Summary table of the privacy and personal data protection policy

Basic information on data protection

Responsible COUNCILBOX TECHNOLOGY, S.L.
CIF B27815596
Purpose Provision of services, commercial management and the sending of information and commercial prospecting.
Legitimation Execution of contractual or pre-contractual relationship, provision of services, legal compliance and consent of the interested party.
Addressees No data will be transferred to third parties, except those necessary to employees, collaborators and suppliers for the provision of services and/or legal obligations.
Rights Access, rectify and delete the data, as well as other rights, as explained in the additional information.
Additional information You should read the detailed information on the PRIVACY POLICY AND PERSONAL DATA PROTECTION OF COUNCILBOX TECHNOLOGY, S.L. below.

At COUNCILBOX we like to be clear.
That is why we want to explain to you what the new European Data Protection Regulation consists of and the consequences it may have for you:

What is the new General Data Protection Regulation (RGPD)?
It’s a new European regulation. This Regulation adapts the management of personal data to new digital environments, such as the Internet and mobile apps. This way, you have more control over your personal data.

When will the new rules apply?
The European Union adopted the Regulation in 2016. Member States must apply it from 25 May 2018.

What changes will it make for you?
European legislation adds new rights to those contained in current Spanish legislation. For this reason, we must update the information at your disposal on the data protection measures in the company. We will also ask for your permission to process your data in some new cases. In this way, we will be able to offer you a service more adapted to your needs.

Do you have to consent to all treatments on their data?
Consenting to all treatments will allow us to offer you a better service and as adapted as possible to your needs, but you may not. Even so, if you opt for the latter, we must always treat your data for some mandatory matters for maintenance and / or regulatory compliance of the product or services you have contracted. You will always be able to consult all the treatments and purposes we do with your personal information.

What happens if you do not want to authorize certain processing of your data?
You will not receive most of our communications, and in addition, some dealings with us will be slower and we may not even be able to provide some of the services we offer.

Can you modify your consents whenever you want?
Yes. You can apply through the usual channels of communication with the company.

Does this regulatory change affect all companies?
Yes, all companies with personal data must comply with the Regulation.

 

PRIVACY POLICY AND PROTECTION OF PERSONAL DATA OF COUNCILBOX TECHNOLOGY, S.L.

 

1. CONTROLLER

COUNCILBOX TECHNOLOGY, S.L., hereinafter COUNCILBOX, is responsible for the processing of your personal data and informs you that these data will be processed in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 of 27 April 2016 (RGPD), so you are provided with the following information on the processing of personal data.
COUNCILBOX TECHNOLOGY, S.L.

CIF: B27815596

Pontes nº4, planta primera, puerta 15 36350 Nigrán Pontevedra (España)

Email: rgpd@councilbox.com

2. PURPOSE OF THE PROCESSING

In COUNCILBOX we prioritize the service to our customers and we have always been concerned about the protection of their data, so we want to be transparent with the use we make of them in order to continue offering the best service.

In order to comply with the new General Data Protection Regulations (RGPD), we need your consent and inform you of the processing of your personal data for the following purposes:

  • The provision of services, including maintaining, supporting and monitoring the performance of the services and products you have contracted with us The management of the business relationship, including the completion and delivery of orders, billing and accounting procedures.
  • The inclusion in our agenda of contacts and being able to contact you by mail, email, telephone, instant messaging or any other physical or telematic means.
  • Communicate news and developments on products and services, Communicate training activities and invite you to events and presentations.
  • Communicate technical information and general information of your interest based on your commercial profile.
  • Carry out satisfaction surveys or on your needs for products and services.
  • Carry out customer loyalty actions and programs.

We inform you that we will be able to keep you  informed of our activities through any means you have provided us or any other analogous system of communication, offering you at all times the possibility of unsubscribing from these mails.

Time limits for the storage of personal data

The personal data provided will be kept for as long as the contractual, commercial and service provision relationship is maintained, for as long as it is necessary for the fulfilment of legal responsibilities, for as long as there is a mutual interest in maintaining the purpose of the processing and for as long as the holder of the data does not exercise his right of suppression or opposition to the processing. When no longer  necessary, personal data will be deleted with appropriate security measures to ensure anonymity or total destruction.

3. LEGITIMISATION OF PROCESSING

The legitimate basis for the processing of your personal data is the consent given at the time and in its absence the legitimate interest with respect to the performance of the contractual or pre-contractual relationship and manage the provision of services and products you have contracted with us as a customer or those you request as a potential customer, respond to requests for budgets, service offers or information about our products and services, as well as the consent you give us, and in its absence the legitimate interest, to send the information we deem of interest. In any case, the holder may oppose the processing of the data at any time by means of the procedure indicated in this policy.

4. ADDRESSEES, COMMUNICATIONS TO THIRD PARTIES AND CONFIDENTIALITY

COUNCILBOX does not communicate your personal data to third parties and maintains absolute confidentiality with respect to the information of your contacts or clients, unless the communication of the data was necessary for the provision of the service. In the same way, COUNCILBOX may communicate personal data in compliance with their legal obligations to official bodies and other entities whose transfer is required by compliance with current legislation.

Therefore your data will only be communicated to third parties by legal obligation or in the event that such communication of data was necessary for the provision of services and products contracted with us, therefore may access the personal data of contacts and customers employees of COUNCILBOX and those third parties, partners and suppliers who participate in the provision of services and products of COUNCILBOX to its customers and who treat the data referred to in the name and on behalf of COUNCILBOX as a result of their provision of services. By way of illustration and without limitation, they are providers of logistics and courier services, legal, tax and accounting advice, companies providing technological services, companies providing computer services.

5. RIGHTS OF DATA SUBJECTS

Anyone has the right to obtain confirmation as to whether or not we at COUNCILBOX are processing personal data concerning them. The data subject has the following rights :

  • Right to withdraw consent at any time.
  • Right to access your personal data, as well as to request the rectification of inaccurate data, portability or, as the case may be, its deletion when, among other reasons, the data are no longer necessary for the purposes for which they were collected.
  • Right to request limitation of the processing of your data, in which case we will only keep them for the exercise or defence of claims.
  • Right to object to the processing of your data, in which case we will stop processing the data, except for compelling legitimate reasons, or the exercise or defense of possible claims.
  • Right to lodge a complaint with the competent supervisory authority, the Spanish Data Protection Agency (AEPD), if it considers that the processing does not comply with current legislation.

To exercise your rights you may do so by sending a communication

By physical mail:

COUNCILBOX TECHNOLOGY, S.L.

Pontes nº4, first floor, door 15

36350 Nigrán

Pontevedra (Spain)

By e-mail: rgpd@councilbox.com

6. ORIGIN OF PERSONAL DATA

The personal data that we treat in COUNCILBOX come from the holder when he contracts products or services with us or when he requests information through consultations or budgets by any means. Also of the visits received or contacts made in events, fairs and conventions to which we attend. Sometimes also from open sources of information, such as official journals and bulletins, public registers or telephone directories.

The categories of data processed are identification data, professional data, business and economic data, postal and electronic addresses. No specially protected data is processed.

Data collection at events and other assumptions

In the event that you have attended an event organized or attended by COUNCILBOX or have been visited or contacted by COUNCILBOX professionals, it is possible that you have provided your personal data, as well as your e-mail, telephone or other contact details. In this sense, COUNCILBOX will use your data to send you the information requested by you, as well as to keep you informed of the company’s activity for the purposes indicated in the corresponding section above.

Data relating to customers and suppliers

In the event that you have provided your data as a contact person of a customer company, potential customer or supplier or as an individual entrepreneur or collaborator of COUNCILBOX we inform you that we will use your personal data for the maintenance of the contractual relationship, with the possibility that we will keep you informed of the activities of the group as indicated in this privacy policy. The data provided by the contact of the customer, potential customer or supplier as a result of the maintenance of this contractual relationship extends not only to the data of the signatories of contracts, proposals or estimates, but all personal data that were necessary for the achievement of the contractual or pre-contractual relationship. In this sense, the client, potential client or supplier must inform the same of these circumstances, if it considers it appropriate, guaranteeing in any case that it has the consents that may be necessary.

Data relating to candidates submitted for job offers

If you have provided your data as a potential candidate for a job offer to become part of COUNCILBOX, we inform you that the data will be used to manage your application.

7. SECURITY OF PERSONAL DATA

COUNCILBOX has implemented in its work centres, computer systems, communications infrastructures, etc., the security measures required by personal data protection regulations. It has also adopted logical, physical, organisational, contractual, etc. measures to prevent unauthorised access to data by third parties, destruction, modification, reproduction, disclosure, transmission or reuse.

However, whenever you provide personal information over the Internet, there is a risk that third parties, whose control is beyond our control, may intercept this information and use it. Although we at COUNCILBOX strive to protect personal information and your privacy we cannot guarantee the security of information you disclose over the Internet and under your responsibility.

8. VALIDITY AND MODIFICATIONS OF THE PRIVACY AND PERSONAL DATA PROTECTION POLICY

The Privacy and Personal Data Protection Policy by COUNCILBOX is in force from the date of its publication on the website, the user can consult it online or print and file it whenever needed. COUNCILBOX is entitled to modify and update its Privacy Policy and Personal Data Protection at any time, in particular to adapt to new regulations or uses of personal data. In this case, he will inform and inform the owner of the data through the email address provided by him, being the responsibility of the owner of the data to consult and read the email sent by COUNCILBOX.

9. APPLICABLE LAW AND COMPETENT JURISDICTION

The consent and acceptance of the conditions of the Privacy Policy and Protection of Personal Data of COUNCILBOX implies knowledge and compliance with the legal warnings expressed here and, in particular, that conflicts relating to them will be governed exclusively by Spanish law, being the Spanish Courts and Tribunals the only competent.

 

ADDITIONAL PROVISIONS

10. DUTY OF SECRECY AND CONFIDENTIALITY IN THE PROCESSING OF PERSONAL DATA

In COUNCILBOX we consider that the confidentiality of information is a necessary element in the provision of services. Therefore, the persons who intervene in the treatment of the information of the clients and also in that relating to the personal data of physical persons and access, directly or indirectly to the data, will observe at all times the Duty of Secrecy with regard to the personal data that they know in the development of their activity.

The Duty of Secrecy constitutes an obligation for COUNCILBOX, the members of the management and management bodies, the persons with an employment contract and the professionals who provide services with a commercial contract. It also imposes an obligation on suppliers of goods and services and their employees, processors and their employees, or any other subcontractors and their employees.

The Duty of Secrecy survives after the termination of the employment or commercial relationship established with the company, both for employees and professionals hired by COUNCILBOX and those hired by those in charge of treatment and suppliers who supply goods or services to COUNCILBOX.

We do not sell, trade, or otherwise transfer your personal information to third parties, other than as necessary for the provision of the services.

11. PROCESSING OF PERSONAL DATA BY COUNCILBOX TECHNOLOGY, S.L. AS THE PROCESSOR ON BEHALF OF COUNCILBOX CUSTOMERS

COUNCILBOX will be enabled and considered as the person in charge of the processing, to process on behalf of its clients, who are responsible for the processing, the personal data necessary to provide the services contracted to COUNCILBOX. Only the essential personal data will be treated, by instructions of the client and for the fulfillment of the contractual relation with this one and in addition whenever the personal data are stored in the servers of COUNCILBOX, committing us to:

  • Use the personal data object of treatment, to which it has access or visualization, or those that it needs to collect, only for the purpose object of the order.
  • Process the data according to the customer’s instructions.
  • Keep a record of activities.
  • Maintain the Duty of Secrecy in respect of all information, including personal data, to which you have had access by virtue of the contractual relationship, even after the contractual relationship has ended.
  • Ensure that persons authorized to process personal data are committed to respecting confidentiality and complying with appropriate security measures.
  • Ensure the necessary training in the protection of personal data of persons authorised to process personal data.
  • To notify the customer, without undue delay and through the email address indicated by the customer, of violations of personal data security by COUNCILBOX of which we are aware and which may affect the personal data responsibility of the customer, along with all relevant information for documentation and communication of the incident.
  • COUNCILBOX will not communicate or permit access to the personal data of the client to third parties, except in legally admissible cases or when it needs to subcontract the provision of services with third parties in order to comply with the contractual relationship with the client. In this case, COUNCILBOX will sign the corresponding contract with the subcontracted supplier, which will contemplate the same conditions as those assumed by COUNCILBOX.
  • Maintain the technical, operational and organisational security measures necessary to guarantee the permanent confidentiality, integrity, availability and resilience of computer systems and personal data processing services.
  • Upon termination of the contractual relationship and the provision of services that lead to access, processing or display of personal data responsibility of the customer, COUNCILBOX as responsible for processing will return to the customer, as responsible for processing the personal data, and delete any copy you keep in your possession. However, you may keep the data blocked in order to attend to possible administrative or jurisdictional responsibilities, or any other that corresponds to you by law.
  • COUNCILBOX will make available to the client, as the party responsible for the processing, all the information necessary to demonstrate compliance with its obligations, as well as for the performance of audits or inspections carried out by the data controller or another auditor authorized by him.