Privacy Policy

Thevaluefactory SL, having its registered office in Barcelona, Pg. de Sant Joan 6, Pral. 1º, 08010, BARCELONA. VAT No. ESB66175910 and Fiscal Code No. B66175910 (hereinafter, “Controller”), manager of the website arcane-atlas.uk (hereinafter, the “Website”), its capacity as data controller in relation to personal data pertaining to the users using the Website (hereinafter, the “Users”) hereby provides the privacy policy pursuant to art. 13 of the Regulation EU 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter, “Regulation” or “Applicable Law.

The Controller takes the outmost account to the privacy rights and to the protection of its Users’ personal data. For any information in relation to this privacy policy at any time whatsoever, the Users may contact the Controller using the following modalities: • Sending a registered letter to the registered office of the Controller Thevaluefactory SL, Pg. de Sant Joan 6, Pral. 1º, 08010, BARCELONA. • Sending an email to contact@thevaluefactory.es

The Controller is registered with the UK Supervisory Authority, the Information Commissioner’s Office (the ICO) under registration number ZB617902. The Controller has appointed the UK Representative. If you wish to exercise your rights under the UK General Data Protection Regulation (UK GDPR) or have any queries in relation to your rights or privacy matters generally please contact our Representative.

Contact Details: Name: UK Representative UK office tel: +44 (0) 1772 217800 Email: contact@gdprlocal.com

UK Representative Address: GDPR LOCAL LTD 1st Floor Front Suite, 27-29 North Street, Brighton, England, BN1 1EB

1. Purposes of data processing

The Users’ personal data will be processed by the Controller lawfully pursuant to art. 6 of the Regulation for the following processing purposes:

a) contractual obligations and service’s supply, in order to consent to the User the use of the Website or to give execution to the request of the User to receive advertising and promotional communications (receiving advertising material, direct sale, commercial communication) or to being contacted by the Controller, by means electronic mail, for proposals relating to products and/or services offered by the Controller and/or selected third parties companies, for offers, promotions and commercial opportunities. Without prejudice to what is stipulated elsewhere, under no circumstances the Controller will make the personal data accessible to other Users and/or third parties.

Selected third party companies include:
We Breathe Media - https://webreathemedia.com/privacy-policy with Client Portfolio https://webreathemedia.com/client-list
MDeg Limited - https://mdeg.co.uk/privacy-policy/

b) accounting-administrative purposes, or in order to carry out organisational, administrative, financial and accounting activities, as internal organisational activities and activities aimed at fulfilling contractual and precontractual obligations;

c) legal obligations, or in order to fulfil obligations provided by the law or the European laws and regulations.
Providing the personal data for the processing purposes specified above is optional but necessary, since failing to provide the same imply the impossibility for the User to take advantage of the services offered by the Controller through the Website.

The User may revoke the consent given at any time whatsoever upon request to the Controller following the methods specified under the following paragraph 4. The User may also easily oppose to the sending of further marketing communications (by e-mail) also clicking on the specific revocation link for revoking the consent, which is included in each marketing e-mail

The Controller hereby informs that, following the exercise of the right to object to the sending of marketing communications, it could be possible due to technical issues (i.e. sending list already completed a little before the receipt by the Controller of the objection request) the relevant User continues receiving further marketing messages. In the event that the User continues receiving marketing messages once elapsed 24 hours from the exercise of the objection right, please flag such issue to the Controller, using the contacts specified under the following paragraph 4.

2. Processing methods and data retention

The Controller will carry out the processing of Users’ personal data by manual and IT instruments, applying logics strictly connected to the purposes and, in any case, so that the safety and confidentiality of the relevant data is guaranteed. Users’ personal data may be transferred outside of the EU but the Controller has affirmation that those companies have taken equivalent internet security measures that adhere to the EU General Data Protection Regulation.

Users’ personal data will be retained for the time strictly necessary to carry out the relevant purposes described in the previous paragraph 1, and in any case for the time necessary for the protection of the civil interests of the Users and of the Controller.

3. Data disclosure and dissemination

Controller’s employees and/or workers appointed to manage personal data may become aware of any Users’ personal data. Such subjects, who are formally appointed by the Controller as persons in charge for the processing, will process the relevant User’s data exclusively for the purposes specified under this policy and in compliance with the provisions of the Applicable Law.

Furthermore, third parties which may process personal data for the account of the Controller may become aware of any Users’ personal data in their capacity as “external data processor”, such as, including, but not limited to, providers entrusted with the sending of marketing e-mails for the account of the Controller, outsourcing or cloud computing services providers, professionals and advisors.

External data processors are as well:


Users have the right to obtain a list of the data processor (if any) appointed by the Controller upon a specific request to be made to the Controller following the modalities specified under the following paragraph 4.

Campaigns and promotions may involve a variety of sectors, including but not limited to:
Retail, Automotive, Lifestyle, Charity, Utility, Telecommunications, Insurance, Publishing/Media, Entertainment/Gaming/Leisure, Public Sector, Financial Services, Travel, Mail Order, Health/Beauty, Education, FMCG (Fast-Moving Consumer Goods), Marketing Agencies and Brokers, Property, Pharmaceuticals, Pharmacy2u, Claims Companies, Short Term Loans, and other relevant sectors.

4. Data subjects’ rights

Users may exercise the rights granted to them by the Applicable Law, contacting the Controller with the following modalities:
• Sending a registered letter to the registered office of the Controller Thevaluefactory SL Pg. de Sant Joan 6, Pral. 1º, 08010, BARCELONA.
• Sending an email to contact@thevaluefactory.es

The Controller’s UK Representative is appointed to act on your behalf regarding our UK GDPR compliance, and to deal with the ICO and data subjects. Their details are:

Name: UK Representative UK office tel: +44 (0) 1772 217800 Email: contact@gdprlocal.com
UK Representative Address: GDPR LOCAL LTD, 1st Floor Front Suite, 27-29 North Street, Brighton, England, BN1 1EB

Pursuant to the Applicable Law, the Controller hereby informs that any Users has the right to obtain the indication of (i) the source of the personal data; (ii) the purposes and methods of the processing; (iii) the logic applied to the processing, if the latter is carried out with the help of electronic means; (iv) the identification data concerning data controller and data processors; (v) the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated data processor(s) or person(s) in charge of the processing.


Furthermore, data subjects have the right to obtain: a) access, updating, rectification or, where interested therein, integration of the data;
b) erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.

Furthermore, Users have:
a) the right to withdraw the consent at any time, when the processing is based on consent;
b) the right to data portability (if applicable), that is the right to receive all the personal data concerning the User, in a structured, commonly used and machine-readable format; the right to restriction of processing of the personal data; the right to erasure (right to be forgotten).
c)the right to object:
i) in whole or in part, on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;
ii) in whole or in part, to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys;
iii) if personal data are processed for direct marketing purposes, to object at any time to the processing for such marketing, which includes profiling to the extent that is related to such direct marketing.
d) the right to lodge a complaint with a supervisory authority (in the Member State of his or her habitual residence, place of work or place of the alleged infringement) if the User considers that the processing of personal data relating to him/her infringes the Regulation.

For UK data subjects, this is the Information Commissioner’s Office (the ICO), their contact details are as follows: Website: http://ico.org.uk/ Telephone: 0044 303 123 1113 Post: The Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.

The Controller is not responsible for updating all links that can be viewed in this Privacy Policy, therefore whenever a link is not functional and/or updated, Users acknowledge and accept that they must always refer to the document and/or section of the websites referred to such link.

5. Changes to this Privacy Policy

The Controller will make changes to this Privacy Policy from time to time. Please check this page regularly to see the most up to date policy. This privacy policy was last updated 5th February 2025.