September de 2021
In compliance with Regulation (EU) 2016/679 of 27 April 2016, (hereinafter, “GDPR”), and Organic Law 3/2018, of 5 December, on the Protection of Personal Data and guarantee of digital rights (hereinafter, “LOPDgdd”), we provide you with the following information about our processing of your personal data on this website.
BITABIT TECHNOLOGIES, S.L. is the owner and, therefore, responsible for the projects listed below, including any of their subdomains or sections (hereinafter, “Website”, as applicable):
In this legal text, we provide the legally binding information on the processing of your personal data in the context of our Website: browsing the Website; user registration, communications to provide support, receipt of job applications or processing imposed by our legal obligations.
Some of the Services provided through the Website may have specific privacy policies, which will be displayed to you at the relevant time. In addition, with respect to access to and use of the Website and the provision of the Services, the Terms and Conditions of Use of the Website apply.
PROCESSING OF PERSONAL DATA
The following points detail how your personal data is collected and processed through your use of inone.es, including any of its sub-domains or sections.
- Data controller
The processing of your personal data that may be collected on the Website is the responsibility of the company BITABIT TECHNOLOGIES, S. L, with VAT nº B-B93480663, registered office at Avenida Sor Teresa Prat 15, 29015 Malaga, Spain, and contact email: firstname.lastname@example.org, in its capacity as data controller.
Data Protection Delegate Jose Javier Moreno Ruiz.
You can send any questions, requests or exercise of rights regarding personal data protection to this email address: email@example.com
- Use of the Website subject to Terms and Conditions
You may only contract our services and validly consent to our Terms and Conditions if you are of legal age.
Our products are intended for persons of legal age. In specific cases, we may explicitly allow minors to use them. They must be examined and accepted, on your behalf, by the person of legal age who has parental authority or is responsible for their custody or education.
Otherwise, if you are a minor, according to our terms and conditions, you cannot validly enter into any of the contracts we offer.
- Purpose and legal basis for the use of the data
Your personal data is processed for various purposes or legitimate purposes. Each processing of personal data must be based on a legitimate basis, among those provided for in the regulations. We use the following bases:
Consent: you have given your informed, unambiguous and specific consent to the processing of your personal data for a specific purpose.
Legal obligation: The law requires certain data to be processed and sometimes disclosed to certain institutions (e.g. judges and courts, law enforcement agencies or the tax authorities in their respective areas of competence).
Execution of a contractual relationship: the data is strictly necessary for the performance of our service or the fulfilment of an agreement with you.
Our legitimate interests, provided that they do not override your interests, rights or freedoms.
The legitimate bases of our data processing carried out through our Website, in relation to the purposes for which we will use your data, are as follows:
3.1. Browsing the Website
When you browse and use the Website, even if you do not register, identifiers such as your IP address, the unique ID of the device from which you access the Website and certain metadata (such as your browser, http headers) are automatically collected. This information is recorded for the purpose of monitoring compliance with the authorised download limit for each category of user, thus enabling us to detect fraudulent or illegitimate use of the Website, and therefore to ensure compliance with the Website’s Terms and Conditions of Use, i.e. the management and enforcement of our agreements with you.
These same technical data observed in the mere browsing of the user are processed in order to detect and mitigate risks of computer attacks (bots, code injections, distributed denial of service attacks -DDOS-) and in general to maintain the security of our Website. Our basis of legitimacy is our legitimate interest in maintaining the security, integrity and resilience of our systems and ensuring the regular provision of the service, the respect of our agreements and the protection of the company’s assets.
Personal data processed: IP address, device ID.
3.2. Contractual relationship as a registered user
When you register as a user, we ask you for the personal data we need to formalise, manage and fulfil our contractual relationship with you.
We do not request, collect or process special categories of personal data (data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership and information about health, sexual orientation and life, genetic or biometric data).
Although you can include the handle names of your social networks or personal website in your profile, InOne does not process such data.
When you are asked for personal data identified as necessary, by legal obligation or in accordance with our terms and conditions of contract, and you refuse to provide them, we may not be able to formalize the contract or provide the service, which will be communicated to you appropriately.
Personal data subject to processing may be: user name, email address, name or address, identity document, tax residence, and means of payment.
3.3. Promotion of our products through personalised advertising on other websites.
We promote our products:
- Among users of social networks and other platforms, among profiles of potential InOne customers (segmented audiences by interests, not created by InOne, but already offered by platforms such as Google or Facebook Ads and contracted by InOne for this purpose). Likewise, we can only identify you if you register with us.
Our basis of legitimacy is our legitimate interests (the economic interest of obtaining new customers via advertising of our products personalised by means of the profiling offered by social media platforms).
- By retargeting: by targeting visitors who have visited and left our website without registering, when they have accepted the use of our cookies, and these allow us to present them with advertising on third party websites.
In this case, our basis of legitimacy is your consent (given on our website and also on the website of the third party on which our advertising is shown to you). You can find more information about this treatment in our cookies policy.
3.4. Commercial communications by e-mail
We will send you commercial communications by email if (i) you have registered or contracted any of the Website Services, (ii) you request information about our products through any of the forms on the Website. In any case, we will do so as long as you have not expressed your wish to stop receiving such communications (you can do so easily in your user profile and in each communication you receive, at the end, by clicking on the “Unsubscribe” button).
Our basis of legitimacy is our legitimate interest (to offer you commercial information about products or services similar to those you have already contracted or about which you have requested information from us) legally enshrined in art. 21 of Law 34/2002 of 11 July on Information Society Services and Electronic Commerce (LSSI).
Personal data subject to processing: email address.
Also, based on our legitimate interests (to know first-hand your opinion about our products and, on that basis, to eliminate friction, facilitate their use and improve your interactions with them), we will contact you to ask for your opinion through satisfaction surveys.
Personal data processed: user contact details.
When you contact us requesting information or support, we process your data for the purpose of assisting you, based on your consent expressed in your request.
Personal data processed: contact details that you provide to us in order to respond to you.
3.7. Sending of CVs
When you submit your application to join the InOne team, we process your personal data on the basis of your consent, in order to assess your recruitment.
Personal data processed: contact data and data contained in your CV and/or cover letter that you provide to us in support of your application.
3.8. Processing imposed by legal obligations
When in some cases we are legally obliged by different regulations (regardless of whether or not you give your consent), to process and/or transfer certain personal data to different entities. For example, to the Tax Agency, or to the State Security Forces and Corps, at their request.
Personal data subject to processing: those imposed by the relevant regulations in each case.
- How long we keep your Data
We process your personal data only for as long as necessary, depending on each case. Once our processing has been completed, we keep your data blocked for different periods of time (generally until the statute of limitations for any liability that may have arisen from our interactions). The relevant time periods in each case are listed below:
In relation to maintaining the security of our websites and anti-fraud measures, we retain your data for thirteen months.
In relation to data necessary to manage and fulfil our contractual relationships with users, your personal data is processed for the duration of the contractual relationship, and is kept blocked for a further five years (until the expiry of any contractual liability) or six years (in relation to documentation for accounting purposes).
In relation to the sending of commercial communications, the data will be processed for three years from the last interaction with you.
We process your data to send you surveys while our contractual relationship is in force.
In relation to your non-commercial enquiries, the data will be deleted once the enquiries have been answered.
We will process the data supplied for your selection process for a period of one year from receipt.
In relation to the processing of the Website management through cookies, we refer you to the Cookies Policy where you will find detailed information on the persistence or duration of our own cookies and links to detailed information on third-party cookies.
We retain your data in relation to compliance with legal obligations, in general, during the periods of limitation of possible liabilities arising from our data processing, and specifically during the periods imposed by the regulations in each case.
- Updating Data
Please inform us immediately of any changes to your data so that the information contained in our systems is always up to date and free of errors. In this regard, you represent and warrant that the information and data you have provided to us are accurate, current and truthful.
- Communication of Data
We do not give or sell your personal data to third parties.
We allow access to personal data under our responsibility to third parties who provide services to us, and who require such access in order to do so. These are companies that provide us with services necessary for the performance of our contract with you or the provision of our services, in compliance with the Terms and Conditions of Use and for compliance with applicable laws:
Service providers for systems administration and information technology, such as hosting, broadband, computer security or web analytics providers.
Payment platforms, banks and companies in respect of which such communication is necessary for the processing of transactions as may be required from time to time.
Professional advisors such as lawyers, auditors, banking, legal and accounting consultancy services.
In our commitment to your privacy and your right to data protection, we choose only first-class service providers who are leaders in their sectors. You can request a list of the providers who have access to your personal data, as well as the services provided by each one, via the email address provided in the section on exercising your rights.
We commercially exploit the advertising shown to you on our Website by third parties, and we do so by means of “cookies” and other similar technologies, and always with your prior consent.
- Your rights
We guarantee the exercise of your rights under the terms established in the General Data Protection Regulation or GDPR.
You may exercise your rights, as set out in this section, by accessing your user account at the following link, through the support page, or by sending an email to firstname.lastname@example.org.
Please note that we may ask you to verify your identity before taking any action you have requested to exercise your rights.
The following are the rights that you may exercise, in accordance with the provisions of the GDPR:
- Transparency and information about how we use your personal data (right to be informed). A right that we satisfy, for example, through this legal text.
- The right to request a copy of the information we hold, which will be provided to you within one month (right of access).
- The right to update or amend the information we hold if it is incorrect or inaccurate (right of rectification).
- The right to request that we stop using your information pending the resolution of a complaint, among other things (right to restriction of processing).
- The right to be informed of automated decision-making procedures, including profiling.
Additionally, when we process your personal data based on your consent or on our contractual relationship with you:
- The right to request that we remove personal data from our records (right to erasure or “right to be forgotten”). You can carry out this request at any time by closing your account, via your profile page.
- The right to obtain and re-use personal data for your own purposes (right to data portability).
- The right to revoke your previously given consent to any of our processing of your personal data at any time.
Or, where we process your personal data based on our legitimate interests:
- The right to object to the processing of personal data based on our legitimate interests on the grounds of circumstances based on your personal situation (right to object). You can object to these processing operations related to the sending of advertising both on the registration form and through your own profile, by unchecking the box provided in the “Notifications” section, as well as in each of the commercial communications that we send you.
- Data Security
We have appropriate security measures in place to prevent your personal data from being accidentally lost, used, accessed in an unauthorised manner, modified or disclosed.
- Submitting Complaintss
If you, as a user, consider it appropriate, you can send your complaint by email to email@example.com, or to the corresponding supervisory authority. In this case, the Spanish Data Protection Agency (AEPD) through its own website: www.aepd.es.