Privacy Policy

Our data protection policy is constructed and communicated in accordance with the applicable regulations, especially in relation to Regulation EU 2016/679 of the European Parliament and of the Council, relating to the protection of natural persons with regard to the processing of personal data and the free circulation of these data, and which repeals Directive 95/46/EC (hereinafter, RGPD) and Law 3/2018, of December 5, on Data Protection and Guarantee of Digital Rights.

The Company has also adopted the necessary technical and organizational measures to guarantee the confidentiality, security and adequate treatment of personal data, avoiding its alteration, loss, treatment or unauthorized access in accordance with the provisions of the applicable regulations. , taking effective measures and complying, in any case, with the level of security appropriate to the level of the data processed. This work is carried out continuously, taking into account legislative or societal developments.

This policy may vary over time due to possible legislative changes or other business management reasons. Every time a change occurs, it will be reflected immediately on the website, and appropriate communications will be made, where appropriate.

The firm manages data of natural persons in the performance of a position or professional function, as well as personal data in the private sphere.

Both categories have been taken into account when establishing this privacy policy. The entity can act as CONTROLLER or PROCESSOR. The privacy policy addresses and covers both types of action.

PURPOSE OF THE PROCESSING AND CONSERVATION OF DATA

We process the information provided to us by our clients and other interested parties for the following purposes:

a) PURPOSES OF A CONTRACTUAL NATURE, in relation to associates, suppliers, collaborators and employees, to manage the provision of the rights and obligations derived from the contractual relationship.

b) PURPOSES BASED ON THE CONSENT OF THE INTERESTED PARTY: For information purposes in relation to the activities and actions of the entity.

The Company will be responsible for providing the information and collecting the consents that are necessary for the commercial use of the data.

c) REGULATORY PURPOSES: For compliance with its legal and/or regulatory obligations.

d) PURPOSES BASED ON LEGITIMATE INTEREST, under the provisions of article 19 of the LOPDGDD (Organic Law 3/2018 of December 5) and article 6.1.f) of EU Regulation 2016/679.

The data are processed as DATA CONTROLLER, when they are collected and processed by us.

The data are processed as DATA PROCESSOR, when the firm processes the data to provide a service to a third entity that is responsible for the data.

DATA CONSERVATION

The personal data provided will be kept:

a) During the time required to fulfill the purpose for which they are collected, or for which the contractual relationship requires, including the time necessary, in accordance with the applicable regulations, to comply with the obligations and relevant actions that may arise from the same.

b) as long as its deletion is not requested by the interested party. being blocked when the first of the two events mentioned above occurs. From that moment on, it will be at the exclusive disposal of Judges and Courts, the Public Prosecutor's Office or the competent Public Administrations, in particular the data protection authorities, for the attention of possible responsibilities arising from the processing, during the limitation period. of this. Once the aforementioned period has expired, the data will be deleted. Profiling is not done.

LAWFUL TREATMENT

As CONTROLLER, the legal basis for processing your data is based on:

a) In the contractual relationship and execution of the contract signed with us.

b) In the event that you have expressly given your consent, the legal basis is said consent.

c) Legal legitimacy based on regulatory purposes.

d) In legitimate interest, under article 19 of the LOGPGDD.

As DATA PROCESSOR, it is up to the entity that has contracted us as a service provider, in its capacity as DATA CONTROLLER, to establish the legitimacy and treatment model.

RECIPIENTS OF THE DATA

The data is communicated to our collaborators who perform services such as subcontractors, legal firms and other collaborators in charge of processing. In these cases, the corresponding data processing contract is signed with the recipient, as required by the General Data Protection Regulation.

INTERNATIONAL DATA TRANSFERS

In relation to any transfer of your personal data to countries outside the EEA, the firm will implement appropriate specific measures to ensure an adequate level of protection of your personal data.

USER RIGHTS

a) Anyone has the right to obtain confirmation as to whether we are processing personal data that concerns them or not.

b) Interested persons have the right to access their personal data, as well as to request the rectification of inaccurate data or, where appropriate, request its deletion when, among other reasons, the data is no longer necessary for the purposes for which that were collected.

c) In certain circumstances provided for in article 18 RGPD, interested parties may request the limitation of the processing of their data, in which case we will only keep them for the exercise or defense of claims.

d) Interested parties may object to the processing of their data for marketing purposes, including profiling. The Foundation will stop processing the data, except for compelling legitimate reasons or the exercise or defense of possible claims.

e) By virtue of the right to portability, interested parties have the right to obtain the personal data that concerns them in a structured, commonly used and machine-readable format and to transmit it to another controller.

EXERCISE OF RGPD RIGHTS BY THE USER

By writing to the addresses indicated above.

USER RESPONSIBILITY

The User guarantees that the personal data provided through the form is true, and is obliged to communicate any modification thereof. Likewise, the User guarantees that the information provided corresponds to their real situation, that it is up to date and accurate. Furthermore, the User is obliged to keep their data updated at all times, being solely responsible for the inaccuracy or falsity of the data provided and for any damage that may be caused by this to the entity, SL as owner of the portal.

COMPLAINT BEFORE THE SPANISH DATA PROTECTION AGENCY

If you understand that the Foundation has not correctly resolved your request, you can request the protection of the Spanish Data Protection Agency, whose data you can consult at www.agpd.es.

DATA CATEGORIES

What categories of data do we process?

a) Identification data.

b) Data about your function or professional activity.

c) Economic data. Generally, special categories of articles 9 and 10 of the GDPR are not covered. If at any time this is the case, the entity will comply with the requirements of articles 9 and 10, and explicit consent will be collected.

The data received or collected is necessary to fulfill the indicated purposes, and is treated confidentially in accordance with the privacy and security policies established by the firm. The data received or collected are those necessary to fulfill the indicated purposes.

ORIGIN

As CONTROLLER, the personal data we process comes from the information that you provide us when you request services or resources, access our website, or establish any type of relationship with us, directly or indirectly.

As DATA PROCESSORS, the data comes from the DATA CONTROLLER, or we collect it for them during the provision of the service contracted with the DATA CONTROLLER.