In compliance with article 10 of the Law 34/2002, of 11 of July, on services of the Information Society and E-Commerce (hereinafter, the “LSSICE”), with article 13 of the general Regulation (EU) 2016/679, of 27 of April of 2016 on data protection (RGPD) and article 11 of the current Organic Law 3/2018, of 5 of December, on Personal Data Protection and guarantee of digital rights (LOPD), in relation to the treatment of your personal data, we inform you on the following:
Basic information on Data protection
WHO IS RESPONSIBLE FOR TREATING YOUR DATA?
- OMA TECHNOLOGIES, S.L. (hereinafter “OMATECH”)
- Address: Diputació 119, 4-1, 08015 (Barcelona)
- E-mail: firstname.lastname@example.org
- Telephone: 932197763
- CIF: B-62567318
WHAT IS THE PURPOSE OF TREATING YOUR PERSONAL DATA?
We treat the data that interested parties provide in order to manage:
- Contact requests sent through the web form
- Maintain a commercial relationship with the User.
- Offer of services by OMATECH.
- Administrative and billing management of the service contracted.
WHAT TYPE OF TREATMENT IS USED WITH YOUR DATA?
The data categories deal with identification data such as first and last names and electronic addresses. They do not deal with specially protected data. Occasionally, we can obtain the N.I.F. or C.I.F., company name, contact person, job title, first and last names of remaining users, fiscal and accounting information, and that necessary to offer the services contracted by the User.
These authorized treatment activities include -although are not necessarily all that will be carried out - the following: collection, registration, structuring, modification, conservation, extraction, consultation, communication by transmission, broadcasting, interconnection, matching, limitation, cancellation and/or destruction.
HOW LONG DO WE KEEP YOUR DATA?
The personal data provides through the contact form are saved until the response is given to the query made or until the end of services contracted by the User. Exceptionally, they can be kept for the time necessary required by law to comply with legal obligations.
The interested party can revoke consent at any time.
WHAT IS THE LEGITIMACY OF THE TREATMENT OF YOUR DATA?
The legal basis of the treatment of your data is the request for information of the interested party through the contact form, service contract solicited from OMATECH and the fulfillment of legal obligations applicable in the transfer of data to organisms or authorities, whenever required in accordance with legal and regulatory provisions.
WHO WILL BE GIVEN YOUR DATA?
Your personal data will not be disclosed to third parties, unless otherwise provided by law. Exceptionally, data will be transferred to third parties that provide OMATECH services, under a data processor contract in order to ensure that they will process the personal data in accordance with the provisions of the legislation in force.
DATA RELEASE AND TRANSFERENCIAS INTERNATIONAL DATA TRANSFERS
Omatech will not disclose User data to third parties unless required to do so by current legislation. In specific cases, Omatech will request the User's express consent to transfer their data. Occasionally, Omatech's third party collaborators may access the data in order to process them in accordance with applicable legislation to provide the services contracted with Omatech. This processing will be framed in a data processing contract to ensure compliance with regulations and to safeguard the User's rights and the privacy of their data. Exceptionally, data may be transferred to companies belonging to the business group to which Omatech belongs, in particular the following companies INTERCAMBIO ELECTRONICO DE DOCUMENTO, SL, Diputación 119, 4 planta and CIF B63383830 (EDIVERSA) and the company DATA JUICE SOFTWARE, S.L., Parque Empresarial Zuatzu, Edificio Urumea, 2a planta, oficina 1, 20018, Donostia, and CIF B01645977R (DataJuice).
HOW DID WE GET YOUR DATA?
The personal data processed by OMATECH comes from the requests of the interested parties or from the completion of the contractual data, either physically or online, necessary to offer services to the User.
WHAT RIGHTS DO YOU HAVE WHEN FACILITATING DATA?
Any person has the right to obtain confirmation about whether OMATECH processes personal data concerning them, or not.
You have the right to access your personal data, as well as to request the rectification of inaccurate data or, where appropriate, to request their deletion when, among other reasons, the data are no longer necessary for the purposes for which they were collected.
In certain circumstances and for reasons relating to your particular situation, you may object to the processing of your data. You may also exercise the rights of portability in a structured form of your data to transmit them to another processor and not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects on the person or significantly affects them.
OMATECH will stop treating data, except for compelling legitimate reasons, or the exercise or defense of possible claims.
Also, OMATECH informs you that you may exercise your rights of access, rectification, deletion, opposition, and limitation of treatment according to the conditions and limits provided in the current legislation, by writing to OMATECH, Diputació 119, 4-1, 08015 (Barcelona), or by email to email@example.com with the reference: RGPD. In any case, you should provide a copy of your ID, passport or equivalent document.
If you consider it appropriate, you can file a complaint or fill out forms to exercise your rights on the web of the Spanish Data Protection Agency
OMATECH will treat the personal data of its customers in the strictest confidence. Appropriate technical and organizational measures have been implemented to ensure the security of your personal data and to prevent their destruction, loss, unlawful access or unlawful alteration. Elements such as the scope, context and purposes of the processing, the state of the art and the existing risks have been observed.
OMATECH has the necessary programs and technical elements to prevent intrusions or violations of the security of its systems. In the unlikely event of a security breach resulting in the destruction, loss, accidental or unlawful alteration of personal data transmitted, stored or processed or when there is an unauthorized communication or access, the Spanish Data Protection Agency and, where appropriate, the User will be notified of the breach, the category and approximate number of data parties and data records affected, the name and contact details of the Data Protection Officer or the person responsible at the Agency, as well as the measures taken or proposed to remedy the security breach, including, if applicable, the measures implemented to reduce the negative effects.
In order to minimize the risk of a breach or malicious intrusion affecting personal data, access to such data will be restricted to a small number of users, will be encrypted with passwords and other measures such as data minimization or pseudonymization will be applied.