INTERNET WEB SOLUTIONS SL, through the website
www.internetwebsolutions.es, hereby provides you with this Privacy Policy in order to inform you in detail of how we treat your personal data and protect your privacy and the information you provide us with. If we make any changes to this policy in the future, we will notify you via the website or by other means so that you can be informed of the new privacy conditions that have been introduced.
In compliance with Regulation (EU) 2016/679, the General Data Protection Regulation and Organic Law 3/2018, of 5 December, on the Protection of Personal Data and the Guarantee of Digital Rights, we inform you of the following:
Data Controller
Owner: INTERNET WEB SOLUTIONS SL
TAX ID: B92721752
Registered address: Calle Palma del Río, 19 - 4º Oficina 31 - 29004 Málaga
Telephone: 951164900
E-mail: info@internetwebsolutions.es
Website: www.internetwebsolutions.es
How do we process your personal data?
We collect and process your personal data in general in order to manage our relationship with you, and the main purposes we have identified are the following:
- Administering and contracting the products and services offered by our company.
- Processing requests for information, suggestions and complaints that you may send to us.
- Keeping you informed of events, offers, products and services that may be of interest to you through various communication channels, provided that you have given your consent.
- Managing the employment relationship, in the case of our employees.
- Managing commercial relationships with our suppliers.
- Managing the selection of personnel.
How do we collect your data?
We collect your personal data in a variety of ways, but we will always inform you at the time of collection about the data controller, the purpose and legal basis of the processing, the recipients of the data and the retention period of your data, as well as how to exercise your data protection rights.
In general, the personal data we process is limited to identification data (name and surname, date of birth, address, ID number, telephone number and e-mail address), contracted services and payment and billing data.
We obtain the data of our potential clients/users regarding identification data (name, surname, ID number, postal address, telephone, e-mail), professional data (position, place of work, sector of activity) directly from them when they request information from us through the channels provided.
In the case of personnel management and selection, we collect academic and professional data in order to fulfil the obligations arising from the maintenance of the employment relationship or, where applicable, to join our staff.
We use social media and this is another way of reaching you. The information collected through the messages and communications you post may contain personal information that is available online and accessible to the public. These social networks have their own privacy policies explaining how they use and share your information, so we recommend that you check these before using them to confirm that you are happy with the way your information is collected, processed and shared.
Our website collects personal information relating to your browsing through the use of cookies. For a clear and detailed explanation of which cookies we use, what they are used for and how you can configure or disable them, please see our
cookie policy.
User responsibility
By providing us with your data through electronic channels, you guarantee that you are over 14 years of age and that the data provided are true, accurate, complete and up to date. To this end, the user confirms that he/she is responsible for the veracity of the data provided and that he/she will keep this information duly updated so that it corresponds to his/her real situation, assuming responsibility for any false or inaccurate data that he/she may provide, as well as for any direct or indirect damage that may arise.
How long will we keep your information?
We will only keep your information for as long as is necessary to fulfil the purpose for which it was collected, to comply with any legal obligations imposed on us and to meet any liabilities that may arise from the fulfilment of the purpose for which the data was collected.
If you wish to join our staff and apply for one of our vacancies, the data provided will become part of our recruitment database and will be kept for the duration of the selection process and for a maximum of two years or until you exercise your right to delete it.
If at any time we have collected your data in order to contact you as a potential user of our services or to respond to a request for information made by you, such data will be kept for a maximum of two years from the date of collection and will be deleted after this period if no contractual relationship has been formalised or at the time you request us to do so.
In any case, and as a general rule, we will keep your personal data for as long as there is a contractual relationship binding us or you do not exercise your right to cancellation and/or restriction of processing, in which case the data will be blocked without being used beyond the period of retention, except where it is necessary for the exercise or defence of claims or any type of liability that may arise and that must be dealt with.
With whom do we share your information?
As a general rule, we will not share your personal information unless we are required to do so by law.
Although this is not a transfer of data, in order to provide you with the service you have requested, third-party companies acting as our suppliers may access your information in order to provide the service, we have contracted them to provide. These third parties will access your information in accordance with our instructions and will not be able to use it for any other purpose and will maintain the strictest confidentiality. Likewise, your personal data will be made available to public administrations, judges and courts in order to comply with any obligations arising from the processing.
International data transfers
There are no international transfers of your data to countries outside the European Economic Area (EEA).
We have agreed with our suppliers that they will use servers located in the EEA to provide the contracted service, and if we need to use servers located outside the EU in the future, we will take steps, which will be incorporated into this Privacy Policy, to ensure that such suppliers are covered by the Privacy Shield or that other appropriate safeguards are in place.
What are your rights in relation to the processing of your data and how can you exercise them?
Data protection legislation gives you the right to access, rectify, erase and portability of your data, as well as the right to object to and restrict the processing of your data and, where applicable, the right not to be subjected to decisions based solely on automated processing of your data.
These rights are characterised as follows:
- They are free of charge, except in the case of manifestly unfounded or excessive requests (e.g. repetitive nature), in which case we may charge a fee proportionate to the administrative costs incurred or refuse to act.
- You can exercise your rights directly or through your legal representative or volunteer.
- We must respond to your request within one month, although this may be extended by a further two months to take account of the complexity and number of requests.
- We are obliged to inform you of the means of exercising these rights, which must be accessible, without being able to refuse the exercise of the right on the sole ground that you have chosen another means. If the request is made by electronic means, the information will be provided by electronic means where possible, unless you ask us to do otherwise.
- If we do not comply with the request, we will inform you, within one month at the latest, of the reasons for our failure to comply and of the possibility of lodging a complaint with a supervisory authority.
To facilitate the exercise of these rights, we provide links to the application form for each right:
Form for exercising the right of access
Form for exercising the right of rectification
Form for exercising the right of objection
Form for exercising the right of erasure ("right to be forgotten")
Form for exercising the right to restrict the processing of personal data
Form for exercising the right of portability
Form for exercising the right not to be subject to automated individual decisions
To exercise your rights, we provide you with the following means:
1. By means of a written and signed request addressed to the company, ref. Exercise of LOPD rights.
2. By sending a scanned and signed form to the above email address, specifying Exercise of LOPD Rights in the subject line.
In both cases, you must prove your identity by enclosing a photocopy or, where appropriate, a scanned copy of your identity card or equivalent document, in order to verify that we are responding only to the interested party or their legal representative, in which case you must provide proof of representation.
Likewise, and in particular, if you consider that you have not obtained full satisfaction in the exercise of your rights, we inform you that you may lodge a complaint with the national supervisory authority by contacting the Spanish Data Protection Agency, C/ Jorge Juan, 6 - 28001 Madrid.
How do we protect your privacy?
We are committed to protecting your personal information.
We use reasonably reliable and effective physical, organisational and technical measures, controls and procedures to maintain the integrity and security of your data and to ensure your privacy.
In addition, all staff who have access to personal data have been trained and are aware of their obligations in relation to the processing of your personal data.
In the case of the contracts signed with our suppliers, we include clauses requiring them to maintain the confidentiality of the personal data to which they have had access under the contract and to implement the necessary technical and organisational security measures to ensure the confidentiality, integrity, availability and continuous resilience of the systems and services processing personal data.
All these security measures are periodically reviewed to ensure their adequacy and effectiveness.
However, absolute security cannot be guaranteed and no security system is impenetrable, so in the event that any information under our control and subject to processing is compromised as a result of a security breach, we will take appropriate steps to investigate the incident, notify the supervisory authority and, where appropriate, the users who may have been affected, so that appropriate action can be taken.