Art. 1 Confidentiality Rules
The General Data Protection Regulation of April 27, 2016 (hereinafter “GDPR”) has applied since May 25, 2018. It imposes strict rules and conditions on companies regarding the processing of their customers’ and prospects’ personal data, in order to protect their privacy.
For this reason, we aim to provide you with clear and precise information about the processing of your personal data.
Art. 2 Data Controller
The person responsible for processing your personal data is the individual in charge of the website you used and to whom you provided the data.
Art. 3 Legal Basis for Data Processing and Use
We can only use your personal data for legitimate and necessary purposes (Article 6 of the GDPR): In practice, this means that we process your personal data, whether in electronic format or otherwise, for legitimate purposes within the context of the contractual, commercial, and security relationship. These purposes include, among others, the following:
Communication of information, offers, and prospects;
Communications regarding the execution of a contract;
Art. 4 What Constitutes Personal Data
Personal data includes all information concerning you on the basis of which you can be identified. Anonymous data, which does not identify you, is not considered personal data. Your personal data may, therefore, include:
Identity data (surname, first name, address, Tax ID, etc.);
Personal data (phone number, personal email, etc.);
Financial data (bank account number, billing details, etc.);
Data related to the execution of the contract concluded with us (subject of the contract, billing address, professional data, etc.);
Data related to the use of electronic equipment, such as computers (password, registration data, electronic identification data, billing details, etc.);
Sensitive Data:
The processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, as well as the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, and data concerning a natural person’s sex life or sexual orientation is prohibited. We are committed to strictly complying with this prohibition.
How do we use your information?
Who do we share your information with?
Art. 5 Source and Origin of Personal Data
Normally, the data we hold comes from you.
If you do not intend to provide the required or necessary information, you may lose the benefit of certain advantages and/or we may decide to terminate the services we provide to you.
Art. 6 Access to Personal Data
Your data is primarily for internal use. For certain legitimate reasons, your personal data may be disclosed or even processed by third parties. However, we will ensure compliance with GDPR rules by our subcontractors. Data processing by the latter is governed by a strict legal framework.
Art. 7 Data Retention Period
We take the necessary measures to ensure that the retention of personal data for the purposes described above does not exceed the legal periods.
Art. 8 What are your rights?
We are committed to taking appropriate technical and organizational measures to ensure the security of the processing of everyone’s personal data (Article 32 of the GDPR).
Right of Access (Article 15 of the GDPR)
We grant everyone the right to access their own personal data and the right to obtain or make a reasonable copy of it.
Right to Rectification (Article 16 of the GDPR)
We recognize the possibility of requesting the rectification of inaccurate data.
Right to be Forgotten (Article 17 of the GDPR) and Right to Restriction of Processing (Article 18 of the GDPR)
We are committed to granting the deletion of your personal data, particularly in the following cases:
Data that is no longer necessary for the purposes for which it was collected or processed
You object to the processing
The personal data has been subject to unlawful processing
Right to lodge a complaint (Article 77 of the GDPR)
The customer has the right to lodge a complaint with the Spanish Data Protection Agency at any time if they consider that the processing of their personal data constitutes a violation of the GDPR.
Art. 9. Our Commitment
Our goal is to implement security processes to protect stored data against unauthorized access, misuse, manipulation, unlawful or accidental destruction, and accidental loss.
Art. 10. Procedure in Case of a Breach
There is always the possibility that personal data processed in the context of the contractual relationship may fall into the wrong hands as a result of human error, computer error, etc.
When the breach poses a high risk to the rights and freedoms of individuals, we will inform you immediately of the facts and the measures considered. We will ensure that the Spanish Data Protection Agency is notified within 72 hours of becoming aware of the breach in question, unless the breach does not pose a high risk to the rights and freedoms of individuals. (Articles 32-34 of the GDPR).
Your acceptance:
Art. 11. Consent
You give your express and unequivocal consent to the processing of personal data as described in this Privacy Policy. You have the right to withdraw your consent at any time upon written request. We reserve the right to modify this Privacy Policy.