Privacy Notice Spain

  • Home
  • Privacy Notice Spain

ITERA PROCESS CONSULTING S.L.

Domiciled in Parque Tecnológico de Madrid. Calle Santiago Grisola No2 // C.P. 28760 Tres Cantos Madrid, Spain and with telephone: (+34) (91) 803 5954, in compliance with Organic Law 3/2018, on the Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD), ITERA PROCESS CONSULTING S.L. (below IT ERA), our organization is committed to ensuring the proper protection of personal information, ensuring its appropriate use, the use of this website and its forms entails the acceptance and granting of consent for the processing of the user’s personal data in accordance with the privacy policy detailed below, which includes the collection of access data and the sending of commercial information by electronic means.

INFORMATION ON DATA COLLECTION

Both on the IT ERA website, as well as in forms, the information to be collected is identification data (we do not process specially protected data and data of people under 14 years of age) and contact data, such as:
  • Full name.
  • Age.
  • Date of birth.
  • Nationality.
  • Email.
  • Telephone.

PURPOSE

The purpose of the processing of personal data is:
  • Provide the required services and products.
  • To inform about new products or services that are related to what has been contracted or acquired by the client, changes in products or services, to evaluate the quality of the service and advertising in general, offered by or related to IT ERA.
  • Manage, administer, monitor your activity on the embedded blog/forum.
  • Comply with the obligations established with customers.
  • Compliance with legal obligations.
  • Channel requests for information, suggestions and claims for management and resolution through the complaints, denunciations and surveys mailbox.
With regard to job offer candidates or job applicants, the processing of personal data provided through our web forms is for the purpose of:
  • Manage the application.
  • Communicate with the applicant to inform them of the status of the selection process and the candidacy in it.
  • To understand the behaviour of the surfer within the website in order to detect possible computer attacks on our website.
  • To protect and exercise our rights or respond to claims of any kind
  • Sending communications regarding new job offers that we make and that are adapted to your needs; provided that such information has been previously authorized.
To request access, rectification, deletion or limitation of the processing of personal data or to oppose the processing, in the event that the requirements established in the General Data Protection Regulation are met, as well as in Organic Law 3/2018, of 5 December, on the Protection of Personal Data and guarantee of digital rights, You can write to the data controller, in this case to privacidad@iteraprocess.com.

LEGITIMATION

The legal basis established for the processing of personal data is consent to:
  • The processing and management of any request for information or queries about IT ERA’s professional services, a legitimate interest of the data controller.
  • Compliance with legal obligations.
  • The execution of a contract or pre-contract and/or commercial relationship.

RECIPIENTS

IT ERA may transfer your personal data to third parties related commercially or contractually, as long as it is necessary to comply with the purposes described in this privacy notice, in the specific cases provided for by law or the following entities:
  • Affiliated companies and subsidiaries of IT ERA nationally and internationally.
  • Business partners with whom it carries out agreements or contracts focused on the development of new products and/or services.
  • Third parties who request employment references from former IT ERA employees for legally established reasons, corporate restructuring, including merger, consolidation, sale, liquidation or transfer of assets.
Third parties and entities receiving personal data assume the same obligations and/or responsibilities of IT ERA and have access to the company’s information or systems as long as you agree:
  • Compliance with the company’s electronic information security policy and the company’s data protection policy.
  • Appropriate provisions to ensure the continued security of information and systems in the event of termination or transfer of a contract to another provider.
  • Confidentiality obligations when a third party has access to company information.
  • Secure paths and access rights required for maintenance based on the principle of least privilege
  • Complete audit of all actions in accordance with the audit process.
All transfers of personal data are carried out in accordance with the data protection regulations in force and under the implementation of appropriate security measures aimed at safeguarding privacy. The third parties with whom we share data are guaranteed to be fully committed to the confidentiality and security of such information. The transfers of personal data are always carried out in compliance with the following conditions:
  • Transfers subject to appropriate safeguards where data protection measures are in place.
  • Binding corporate rules to which the transferor and transferee have adhered.

DATA RETENTION PERIOD

Personal data will be processed as long as the validity of the consent is maintained in accordance with applicable legislation, once the relationship with the user has ended, the data will be kept for 2 years.

RIGHTS

IT ERA informs the data subject of the right to:
  • Access: You can consult your personal data.
  • Rectification: You can modify your personal data when it is not complete.
  • Deletion: You can request the deletion of your data, when the data is no longer necessary for the purposes for which it was collected, via the IT ERA website.
  • Request the portability of your data, or transmit it to another entity.
  • Objection: You can request that your personal data not be processed. IT ERA will stop processing the data, except for compelling legitimate reasons, or the exercise or defence of possible claims.
  • Limitation: It may be exercised when you have objected to the processing of your personal data, for the satisfaction of a justified legitimate interest, in which case it will only be kept for the exercise or defence of claims.
The application to exercise your ARCO rights must contain the following information:
  • The full name, address and a means of communicating with the owner of the personal data.
  • Valid documents that prove their identity (simple copy in printed or electronic format of their voter card, passport or ID card) or, where applicable, the legal representation of the holder (simple printed or electronic copy of the simple power of attorney with the handwritten signature of the holder, the representative and their corresponding valid official identifications – voter credential, passport or DNI).
  • Clear description of the data in respect of which you seek to exercise any of the rights and any other element or document that facilitates the location of the personal data.
  • For requests for rectification of personal data, the owner will indicate the modifications to be made and will provide the documentation that supports their request.
To exercise any of the ARCO rights, as well as to request the applicable forms, the holder will send the respective request to the IT ERA email address. In the event that the information provided in your application is erroneous or insufficient, or if the corresponding accreditation documents are not attached, you will be asked to provide the necessary documents to process it. The holder will have ten working days to respond to the requirement, counted from the day after receiving it. If no response is given within this period, the corresponding application will be deemed not to have been submitted. IT ERA will respond to the holder within a maximum period of 30 calendar days, counted from the date on which the request was received. In all cases, the response will be given through the same channel by which you have submitted your application. Any inconsistencies can be made to the data protection supervisory authority. In the event that you feel that your rights regarding the protection of your personal data have been violated, especially when you have not obtained satisfaction in the exercise of your rights, you can file a complaint with the competent Data Protection Supervisory Authority (Spanish Data Protection Agency), through its website: www.agpd.es.

INFORMATION SECURITY

All legally required measures have been taken for the protection of personal data; Likewise, all technical devices at its disposal have been adopted to prevent the loss, misuse, alteration, access or theft of personal data provided by users of the website. The user will take into account that security measures on the Internet are not absolutely inviolable.

LEGISLATION AND JURISDICTION

These terms of use are governed by Spanish law. Users and the company ITERA PROCESS CONSULTING S.L. submit all interpretations or conflicts that may arise from this legal notice to the Courts and Tribunals of Spain.