notified about the setting of Cookies and decide individually whether to accept or reject them in certain cases or in general. You can also manually delete cookies from your device at any time.

However, not accepting Cookies may result in limited functionality of our service.

Cookies are stored on the User’s computer and transmitted from there to our website. Therefore, as a User, you have full control over the use of Cookies. You can disable or restrict the transmission of Cookies by changing the settings of your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are disabled for our website, it may no longer be possible to use all the functions of the website in full. You can also manage your cookie preferences through recognised third-party services such as http://www.youronlinechoices.eu/ (if you are based in the EU).

2. Strictly necessary Cookies

Some of the Cookies we use are strictly necessary to enable us to provide the service you requested or to operate our Website and Platform. Some elements of our website require your browser to be identified after page changes. Such technical Cookies may collect personal information about you, such as your IP address, access information, etc.

3. Other Cookies

In addition, we use third-party Cookies to monitor and evaluate User behaviour for statistical and market analysis purposes. Such Cookies are provided by third parties and implemented on our Website. Please refer to the following sections for more details.

These Cookies allow us to analyse your use of the Website and continuously improve it. Analytics allows us to provide you with a better service that better meets your interests.

Unless otherwise specified, the legal basis for processing through cookies is your consent in accordance with article 6 .1 letter a) GDPR.

See B2Brouter’s cookie policy

XII. Promotional email messages

If we have collected your email address in the context of the purchase of one of our services, we may send you promotional email messages about our own products and services similar to those you have already purchased.

You may object to receiving such promotional email messages at any time free of charge by sending an email to gdpr@b2brouter.net. We will inform you of your right to object when collecting your email address and within each email sent.

The legal basis for data processing is art. 13 par. 2 of Dir. 2002/58/EC and the respective implementing provisions of Spanish law.

XIII. Rights of data subjects

As a data subject, you have the following rights under Data Protection Law:

Right of access – You have the right to request copies of your personal information from us.

Right to rectification – You have the right to ask us to rectify information you believe is inaccurate. You also have the right to ask us to complete information you believe is incomplete.

Right to be forgotten – You have the right to ask us to delete your personal information in certain circumstances.

Right to object to automatic processing – You have the right to ask us to restrict the processing of your information in certain circumstances.

Right to information – If you have exercised your right to have the Data Controller rectify, erase or restrict processing, the Data Controller shall communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom the personal data concerning you has been disclosed, unless this proves impossible or involves disproportionate effort. You have the right to be informed about such recipients.

Right to object – You have the right to object to the processing of your personal data in certain circumstances. You will find more details in the box below this section.

Right to withdraw consent – You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

Right to data portability – You have the right to request that we transfer the information you have given us to another organisation, or to you, in certain circumstances.

Exercising your rights is free of charge. If you make a request, we have one month to respond to you.

If you wish to make a request, please contact us using the contact details indicated on the website or via email at gdpr@b2brouter.net

How to file a complaint with a data protection authority

You may also lodge a complaint with a data protection authority if you disagree with the way we have used your data. The data protection authority competent for us is: Agencia Española de Protección de Datos, C/ Jorge Juan, 6. 28001 – Madrid, Tel. +43 901 100 099 – +43 912 663 517.

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on article 6.1, letters e) or f) of the Personal Data Protection Law (GDPR); this also applies to profiling based on those provisions. The Data Controller shall no longer process the personal data unless it demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
If the personal data concerning you is processed for direct marketing purposes, you have the right to object at any time, without giving reasons, to the processing of personal data concerning you for such marketing, including profiling to the extent that it is related to such direct marketing.

XIV. Amendments to this Privacy Notice

Due to the dynamic development of the Internet, new technologies and possibilities are constantly developing. In order to offer you these possibilities and technologies, we reserve the right to amend this Privacy Notice in the future when new or additional services or service elements are introduced, or when existing services or service elements are changed or expanded.

If the change to the Privacy Notice only affects the use of data in general and does not affect the use of data within the scope of a user account, the new Privacy Notice shall apply from the date of its update on the website.

A change to the Privacy Notice that concerns the use of data already collected and stored in your user account shall only take place if it is reasonably acceptable to you. If the amendments to the Privacy Notice concern the use of data already collected and stored in your user account, we will notify you in due time by email, on our website or by any other suitable means. You have the right to object to the new Privacy Notice within six weeks of receiving the notification. In the event of an objection, we reserve the right to delete your user account. If no objection is made within the aforementioned period, the amended Privacy Notice shall be deemed accepted by you. We will inform you in the notification of your right to object and of the importance of the objection period.

The Legal Notice and Privacy Policy were last updated on 05 March 2022.