PRIVACY POLICY

CONEN MANAGEMENT SOLUTIONS SL (hereinafter, THE ENTITY) provides you with this Privacy Policy to offer information on how we process your personal data and protect your privacy and information. THE ENTITY requests that the user take a few minutes to read this Privacy Policy carefully.

Introduction

This Privacy Policy applies to interactions that the user has with THE ENTITY.

THE ENTITY may modify this Privacy Policy when necessary. In case of modifications, we will inform you so that you can be aware of the new Privacy conditions, and where required, we will seek your express consent.

Who is responsible for processing your personal data?

The data controller is CONEN MANAGEMENT SOLUTIONS SL with CIF B56192396, headquartered at Calle Don Ramón de la Cruz, Nº38, 28001, Madrid.

THE ENTITY has formally appointed a Data Protection Officer and has also enabled the following communication channel: info@conenms.com.

For what purposes do we process your personal data?

The personal data provided by users may be processed by THE ENTITY for the following purposes, depending on the interactions the user engages with THE ENTITY:

  • Contact and management of user inquiries and requests: The personal data of users who contact THE ENTITY through any of the contact channels provided by THE ENTITY to receive inquiries and/or requests from users will be processed to maintain contact between the parties, manage users, provide customer or user service, and handle and process the requests or inquiries submitted by the user through the channels enabled by THE ENTITY.
  • Commercial, promotional, or advertising communications: The personal data of users may be processed by THE ENTITY to send personalized commercial and advertising information about activities, products, services, special offers, and various documentation through postal, telephone, or electronic means (email, SMS, messaging, and other electronic communication means).

What are your rights regarding your personal data?

You can object at any time to the processing of your data for advertising or promotional purposes by THE ENTITY using the channels provided by THE ENTITY, as detailed in the section.

What data does THE ENTITY process and from what sources do they originate?

The data processed by THE ENTITY as a result of interactions performed by the user with us originate from the following sources:

  • Data provided by the user through the completion of spaces to manage communication with users provided by THE ENTITY or by any other means through which the user communicates with THE ENTITY.
  • Data generated as a result of the development, processing, and maintenance of the relationship established between the user and THE ENTITY.

THE ENTITY may process personal data of the following types, depending on the relationship established with the user:

  • Identification and contact data (e.g., name and surname, email address, postal address, phone number, IP address, etc.).
  • Other types of data: Only if the user provides other types of data in interactions with THE ENTITY will such data be processed by THE ENTITY solely if their processing is necessary for the intended purpose. Otherwise, the data will be destroyed without being stored or processed by THE ENTITY.

What is the legal basis for processing your data by THE ENTITY?

THE ENTITY processes the personal data provided by users based on the following legal grounds, depending on the type of data provided by the user and the interactions the user engages with THE ENTITY:

  • The processing of your data for the purpose of “Contact and management of user inquiries and requests” is based on the management and processing of the legal relationship established between the user and THE ENTITY, that is, in managing your request, maintaining contact between the parties, and, where necessary, providing the service requested by the user, as well as, where required, in the consent requested from the user.
  • The processing of your data for the purpose of “Commercial, promotional, or advertising communications” is based on the user’s consent.

THE ENTITY informs that it will only carry out personal data processing for the purposes of processing based on the user’s consent in cases where the user has consented to each of the processing activities.

Who are your data communicated to?

THE ENTITY informs users that the processing purposes detailed in this Privacy Policy do not involve communications of their data by THE ENTITY to third entities.

How long do we keep your data?

THE ENTITY will retain your personal data for the time necessary to provide the requested service and/or achieve the intended processing purpose.

Subsequently, as long as the user has not exercised their right to erasure, their data will be retained for the legal periods applicable in each case, considering the type of data and the purpose of processing.

What personal data must you provide us with in each case?

THE ENTITY informs users that when personal data are collected through a form provided to users, it is necessary for the user to provide at least the data indicated as mandatory in the respective form. If the user does not provide at least such data, considered necessary, THE ENTITY will not be able to manage the service or inquiry submitted by the user.

What guarantees must you provide when supplying your personal data?

The user guarantees that the data provided are true, accurate, complete, and up to date, being responsible for any damage or harm, direct or indirect, that may be caused as a result of the breach of such obligation.

If the user provides data belonging to a third party, they guarantee that they have informed said third party of all aspects contained in this Privacy Policy and obtained their consent to provide us with their data for the intended processing purpose. All of this, prior to providing third-party data through the communication channels enabled by THE ENTITY.

THE ENTITY informs that to provide us with your personal data in any way, you must be over 18 years of age. The user who provides data to THE ENTITY declares and guarantees to be over 18 years of age, taking full responsibility for such declaration.

What measures do we adopt to protect your personal data?

In response to THE ENTITY’s concern for ensuring the security and confidentiality of your data, the necessary security measures have been adopted to protect personal data and the technical means at its disposal have been installed to prevent the loss, misuse, alteration, unauthorized access, and theft of the personal data provided.

What are your rights over your personal data?

THE ENTITY informs you that you have the right to obtain confirmation of whether or not we are processing personal data concerning you.

Likewise, THE ENTITY informs you that you have the following rights regarding your personal data:

  • Access your data: You have the right to access your data to know what personal data we are processing that concern you.
  • Request rectification or erasure of your data: In certain circumstances, you have the right to rectify any personal data that you consider inaccurate and that concern you, and that are subject to processing by THE ENTITY, as well as the right to request the erasure of your data when, among other reasons, the data are no longer necessary for the purposes for which they were collected.
  • Request the restriction of the processing of your data: In certain circumstances, you have the right to request the restriction of the processing of your data, in which case we inform you that we will only retain the data for which you have requested the restriction in the processing for the exercise or defense of claims.
  • To data portability: In certain circumstances, you have the right to receive the personal data that concern you and that you have provided to us, in a structured, commonly used, and machine-readable format, as well as to have them transmitted by THE ENTITY to another data controller.
  • Object to the processing of your data: In certain circumstances and for reasons related to your particular situation, you have the right to object to the processing of your data, in which case we would stop processing them unless we have to continue doing so for compelling legitimate reasons or for the exercise or defense of potential claims.

Additionally, we remind you that you have the right to object to the processing of your data for commercial or advertising purposes, as well as to withdraw any consent you have given for the processing of your data, without affecting the lawfulness of the processing based on the consent prior to its withdrawal.

THE ENTITY informs you that you can exercise your rights regarding your personal data by sending a written request to THE ENTITY, identified with the reference “Data Protection” and accompanied by a copy of your ID card or equivalent document on both sides, which you can send to one of the following addresses:

Calle Don Ramón de la Cruz, Nº38, 28001, Madrid
info@conenms.com

THE ENTITY will provide the requested information within a maximum period of one month from the receipt of the request. This period may be extended by another two months if necessary, considering the complexity and number of requests.

THE ENTITY informs you that you can lodge a complaint with the competent Data Protection Authority. However, in the first instance, you can submit a complaint to the Data Protection Officer, who will resolve the complaint within a maximum period of two months.