Privacy Policy
Basic information on data protection
| Responsible Party: | Homeria Open Solutions, S.L. Avenida de las ciencias s/n Parque Científico y Tecnológico de Extremadura, 10004 Cáceres, España B10379881 |
| Data Protection Officer: | dpo@homeria.com |
| Purpose: |
Primarily:
|
| Legitimization: |
The legal bases for processing personal data shall be, as applicable:
|
| Recipients: (Assignments and transfers) |
|
| Development of profiles: | Does not exist |
| Rights: | You can exercise your rights of access, rectification, portability and deletion of your data, and limitation of or opposition to processing. |
| Additional information: | dpo@homeria.com Legal Notice Privacy policy Cookies policy |
Date of last update: September 09, 2021
1. Introduction
This Privacy Policy governs the collection, processing and use of personal and non-personal information as a User of the Web Site, as of the effective date shown in the heading.
The Website does not sell personal information to third parties and will always ask for consent before using the data for any purpose other than those described in this clause.
To process personal data, the Website complies with current local and European legislation, as well as its implementation regulations. It therefore adopts the necessary technical and organizational measures to prevent the loss, misuse, alteration, unauthorized access and theft of personal data provided. This is always according to the state of technology, the nature of the data and the risks to which they are exposed.
2. Who is responsible for the processing of personal data?
Homeria Open Solutions, S.L. is responsible for the processing of the User’s personal data and informs that these data will be processed in accordance with the provisions of Regulation (EU) 2016/679 of 27 April (GDPR), and the Organic Law 3/2018 of 5 December (LOPDGDD).
3. What personal data do we collect and process?
Personal and non-personal information collected by the Website will change depending on your use of the Website and the features, options and services offered.
Personal and non-personal information collected by the Website may come to us in three ways:
- Automatically collected.
- Voluntarily provided to us.
- Provided by third parties.
3.1.- Data collected automatically
This information will consist of:
- The information collected through cookies or similar mechanisms stored in the User’s device, always with their consent. Our Cookie Policy is available for more information.
- The IP from which the connection is made, the type of device used and its characteristics, the version of the operating system, the type of browser, the language, the date, the country, the time of the request, the reference URL or the mobile network used, among others. The Website servers may automatically detect the IP address and domain name used by the User. An IP address is a number automatically assigned to a computer when it connects to the Internet. All this information is recorded in an activity file of the server that allows the subsequent processing of the data in order to obtain only statistical measurements that allow knowing the number of page views, the number of visits made to the web servers, the order of visits, the access point, etc.
- Data on the use of the Website and possible errors detected during its use, such as pages not found or erroneous visualizations.
3.2.- Data provided voluntarily
This information will consist of information contained in the messages sent through the contact channels of the Website, mainly e-mail.
3.3.- Those provided by third parties
This information shall consist of that provided by social networks or similar services.
4. Why do we process and what do we do with personal data?
Mainly, we process the data to provide our services and to assess or maintain a business relationship with the persons concerned. The operations envisaged to carry out the processing are:
- The possible sending of commercial advertising communications by email, SMS, social networks or any other electronic or physical means, present or future, that enable commercial communications. These communications will be made by the Responsible Party and will be related to its products and services or those of its collaborators or suppliers with whom it has reached a promotional agreement. In this case, third parties will never have access to personal data.
- Processing orders, requests, responding to queries or any type of request made by the User through any of the contact methods made available on the Responsible Party’s Website.
The data provided to the Website will be used, basically, to attend to your requests.
4.1.- In mails and contact forms
The Website has an SSL encryption that allows the secure sending of your personal data through possible standard contact forms.
The personal data collected will be subject to automated processing and incorporated into the relevant files of the register of activity of which the Responsible Party is the owner.
In this sense:
We will receive your IP address, which will be used to check the origin of the message in order to provide you with appropriate recommendations (e.g. to present information in the correct language) and to detect possible irregularities (e.g. possible attempts of cyber-attack on the Website), as well as data concerning your ISP.
You may also provide us with your data by telephone, e-mail and other indicated means of communication.
Regarding the means of communication used, our e-mail service provider is Google, Inc.
On the other hand, certain services that may be provided through the Website or Social Networks (for example, the possibility of participating in a contest or sweepstakes) may contain special conditions regarding the protection of personal data. It will be necessary to accept them before participating in these services.
Finally, and as already indicated, the purpose of processing of this data will be solely to provide the information or services requested.
4.2.- In social networks
a) Responsible party
The Responsible Party and Website has profiles in some of the main social networks on the Internet, and is recognized as responsible for the processing of the data published therein (for example, photos uploaded by the Responsible Party in which people’s faces appear) or of the data that Users send privately to the Responsible Party through these channels (for example, a photograph, an ID card, etc.).
b) Purposes of processing
The treatment that the Responsible Party will carry out with the data within each of the aforementioned networks will be, at most, the one that the social network allows to the corporate profiles.
The purpose of the processing is that already established, relating to the maintenance of a relationship between the User and the Responsible Party, and may include the following operations: a) processing requests and queries made to the Responsible Party; b) informing about activities and events organized by the Responsible Party; c) informing about products and/or services offered by the Responsible Party; d) to interact through the official profiles. Thus, the Responsible Party may inform, when the law does not prohibit it, our followers by any means that the social network allows about its activities or offers, as well as provide a personalized customer service.
In no case will the Responsible Party extract data from the social networks unless the User’s consent to do so is expressly and promptly obtained.
c) Legal basis for processing
This will be Article 6.1.a) GDPR, since the User has given their consent to the processing of their personal data for one or more specific purposes. The User has a profile on the same social network and has decided to join the social network of the Responsible Party thus showing interest in the information published therein, and therefore, at the time of requesting to follow our official profiles, they give us their consent to the processing of those personal data published
on their profile.
The User can access at any time the privacy policies of the social network itself as well as configure their profile to ensure their privacy.
The Responsible Party has access to and processes the User’s public information, especially their contact name. These data are only used within the social network itself and will only be incorporated into a file of the Responsible Party when necessary to process the User’s request.
d) Data retention criteria
Data will be kept as long as the User does not revoke the consent given as indicated in this Privacy Policy.
e) Recipients
The information provided by the User through the Responsible Party’s social networks, including their personal data, may be published, always depending on the services used by the User, and may therefore be publicly available to other third-party users of the social networks.
From the profile of each social network, the User can configure what information they want to make public in each case, view the permissions that have been granted, delete or disable them, such as any third party application that they no longer wish to use.
No communication of personal data to third parties outside the social network is foreseen except, if essential for the development and execution of the purposes of processing, to our service providers related to communications, with which the Responsible Party has signed the confidentiality and processing manager contracts required by current privacy regulations.
f) Rights
When, due to the very nature of social networks, the effective exercise of the User’s or follower’s data protection rights is subject to the modification of their personal profile, the Data Controller will help and advise to this end to the best of their ability.
g) Profile usage
The Responsible Party may carry out the following actions:
- Access the public information of the profile.
- Publication in the User’s profile of all information already published in the social network
of the Responsible Party. - Send personal and individual messages through the social network channels.
- Receive updates on the status of the page that will be published on the User’s profile.
The User can always control their connections, delete content that no longer interests them and restrict who they share their connections with; to do so, they must access their privacy settings.
h) Publications
The User, once they are a follower or have joined the social network of the Responsible Party, may publish comments, links, images, photographs or any other type of multimedia content supported by the same. The User, in all cases, must be the owner of the content published, hold the copyright and intellectual property rights or have the consent of any third parties concerned.
Any publication on a social network, whether text, graphics, photographs, videos, etc. that violate or are likely to violate morality, ethics, good taste or decorum, and / or infringe, contravene or violate the rights of intellectual or industrial property, the right to image or the law is expressly prohibited.
In such cases, the Responsible Party reserves the right to immediately remove the content, without prior notice, and may request the permanent blocking of the User.
The Responsible Party shall not be held accountable for the contents that a User has freely published. The User must bear in mind that their publications will be known by other users, so they are primarily responsible for their privacy.
The images that may be published in the social network will not be stored in any file by the Responsible Party, but they will remain in the social network.
i) Data on minors or persons with special needs
Access and registration through the social networks of the Responsible Party is forbidden to minors under 18 years of age. On the other hand, if the User has special needs, the intervention of the holder of their parental authority or guardianship, or their legal representative by means of a valid document proving the representation, will be necessary.
The Responsible Party shall be expressly exonerated from any liability that may arise from the use of social networks by minors or persons with special needs. The Responsible Party’s social networks do not knowingly collect any personal information from minors. Therefore, if the User is a minor, they should not register or use the Responsible Party’s social networks or provide any personal information.
4.3.- In raffles
By participating in promotional actions organized exclusively by the Responsible Party on the Website, Social Networks, Events, etc. the data you provide will be processed by us solely for the purpose indicated in the statement of the activity.
5. Why can we process personal data?
Because the processing is legitimized by article 6 of the GDPR as follows:
|
Finalidad: |
Legitimación: |
|
Consent of Interested Party Article 6.1.a) GDPR |
|
Processing is necessary for the article 6.1.b) GDPR With consent regarding electronic commercial communications in accordance with article 21 of the LSSI (prior contractual relationship) |
6. How long will we store personal data?
They will be kept for no longer than necessary to maintain the purpose of the processing or there are legal prescriptions that dictate their custody and, when no longer necessary for this purpose, they will be deleted with appropriate security measures to ensure the anonymity of the data or the total destruction of the same.
The following is an indication of for how long the data processed by the Website will be stored:
a) Disaggregated data will be kept without a deletion period.
b) The data of User clients will be kept according to the contracted service. In any case, it will be the minimum necessary, and may be kept for up to:
- 5 years, according to art. 1964 of the Civil Code (personal actions without special term).
- 6 years, according to art. 30 of the Commercial Code (accounting books or invoices, for example).
c) The data of Users uploaded by the Responsible to pages and profiles on social networks will be kept from the time the user gives their consent until it is withdrawn.
7. To whom do we provide or communicate personal data?
No communication of personal data to third parties is foreseen, except if necessary for the development and execution of the purposes of the processing, to our service providers related to communications, with whom the Responsible Party has signed the confidentiality and data processor contracts required by the privacy regulations in force.
8. Are there data transfers outside the EEA?
We hereby inform you of the possibility and intention to transfer personal data to a third country as some of our suppliers are outside the European Economic Area and these may be located in jurisdictions that do not provide the same guarantees as at the European level in terms of privacy and data processing.
Even so, the Responsible Party has implemented measures and guarantees such as signing the European Commission’s model clauses or contracting with suppliers from a third country declared of an acceptable level by the European Commission.
9. Where do we obtain personal data?
The personal data processed on this Website are collected primarily and directly from the User, except for those that may be collected automatically and those provided by third parties mentioned earlier in this document.
10. What are the rights that can be exercised and how?
The rights of the User are:
- Right of access, rectification, portability and deletion of data, and limitation of or opposition to processing.
- Right to file a complaint with the supervisory authority (www.aepd.es) if they consider that the treatment does not comply with current regulations.
- In the case of having granted consent for any specific purpose, you have the right to withdraw consent at any time, without affecting the lawfulness of the processing based on the consent prior to its withdrawal.
The aforementioned rights may be exercised at any time at the following addresses:
| Responsible Party: | Homeria Open Solutions, S.L. |
| Address: |
Avenida de las ciencias s/n |
| E-mail: | dpo@homeria.com |
In both cases it will be necessary to identify yourself with your first name and surname, as well as provide a copy of your ID card or national ID.
You can find the different models to exercise such rights here: https://www.aepd.es/es/derechos-y-deberes/conoce-tus-derechos
In addition, if as a User you consider that there is a problem with the way in which the Responsible Party is handling personal data and information, you can address your complaints to the Data Protection Officer or the corresponding data protection authority, which is the Spanish Data Protection Agency in the case of Spain.
11. The mandatory or non-binding nature of the information provided
Users, by checking the corresponding boxes and entering data in the fields marked with an asterisk (*) in the contact form or submitted in download or account registration forms, expressly and freely and unequivocally accept that their data are necessary to fulfill their request, by the Responsible Party as provider, with the inclusion of data in the remaining fields being voluntary. The User guarantees that the personal data provided to the Responsible Party are correct and is responsible for communicating any modification and/or update of the same.
The Responsible Party informs that all data requested through the Website are mandatory as they are necessary for the provision of an optimal service to the User. If all the data is not provided, there is no guarantee that the information and services provided will be completely tailored to your needs or the service may be limited.
The personal data provided will be incorporated and processed in accordance with the Register of Processing Activities of the Responsible Party, for the purpose(s) described above.
12. Security measures
In accordance with the provisions of the regulations in force on personal data protection, the Responsible Party complies with all the provisions of the GDPR and LOPDGDD regulations for the processing of personal data under its responsibility, and manifestly with the principles described in Article 5 of the GDPR by which they are processed in a lawful, fair and transparent manner in relation to the User as a data subject and adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
The Responsible Party guarantees that it has implemented appropriate technical and organizational policies to apply the security measures established by the GDPR and the LOPDGDD in order to protect the rights and freedoms of the Users and has provided them with the appropriate information so that they can exercise such rights and freedoms.
In all cases, the Website cannot guarantee the absolute security of the information collected, so you should cooperate and use common sense about the information shared at all times.
You should understand and acknowledge that, even after deletion, personal and non-personal information may remain visible in cache or if other Users have copied or stored it.
For more information about privacy safeguards, you can always contact the Responsible Party.
13. Privacy Policy Update
We may update this Privacy Policy in the future. We will provide notice of changes by sending an advice to the e-mail address provided and/or by posting a notice in a prominent location on our Website.
14.- Contact
If you have any questions about this Privacy Policy, you can contact us at:
| Responsible Party: |
Avenida de las ciencias s/n |
| Address: |
Avenida de las ciencias s/n |
| E-mail: | dpo@homeria.com |