In compliance with Regulation (EU) 2016/679 (GDPR) and Organic Law 3/2018 on Data Protection and Guarantee of Digital Rights (LOPDGDD), as well as its own ethical standards, the data controller informs you of the processing of personal data you voluntarily provide when accessing our website to use our online services.
We have implemented the necessary technical and organizational measures to prevent loss, misuse, alteration, unauthorized access, and theft of data, taking into account the current state of technology.
You may exercise your rights of access, deletion, erasure, restriction of processing, data portability, rectification, and objection by submitting a written request with proof of identity to the data controller via the contact email.
Data Collection Forms
Users expressly consent to the inclusion of provided data in processing operations, for which the website’s owner acts as the data controller, with the purpose of responding to your request. You may exercise your rights mentioned above at any time, without retroactive effect, by notifying us via the indicated email. Any information you provide via the forms must be truthful. You will be solely responsible for any false or inaccurate statements and any damages those might cause to the Company or third parties.
Legal Basis: User consent
Data Retention: As long as the user maintains consent.
Data Protection and JOB APPLICATIONS Information
Purpose of Processing
Manage the job application
Retention periods or criteria
If selected for the role, the CV will be kept in the employment file. If excluded or self-excluded, the CV may be retained for up to one year for future selection processes in your field of academic training and/or professional experience, unless you request deletion or object. The company reserves the right to delete data at any time without notice, with appropriate security to prevent data recovery. It is not responsible for the truthfulness or updating of the information provided.
No automated decisions or profiling are applied
Legal basis for processing
Consent from the data subject
Obligation to provide data and consequences
If you do not provide the requested information in job applications, your application may be dismissed.
Rights of data subjects
Applicants have the right to access, rectify, erase, port, restrict processing and/or object by sending an email or written request to our address above, properly identified.
Subscriptions
Users expressly consent to inclusion of their data in processing operations by the website’s controller, for the purpose of sending general information and newsletters. You may exercise your rights at any time by sending an email to the contact provided. All communications include a direct way to manage consent and unsubscribe.
Legal Basis: User consent
Data Retention: As long as the user maintains consent.
Data Protection – COMMERCIAL COMMUNICATIONS Information
Purpose of Processing
Enable the company to send general information and/or newsletters to the user
Retention periods or criteria
Information is retained while the user’s consent remains in force.
Rights of data subjects
Individuals have the right to access, rectify, erase, port, restrict processing and/or object by emailing or writing to our address above, properly identified.
Inclusion of Your Data in Commercial Processes
Users expressly consent to including their data in processing carried out by the website’s controller to manage your purchases and requests. You may exercise your rights at any time by emailing us. All provided information must be truthful; you are responsible for inaccuracies, which could prevent the completion of the purchase or payment process.
Legal Basis: Fulfillment of contract and legal obligations
Data Retention: Statutory period
Transfers: Financial entities, competent Public Authorities
Security in Transactions
The company ensures complete security and confidentiality of payment data. Card or mobile device details are transmitted encrypted via SSL. The company has verification measures in place and reserves the right to reject purchases if the payment instrument is not owned by the purchaser, was fraudulently obtained, or indicates potential fraud.
Requests from law enforcement must be submitted via email to the contact on the website.
Note that external payment processors may have additional anti-fraud measures beyond the company’s control or responsibility.
Using a third-party’s payment instrument is prohibited unless expressly authorized by them; you bear responsibility for such authorization and any resulting damages.
User Registration
Users expressly consent to the processing of their data for the purpose of registering as users on our platforms, under the controller’s authority. You can exercise your rights at any time via email. All provided info must be accurate and you’re responsible for errors, which may prevent or delay registration.
The company may send you information about platform actions or events; you can object via received messages.
Legal Basis: Consent and legal obligations
Data Retention: Statutory duration and/or while consent lasts.
Events and Activities
Users expressly consent to data processing for participation in events and activities organized by the company. You may also allow the company to publish your data on its websites and social networks. Your data may be used for communications regarding the specific event/activity and similar future ones.
Data Protection – ACTIVITIES AND EVENTS Information
Purpose of Processing
Participation in an activity or event organized by the company. Publication of user IDs and messages. Contact with users.
Retention periods
Information is retained while consent remains valid.
Rights of data subjects
Individuals have the right to access, rectify, erase, port, restrict processing and/or object by email or written request to the address above, properly identified. You may also lodge a complaint with the Spanish Data Protection Authority, www.aepd.es
Data Protection Information: Call recordings at the switchboard; Video call and meeting recordings.
Header
Information
Purpose of Processing
Recordings of calls received at the company’s switchboard to monitor service quality and capture orders, changes, etc. Recordings of video calls and meetings with potential or confirmed clients.
Retention periods
The data will be kept for the necessary periods depending on the relationship with the caller. For clients, if relevant to the contractual relationship, data will be retained during the commercial relationship and for five additional fiscal years.
Automated decisions, profiling and logic applied
No profiling analyses are carried out
Legal basis for processing, in cases of legal obligation, public interest or legitimate interest
Legitimate interest in evaluating the quality of service provided by staff. Contractual obligations, client agreements, consent.
Obligation to provide data and consequences of not doing so
If you do not accept recordings, the telephone channel cannot be used to communicate with the data controller.
Recipients of Data Sharing or Transfers
No transfers to third parties are foreseen. The entity uses Cloudtalk for recording and transcribing conversations (www.cloudtalk.io). Under its security policy, data is stored only in the EU.
How to exercise your rights of access, rectification, deletion, portability, and restriction or objection to processing
You may exercise your rights via the contact email or by written request including proof of identity
Right to withdraw consent
You may withdraw your consent with the consequences described above
Right to lodge a complaint with the supervisory authority
You may lodge a claim with the Spanish Data Protection Authority (AEPD).
How We Obtain Your Data
The data controller obtains your data from the following sources:
Web forms
Contacts
Meetings and calls
Specifically, the data we process includes the following categories:
Identifying data
How long do we retain your data?
We process your personal data only as long as necessary for the purpose for which it was collected.
You may:
Maintain consent for commercial actions; if you previously consented, we will process your data for those actions.
Revoke consent for commercial actions; we will block your data.
After blocking, the company will not access your data, and will only process it for sharing with Public Authorities, Courts, or the Public Prosecutor’s Office in case of legal obligations related to data processing, particularly for claims before the AEPD. Blocked data will be retained as required by law or contractual relationships, and will be physically deleted once those periods have passed.
Recipients
Personal data is not shared with third parties, except as required by law. No international data transfers are made to third countries.
The company follows strict criteria when selecting service providers, and will sign a data processing agreement requiring them to apply appropriate technical and organizational measures; process data only for agreed purposes, following the controller’s instructions; and delete or return data to the controller when services end.
Origin
Personal data is obtained directly from data subjects. The categories of personal data we receive from our collaborators are:
Identifying data.
Postal or email addresses.
No special category data is processed.
Rights
Right of Access, Rectification, and Deletion: Data subjects have the right to know whether the company is processing their personal data. They also have the right to access their personal data, request correction of inaccuracies, or request its deletion when, among other reasons, it is no longer needed for its original purpose.
Right to Restriction and Objection: In certain circumstances, you can request processing restrictions, in which case data will only be kept for legal claims. You may object to data processing on grounds related to your situation; data will stop being processed unless the company has compelling legitimate grounds or is required for legal claims. These rights may be exercised via any communication method to the company, including email, with proof of identity.
If you believe your rights have not been properly addressed, you may lodge a complaint with the Spanish Data Protection Agency, www.aepd.es.
Security Measures
We have adopted the levels of data protection mandated by applicable law and additional technical and organizational measures to prevent alteration, loss, unauthorized processing, or access to personal data. Appropriate security measures, including Secure Socket Layer (SSL) encryption, are used to ensure data confidentiality. Our server is certified, allowing your browser to verify our identity before transmitting information. The SSL protection can be confirmed via a padlock icon in your browser, which shows the certificate when clicked. However, users should be aware that internet security measures are not infallible.
Dark Patterns:
The website does not collect indirect data or information. Legal texts accurately reflect user data collection, identify the recipients, and purpose and uses of the data. If in doubt, you may contact the data controller at any time for clarification on how your information is used.
Users’ consent for data processing is obtained clearly and transparently. Purposes of data use are stated, and users are informed before consenting. Other legal bases are explained in the privacy policy. Users are not coerced into consent nor manipulated via color schemes or highlighted options.
Updates and Modifications
We reserve the right to modify or update data protection information as needed to comply with data protection law. If changes are made, the new text will be published on this page; the user relationship will be governed by the terms in place at the time of access to the website.
Communication and Support Channel
Data subjects may direct any questions regarding data processing or the interpretation of our policy to the contact email or address provided above.
