Art.1 Confidentiality rules
The General Data Protection Regulation of 27 April 2016 (” GDPR ” hereinafter GDPR, which stands for the General Data Protection Regulation) applies from May 25, 2018. It imposes strict rules and conditions for companies, within the scope of processing personal data of their customers and prospects, and this in order to protect their privacy.

For this reason, we aim to provide you with clear and accurate information about the processing of your personal data.

Art.2 The data controller
The person responsible for the processing of your personal data is the person in charge of the website you used and to whom you communicated the data.

Art.3 Legal basis for data processing and use
We may only use your personal data for legitimate and necessary purposes (Article 6 of the GDPR): This means in practice that we process your personal data, whether in electronic form or not, for legitimate purposes in the context of the contractual, business and security relationship. These purposes include, but are not limited to, the following :

Communication of information, offers and prospectuses;
Communications in connection with the performance of a contract;

Art.4 What constitutes personal data
Personal data includes all information concerning you and on the basis of which you can be identified. Anonymous data, which do not identify you, are not considered personal data. Your personal data may therefore include :

Data related to your identity (last name, first name, address, VAT number, etc.);
Data related to your person (telephone number, personal e-mail address, etc.);
Financial data (bank account number, billing details, etc.);
Data related to the performance of the contract concluded with us (subject of the contract, billing address, professional data, etc.);
Data related to the use of electronic equipment, such as computers (password, registration data, electronic identification data, billing details, etc.);

Sensitive data:
The processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, as well as the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data about a natural person’s sex life or sexual orientation is prohibited. We are committed to strictly comply with this prohibition.

How do we use your information?
With whom do we share your information?

Art.5 Source and origin of personal data
Normally, the data we hold comes from you.
If you do not intend to provide the required or necessary information, you may lose the benefit of certain advantages and/or we may decide to terminate the services we have with you.

Art.6 Access to personal data
Your data is primarily for internal use. For certain legitimate reasons, your personal data may be disclosed to or even processed by third parties. However, we will ensure compliance with the GDPR by our subcontractors. Data processing by the latter is governed by a strict legal framework.

Art.7 Duration of data retention
We take the necessary steps to ensure that the retention of personal data for the purposes described above does not exceed the legal periods.

Art.8 What are your rights?
We undertake to take appropriate technical and organizational measures to ensure the security of the processing of one’s personal data (Article 32 of the GDPR).

Right of access (Article 15 of the GDPR)

We grant everyone the right to access their own personal data and the right to obtain or make a reasonable copy of it.

Right of rectification (Article 16 GDPR)

We recognize the possibility of requesting the rectification of erroneous data.

Right to be forgotten (Article 17 of the GDPR) and Right to restriction of processing (Article 18 of the GDPR).

We commit ourselves to grant you the deletion of your personal data, particularly in the following cases:

Data that are no longer necessary for the purposes for which they were collected or processed
You object to the processing
Personal data have been subject to unlawful processing
Right to lodge a complaint (Article 77 GDPR)

The customer has the right to lodge a complaint with the Spanish Data Protection Agency at any time if he/she considers that the processing of his/her personal data constitutes a violation of GDPR.

Art.9. Our commitment
Our goal is to implement security processes to protect stored data against unauthorized access, misuse, tampering, unlawful or accidental destruction and accidental loss.

Art.10. Procedure in case of a breach
There is always a possibility that personal data processed in the context of the contractual relationship may fall into the wrong hands as a result of human error, computer error, etc.
Where the breach poses a high risk to the rights and freedoms of individuals, we will immediately inform you of the facts and the measures considered. We will ensure that the Spanish Data Protection Agency is notified within 72 hours of notification of the breach in question, unless the breach does not pose a high risk to the rights and freedoms of individuals (Article 32-34 of the GDPR).

Acceptance :

Art. 11. Consent
You give your express and unambiguous consent to the processing of personal data as described in this Privacy Policy. You have the right to withdraw your consent at any time upon written request. We reserve the right to modify this Privacy Policy.