In compliance with article 10.1 of Law 34/2002, of 11 July, on Information Society Services and Electronic Commerce (LSSI), the identification details of the owner are indicated:
- Responsible: IMATIA INNOVATION, S.L. (hereinafter referred to as “IMATIA”)
- NIF: B36499960
- Registered office: Rúa Galileo Galilei, 64, 15008 A Coruña
- Register data: Commercial Register of A CORUÑA T 3116, L 3116, F 30, S 8, H PO 38276
- Contact e-mail address: firstname.lastname@example.org
- Website: imatia.com
- BASIC INFORMATION ON DATA PROTECTION
|Data controller||IMATIA INNOVATION, S.L.|
|Purposes of processing||Response to queries and doubts, provision of the service and possible sending of information on products and services.|
|Legitimation||Consent of the data subject (Article 6(1)(a) of the GDPR).contractual relationship with the data subject (Article 6(1)(b) of the GDPR).|
|Addressees||The following may have access: Tax Administration, Banks and financial institutions, Security Forces and Bodies, Data Processors necessary for the provision of the service.|
- DETAILED INFORMATION ON DATA PROTECTION
- Who is the data controller?
The identification details of the Data Controller appear in section 1.
In turn, IMATIA informs that the user may contact the Data Protection Officer (DPO) with any questions regarding data protection:
- DPO: APDTIC PROFESIONALES, S.L.
- E-mail address: email@example.com
- What information do we collect and process from you through the website?
Through our corporate email
Through our e-mail address firstname.lastname@example.org the user can write to us and/or request the information he/she considers necessary to clarify any doubts related to our services. Also in our “Contact” section the user will be able to see different locations and departments with which he/she can get in touch.
- Receipt of applications. Employment
On our website the user will be able to see in the “Employment” section where he/she can provide us with his/her Curriculum Vitae if he/she is interested in joining the IMATIA team. Under no circumstances will this data be passed on to third parties without the consent of the person concerned.
In the event that the user provides us with data of third parties, the user assumes responsibility for having previously informed them and having their consent to do so, in accordance with Article 14 of the GDPR.
- For what purpose do we process the user’s personal data?
IMATIA processes personal data for the purposes set out below, depending on the reason for which they have been provided:
- To carry out the provision of the contracted products/services, the maintenance of the contractual relationship and the monitoring of the same.
- Contact, process, manage and respond to the user’s request, application, incident or query (either by e-mail, contact form or telephone).
- Manage the customer’s purchase process and any queries associated with the products/services contracted.
- Manage, where appropriate, the sending of information on products, services and news associated with IMATIA by electronic and/or conventional means.
- Assess and manage, where appropriate, the curriculum vitae provided by the user for selection processes that adapt to their professional profile and carry out the necessary actions for the selection and recruitment of personnel.
- What is the legitimacy of the processing of user data?
The legal basis for processing your personal data for the purposes set out in the previous section is the performance of the relevant service, and it is an imperative obligation to do so, as set out in Article 6.1.b) of the GDPR.
With regard to the sending of information about products, services and news associated with IMATIA, the legal basis for the processing of the personal data provided is the consent given by the user expressly, as established in article 6.1.a) of the RGPD.
The legal basis for the processing of the data of the person who provides IMATIA with their Curriculum Vitae and other related data (identification and professional) will always be the consent given by the user expressly, as established in article 6.1.a) of the RGPD.
- For how long will the user’s personal data be processed?
The data for the management of the relationship with the customer and the billing and collection of the services will be kept for as long as the contract is in force. Once this relationship has ended, if applicable, the data may be kept for the time required by the applicable legislation and until any liabilities arising from the contract expire.
The data for the management of queries and requests will be kept for the time necessary to respond to them and, where appropriate, as long as the interested party does not request the withdrawal of their consent to send them information related to their query.
The data for the sending of information associated with IMATIA products or services will be kept as long as the user does not revoke their consent.
The candidate’s curriculum vitae data for selection processes will be kept for a maximum of five years..
- To which recipients will the user’s personal data be communicated?
As a general rule, your data will not be passed on to third parties unless there is a legal obligation or it is necessary to carry out the provision of the service. With this in mind:
- The user’s personal data may be communicated to the financial institutions through which the collection and payment management is carried out.
- Only in legally required cases will the data be communicated to the State Security Forces and Corps.
- They may also be communicated to the competent public administrations in the cases provided for by law.
- Where appropriate, they will also be communicated to IMATIA’s Data Processors for the correct provision of the service.
What are the rights of the user?
Data protection regulations allow you to exercise your rights of access, rectification, erasure and portability of data and to object to and restrict the processing of your data, as well as not to be subject to decisions based solely on automated processing of your data, where applicable.
These rights are characterised by the following:
- It is free of charge, except in the case of manifestly unfounded or excessive requests (e.g. repetitive nature), in which case IMATIA may charge a fee proportional to the administrative costs incurred or refuse to act.
- You can exercise your rights directly or through your legal representative or volunteer.
- We must respond to your request within one month, although, taking into account the complexity and number of requests, the deadline can be extended by a further two months.
- We are obliged to inform you about the means of exercising these rights, which must be accessible and without being able to refuse you the exercise of the right on the sole ground that you have chosen another means. If the request is made by electronic means, the information will be provided by electronic means where possible, unless you ask us to do otherwise.
- If IMATIA does not act on the request, it will inform you, within one month at the latest, of the reasons for its failure to act and the possibility to complain to a Supervisory Authority.
In order to facilitate their exercise, we provide links to the application form for each of the rights:
- Form for exercising the right of access
- Form for exercising the right of rectification
- Form for exercising the right to object
- Form for exercising the right to erasure (“right to be forgotten”)
- Form for exercising the right to restriction of processing
- Form for exercising the right to portability
- Form for exercising the right not to be subject to automated individual decisions
To exercise your rights IMATIA offers you the following means:
- By means of a written and signed request addressed to IMATIA. Ref. Exercise of LOPD Rights.
- By sending a scanned and signed form to the e-mail address email@example.com indicating Exercise of LOPD Rights in the subject line.
In both cases, you must prove your identity by enclosing a photocopy or, where appropriate, a scanned copy of your ID card or equivalent document in order to verify that we are only replying to the interested party or their legal representative, in which case you must provide proof of representation.
Likewise, and especially if you consider that you have not obtained full satisfaction in the exercise of your rights, we inform you that you may lodge a complaint with the national supervisory authority by contacting the Spanish Data Protection Agency (AEPD), C/ Jorge Juan, 6 – 28001 Madrid, Spain. ( www.aepd.es ).
- What security measures do we have in place?
IMATIA is committed to protecting your personal information.
We use reasonably reliable and effective physical, organisational and technological measures, controls and procedures to preserve the integrity and security of your data and to guarantee your privacy.
In addition, all staff with access to personal data have been trained and are aware of their obligations in relation to the processing of their personal data.
In the case of the contracts we sign with our suppliers, we include clauses requiring them to maintain the duty of secrecy regarding the personal data to which they have had access by virtue of the assignment, as well as to implement the necessary technical and organisational security measures to guarantee the permanent confidentiality, integrity, availability and resilience of the systems and services for the processing of personal data.
All these security measures are regularly reviewed to ensure their adequacy and effectiveness.
However, absolute security cannot be guaranteed and no security system is impenetrable so, in the event that any information under our control and under our control is compromised as a result of a security breach, we will take appropriate steps to investigate the incident, notify the Supervisory Authority and, where appropriate, those users who may have been affected to take appropriate action.
- Social media policy
IMATIA has a corporate profile on the social networks LinkedIn, Twitter, YouTube and Google.
Therefore, IMATIA is “Responsible for the processing of your data” by virtue of the existence of such profiles on social networks and the fact that the user follows us and by virtue of this we can also follow him/her.
The above means that if the user decides to join our corporate profile as a follower or by giving a “Like” or “Like” to our content or profile, they accept this policy, where we explain their rights and how we use their data.
As the party responsible for the processing of your data, we guarantee confidentiality in the processing and compliance with the rights of the user, always under the effects of the current regulations on data protection.
On the other hand, we inform that we will use these social networks to announce news or relevant information related to the services we offer, or on topics that we consider to be of interest to the user. Using the functionalities of these platforms, it is possible that the user may receive news with this type of information on their wall or profile.
However, we also inform you that there is no link between IMATIA and these platforms or social networks, so the user accepts their policy of use and conditions once they access them and/or validate their notices and terms and conditions in the registration procedure, and IMATIA is not responsible for the use or processing of the user’s data outside the strict relationship and provision of services indicated in this policy.