PRIVACY POLICYArt.1 Confidentiality RulesThe General Data Protection Regulation of April 27, 2016 (hereinafter GDPR, which stands for General Data Protection Regulation) has been applicable since May 25, 2018. It imposes strict rules and conditions on companies, within the scope of processing personal data of their customers and prospects, in order to protect their privacy.
For this reason, we aim to provide you with clear and precise information about the processing of your personal data.
Art.2 Data ControllerThe data controller for your personal data is the person in charge of the website you used and to whom you provided the data.
Art.3 Legal Basis for Data Processing and its UseWe can only use your personal data for legitimate and necessary purposes (Article 6 of the GDPR): This means in practice that we process your personal data, whether in electronic format or not, for legitimate purposes in the context of the contractual, commercial, and security relationship. These purposes include, among others, the following:
- Communication of information, offers, and prospects;
- Communications related to the execution of a contract;
Art.4 What Constitutes Personal DataPersonal data includes all information concerning you and based on which you can be identified. Anonymous data, which does not identify you, is not considered personal data. Your personal data may therefore include:
- Data related to your identity (surname, first name, address, NIF, etc);
- Data related to your person (phone number, personal email, etc);
- Financial data (bank account number, billing details, etc);
- Data related to the performance of the contract concluded with us (object of the contract, billing address, professional data, etc);
- Data related to the use of electronic equipment, such as computers (password, login data, electronic identification data, billing details, etc.);
Sensitive data:
The processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, as well as the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning the sexual life or sexual orientation of a natural person is prohibited. We are committed to strictly complying with this prohibition.
How Do We Use Your Information?
With Whom Do We Share Your Information?Art.5 Source and Origin of Personal DataNormally, the data we have comes from you.
If you do not intend to provide the required or necessary information, you may lose the benefit of certain advantages and/or we may decide to terminate the services we have with you.
Art.6 Access to Personal DataYour data is primarily for internal use. For certain legitimate reasons, your personal data may be disclosed or even processed by third parties. However, we will ensure compliance with GDPR rules by our subcontractors. The processing of data by the latter is governed by a strict legal framework.
Art.7 Data Retention PeriodWe take necessary measures to ensure that the retention of personal data for the purposes described above does not exceed legal periods.
Art.8 What Are Your Rights?We are committed to taking appropriate technical and organizational measures to ensure the security of the processing of personal data of each individual (Article 32 of the GDPR).
- Right of access (Article 15 of the GDPR)
We grant everyone the right to access their own personal data and the right to obtain or make a reasonable copy of it.
- Right to rectification (Article 16 GDPR)
We recognize the possibility to request rectification of incorrect data.
- Right to be forgotten (Article 17 of the GDPR) and Right to restriction of processing (Article 18 of the GDPR)
We commit to grant you the deletion of your personal data, particularly in the following cases:
- Data that are no longer necessary for the purposes for which they were collected or processed
- You object to the processing
- Personal data have been subject to illegal processing
- Right to file a complaint (Article 77 of the GDPR)
The customer has the right to file a complaint with the Spanish Data Protection Agency, at any time if he/she considers that the processing of his/her personal data constitutes a violation of GDPR.
Art.9. Our CommitmentOur goal is to implement security processes to protect stored data against unauthorized access, misuse, manipulation, illegal or accidental destruction, and accidental loss.
Art.10. Procedure in Case of BreachThere is always the possibility that personal data processed in the context of the contractual relationship fall into the wrong hands as a result of human error, computer error, etc.
When the breach entails a high risk to the rights and freedoms of individuals, we will inform you immediately about the facts and measures considered. We will ensure that the Spanish Data Protection Agency is notified within 72 hours of the notification of the breach in question, unless the breach does not entail a high risk to the rights and freedoms of individuals. (Articles 32-34 of the GDPR).
Your acceptance:
Art. 11. ConsentYou give your express and unequivocal consent for the processing of personal data as described in this Privacy Policy. You have the right to withdraw your consent at any time upon written request. We reserve the right to modify this Privacy Policy.