DATA PROTECTION POLICY
- About this Policy
- Who are we?
- Personal data we collect
- Data storage and retention
- Sharing your personal data
- International transfers
- Your rights
- Changes to this Policy
- Lodge a complaint
1. About this Policy
In compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, known as the General Data Protection Regulation (“GDPR”) and the Spanish Organic Law 3/2018, of 5 December, on the Protection of Personal Data and Guarantee of Digital Rights (“LOPDGDD”), your privacy and the security of your personal data is very important to us. Because of that, this Data Protection Notice tells you who we are, what personal data we collect about you when you use this website, why we do it and on what legal grounds, who we share it with, for how long we keep it, where we transfer it to and how we ensure its security.
2. Who are we?
‘Sigma Technologies S.L.U.’ is a company incorporated under the laws of Spain with registered office at Avenida de Burgos 114, Madrid, Spain (“Sigma” or “us”). Given what we do, the protection of personal data is of the essence to our business. If you have any questions about this Policy or, in general, about how we process your Personal Data please contact our DPO at firstname.lastname@example.org.
3. Personal data we collect
All personal data collected in this website is strictly necessary, whether it is the information you give us to contact you or information we collected automatically:
- a. Information you give us. This is information about you that you give us by filling in the contact form on this site, like name and contact details and all the information you decide to provide us. We process this personal data to provide you with the information on our products and services that you request from us.
The processing of this data is necessary for the purposes of the legitimate interests pursued by us and to which you can object or opt-out (confirm section ‘7. Your rights’ below).
4. Data storage and retention
The protection of your personal data is important to us. Because of that, we will only store your personal data for the time strictly necessary for the purposes for which it has been collected. Other than that, we will not process the data unless it is necessary for the formulation, exercise or defence of claims or when it’s required by the Public Administration, Judges and Courts. We will delete or anonymise any other personal data we may hold about you, unless we need to keep it to comply with legal obligations, to verify whether our legitimate interests override yours or if you need it for the establishment, exercise or defence of legal claims.
5. Sharing your personal data
We may communicate the personal data you provide through this Website to:
- a. Public authorities, regulators or governmental or jurisdictional bodies in those cases in which it is necessary to do so by law or local regulations;
- b. Affiliates of our Group, for internal administrative purposes. In addition, we rely on the collaboration of some third party service providers who have access and process your personal data on our behalf. We follow strict criteria for the selection of these service providers and enter into Data Processing Agreements with them, in compliance of Article 28 of the GDPR. These third party service providers are not allowed to use or disclose your personal data except as necessary to provide the services on our behalf or to comply with legal requirements.
6. International transfers
The recipients of your personal data can be located, in some particular cases, outside the European Union. In those cases, we require them to comply with the applicable data protection requirements. Therefore, we only transfer your personal data to a third country or international organisation if those provide appropriate safeguards, namely by using standard data protection clauses adopted by the Commission (more information available here) and certification mechanisms, such as the Privacy Shield (more information available here ).
You may obtain a copy of Sigma’s required measures by contacting our DPO at email@example.com.
7. Your rights
You have the following rights, which depend on our reason for processing your information:
- a. Right of access: you can asks us access to, and copies of, your personal data;
- b. Right to rectification: you can asks us to amend your data if you think it is inaccurate and ask us to add more information if you think it is incomplete;
- c. Right to erasure: you can asks us to delete your personal data if it is no longer necessary for the purposes identified above, if you object to the processing when we rely on legitimate interests, if your data has been unlawfully processed or for the compliance with the applicable legislation;
- d. Right to restriction: you can asks us to restrict of processing if you contest the accuracy of your personal data, if it is unlawful and you oppose the erasure, if you need it for the establishment, exercise or defence of legal claims or if you have exercised your right to object;
- e. Right to object: you can object to the processing of your personal data so that we stop processing it;For the exercise of these rights, you must properly identify yourself and contact DPO at firstname.lastname@example.org.
8. Changes to this Notice
We may update this privacy notice from time to time. When we change this notice in a material way, we will update the version date at the bottom of this page. For significant changes to this notice we will try to give you reasonable notice unless we are prevented from doing so. Where required by law we will seek your consent to changes in the way we use your personal information.
9. Lodge a complaint
If you think that your personal data has been unlawfully processed, you can lodge a complaint with the Agencia Española de Protección de Datos at www.aepd.es.
2, December, 2019