PRIVACY POLICY
Article 1 Confidentiality Rules
The General Data Protection Regulation (GDPR) of April 27, 2016, came into effect on May 25, 2018. It imposes strict rules and conditions on businesses regarding the processing of personal data of their customers and prospects, aimed at protecting their privacy.
For this reason, we aim to provide you with clear and precise information about the processing of your personal data.
Article. 2 The data controller
The data controller for your personal data is the person in charge of the website you used and to whom you provided the data.
Article. 3 Legal basis for data processing and its use
We can only use your personal data for legitimate and necessary purposes (Article 6 of the GDPR): This means in practice that we process your personal data, whether in electronic format or not, for legitimate purposes within the context of the contractual, commercial, and security relationship. These purposes include, among others:
- Communication of information, offers, and brochures;
- Communications related to the execution of a contract;
Article. 4 What constitutes personal data
Personal data includes any information concerning you and based on which you can be identified. Anonymous data that does not identify you is not considered personal data. Your personal data may therefore include:
- Data related to your identity (last name, first name, address, tax identification number, etc.);
- Data related to your person (phone number, personal email address, etc.);
- Financial data (bank account number, billing details, etc.);
- Data related to the execution of the contract concluded with us (contract object, billing address, professional data, etc.);
- Data related to the use of electronic devices, such as computers (password, registration data, electronic identification data, billing details, etc.);
Sensitive data:
The processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, as well as the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning the sexual life or sexual orientation of a natural person, is prohibited. We are committed to strictly adhering to this prohibition.
How do we use your information?
With whom do we share your information?
Article 5 Source and origin of personal data
Normally, the data we have comes from you.
If you do not intend to provide the required or necessary information, you may lose the benefit of certain advantages and/or we may decide to terminate the services we have with you.
Article 6 Access to personal data
Your data is primarily for internal use. For certain legitimate reasons, your personal data may be disclosed or even processed by third parties. However, we will ensure that our subcontractors comply with GDPR regulations. The processing of data by these subcontractors is governed by a strict legal framework.
Article 7 Data retention period
We put in place the necessary means to ensure that the retention of personal data for the purposes described above does not exceed legal periods.
Article 8: What are your rights?
We commit to taking appropriate technical and organizational measures to ensure the security of processing personal data for each individual (Article 32 of the GDPR).
- Right of access (Article 15 of the GDPR)
We grant everyone the right to access their own personal data and the right to obtain or make a reasonable copy of it.
- Right of rectification (Article 16 of the GDPR)
We acknowledge the possibility to request the rectification of incorrect data.
- Right to erasure (Article 17 of the GDPR) and right to restriction of processing (Article 18 of the GDPR)
We commit to granting you the erasure of your personal data, particularly in the following cases:
- Data that is no longer necessary for the purposes for which it was collected or processed
- You object to the processing
- Personal data has been subject to unlawful processing
- Right to lodge a complaint (Article 77 of the GDPR)
The customer has the right to lodge a complaint with the Spanish Data Protection Agency at any time if they believe that the processing of their personal data constitutes a breach of the GDPR.
Article 9 Our commitment
Our goal is to implement security processes to protect stored data against unauthorized access, misuse, manipulation, illegal or accidental destruction, and accidental loss.
ARticle 10 Procedure in case of breach
There is always the possibility that personal data processed in the context of the contractual relationship may fall into the wrong hands due to human error, computer error, etc.
When the breach poses a high risk to the rights and freedoms of individuals, we will inform you immediately about the facts and the measures considered. We will ensure that the Spanish Data Protection Agency is notified within 72 hours of the breach being reported, unless the breach does not pose a high risk to the rights and freedoms of individuals. (Articles 32-34 of the GDPR).
Your acceptance:
Article 11 Consent
You give your express and unequivocal consent for the processing of personal data as described in this Privacy Policy. You have the right to withdraw your consent at any time by submitting a written request. We reserve the right to modify this Privacy Policy.