Privacy Policy

PRIVACY AND PERSONAL DATA PROTECTION POLICY

OPENSPRINGIT IBERIA S.L.U is a company committed to the legal, fair and transparent treatment of personal information provided by users. We are committed to comply with the principles of confidentiality and data integrity.

In order to comply with the duty of information, and for a better understanding, we have prepared an index to make the information as accessible as possible.

  1. Identification and contact details of the data controller.
  2. How we treat your data and security measures adopted.
  3. Necessary and updated information.
  4. General information: Description of the information contained in the privacy policy.
  5. Detailed information on the treatments performed by the company.
  6. Exercise of your rights.
  7. Privacy Policy Update
  1. IDENTIFICATION AND CONTACT DETAILS OF THE DATA CONTROLLER.

Identity: OPENSPRING IT IBERIA S.L.U

Address: c/ José Lázaro Galdiano, 4, 3ª Planta – 28036 (Madrid).

CIF: B85128379

Phone Number: +34 91 781 43 34

Email: info@openspring.com website: www.openspring.com

Data Protection Officer: dpo@openspring.com

 

2.- HOW WE TREAT YOUR DATA and SECURITY MEASURES ADOPTED.

All personal information provided by the interested party will be treated in a lawful, fair and transparent manner.

We are committed to scrupulously comply with the principles of data quality and data minimization, so that the data is adequate, relevant and not excessive. The data will be processed exclusively for the purposes for which they were collected.

Data processing will be carried out in accordance with our commitment to data integrity and confidentiality.

We do not process data of special protection, or especially sensitive data, as established in the RGPD.

We undertake to adopt, update and maintain the organizational and technical measures necessary to ensure the security and confidentiality of personal data, preventing any alteration, loss, treatment, processing or unauthorized access.

This obligation shall be developed in accordance with the state of technology, the nature of the data and the risks to which they are exposed, whether from human action or from the physical or natural environment.

Who will take care of your data in OPENSPRING?

OpenSpring’s Data Protection Officer, popularly known as DPO (Data Protection Officer), will be the guarantor within our organization of compliance with data protection regulations.

The DPO will have a team of privacy experts to support and assist our users.

You can contact the Data Protection Delegate at the following e-mail address dpo@openspring.com, or if you prefer, at the postal address c/ José Lázaro Galdiano, 4, 3ª Planta – 28036 (Madrid).

 

  1. NECESSARY AND UPDATED INFORMATION.

In the forms found on the web, all fields marked with an asterisk (*) must be filled in, so that the omission of any of the required data will make it impossible to provide the requested services.

It is the obligation of the owner of the data to provide true, truthful and updated information.

So that the information provided is always updated and does not contain errors, the interested party must communicate, as soon as possible, the modifications and rectifications of their personal data that occur through an email to the address: info@openspring.com

If the website contains a customer or user area, it is essential that you remember the reference numbers, passwords and access codes that the user creates or is provided with.

The user shall be solely responsible for the use, authorized or not, of his personal account, and in this regard undertakes to make diligent use of such information, not to make it available to third parties, and to report its loss or theft.

You can also update your personal data through your private area on the Web.

Processing of underage data

Minors may not use the services available through the Website.

Links to other websites:

Our website may provide links to other websites.

We have no control over the collection, use and disclosure of your personal data by third party organizations, such as social media platforms like Facebook, Twitter, Google, or any other social media platform provider.

We are not responsible for the privacy policies of the websites you access from our links.

We are not responsible for the privacy policies of the websites you access from our links.

We encourage you to review the privacy statements and policies of linked websites to understand how those websites collect, use and store information.

Cookies

We collect information through the use of cookies. Cookies are small text files that are automatically stored on your computer or mobile device when you visit almost any website. They are stored through the Internet browser. Cookies contain basic information about your use of the Internet. Your browser sends these cookies back to the website each time you revisit it, so that it can recognize your computer or mobile device, as well as personalize and enhance your browsing experience.

You can find more detailed information about which cookies and similar technologies we use in our Cookie Policy, and in our Cookie Consent Tool.

The help section of the toolbar of most browsers will tell you how to prevent your browser from accepting new cookies, how to have your browser notify you when you receive a new cookie, or how to disable non-essential types of cookies.

 

  1. GENERAL INFORMATION: DESCRIPTION OF THE INFORMATION CONTAINED IN THE PRIVACY POLICY.

 

  1. In this privacy policy you will find in the section “5.. Detailed information on the treatments performed by the company“detailed information identifying each of the different treatments carried out by OPENSPRING IT IBERIA S.L.U. as appropriate.

In this section you will be informed about:

  • The purposes of the processing of your personal data, clearly describing the purposes of the processing.
  • Data retention periods, or criteria for data retention.
  • If automated decisions are made, profiles and logic applied.
  • The legal bases or “legitimation”, which allow the processing of your data by our company for each of the purposes indicated.
  • The legal bases or “legitimation”, which allow the processing of your data by our company for each of the purposes indicated.
  • The forecast of international transfers of data to third countries, indicating which guarantees legitimize the possible transfer of data to countries that are not in the European Economic Area.

 

  1. DETAILED INFORMATION ON THE TREATMENTS PERFORMED BY OPENSPRING IT IBERIA S.L.U.

5.1.- Treatment of data of interested parties in information on our services.

If you are interested, please contact us:

  • Filling in the contact forms contained in the web page.
  • Calling our sales department.

Data provided by the interested party: This is basic identification data: NAME, SURNAME, EMAIL, TELEPHONE, ADDRESS, ZIP CODE, CITY, COUNTRY and MESSAGE.

In the contact forms, all fields marked with an asterisk (*) must be filled in, so that the omission of any of the required data will make it impossible to provide the requested services.

Purpose of treatment: The purposes of the treatment of the Personal data collected in the form, will be used to send you commercial communications of information of our services, by electronic means (e-mail, sms, mms, etc.), through telephone calls to the telephone number provided, and mailing of advertising campaigns of services and news of OpenSpring.

Data retention period: Personal data will be retained for a period of five years from the last confirmation of interest.

Profiling: No commercial profiling will be carried out, nor will automated decisions be made that may affect your rights and freedoms.

Legal Basis / Legitimation: The explicit consent of the data subject.

Recipients: Your data will not be disclosed to third parties, unless there is a legal obligation that requires us to do so.

International Data Transfers: In the processing of your data by our entity, we need to contract external services that may involve your data being stored and/or processed by organizations that are established or operate from outside the European Union, which would imply that we carry out international transfers of your data.

Before proceeding with the contracting of any data processor, we ensure that the due guarantees established by the European Data Protection Commission are offered. If the organization operates from the United States we check that it is covered by (Privacy Shield), or any other basis that legitimizes the international transfer of data.

 

5.2.- Customer data processing.

The customer provides us with his data in contracts, purchase orders or any other binding contractual and/or commercial document.

– Identifying data are collected: NAME, SURNAME, TELEPHONE, EMAIL, BANKING DATA, COMMERCIAL INFORMATION, SIGNATURE, MINIMUM AND IMPRESSIVE DATA TO MANAGE OUR COMMERCIAL RELATIONSHIP.

No specially protected or sensitive data is processed.

– In order to manage the business and contractual relationship, our customers provide us with contact details of employees and even suppliers who are responsible for specific departments. These data are strictly limited to professional reasons necessary to manage the relationship with the customer, it is the customer’s obligation to have previously obtained the consent of the person concerned to provide us with their data.

Purpose of the treatment: The main purpose of the treatment of our clients’ data is commercial, administrative, organizational, accounting and fiscal management.

In addition, with the consent of the person concerned, personal data will be used to send commercial communications of information about our services, by electronic means (email, sms, mms, etc.), through telephone calls to the telephone number provided, and sending postal mail advertising campaigns of services and news from OPENSPRING IT IBERIA S.L.U.

Data retention period: The data will be retained for the periods required by tax regulations, and applicable regulations to accredit the fulfillment of our professional responsibilities.

Profiling: No commercial profiling will be carried out, nor will automated decisions be made that may affect your rights and freedoms.

Legal Basis / Legitimation: Execution of a contract, and consent of the interested party for the remission of commercial information.

We are also entitled to process your data for legal reasons, in order to comply with the appropriate tax obligations.

Recipients: In compliance with the principle of transparency in the duty of information, we inform you that your personal data may be transferred to:

– Insurance Companies with which we have contracted a liability insurance policy, in which you are a beneficiary.

– Tax Agency

– Bank entities for collection of invoices and remittances.

– Any other entity or professional that is necessary and essential for the execution of the contract or provision of services.

– Companies in charge of the processing such as consultancy, consultants, companies responsible for software maintenance, server or web hosting, backup management, e-mail providers, etc.

Except for the cases indicated above, the data will not be transferred to any third party entity, except by legal obligation, legal requirement, or with the prior consent of the owner of the data.

International Data Transfers: In the processes of processing of your data carried out by our entity, we need to contract external services that could imply that your data is stored and/or processed by organizations that are established or operate from outside the European Union, which would imply that we carry out international transfers of your data.

In case of contracting a US-based data processor, we ensure that the appropriate safeguards established by the European Data Protection Commission (Privacy Shield) are provided.

 

 

5.3.- Treatment of data of those interested in working in OPENSPRING IT IBERIA S.L.U.

 

The interested party can provide us with his or her data

  • Filling out the contact form “Would you like to work with us?” contained in the web page.
  • By sending a postal mail to the addresses listed on the website.

 

Data provided by the interested party: The candidate voluntarily provides: NAME, SURNAME, EMAIL, TELEPHONE, CURRICULUM VITAE FILE (with the data that the candidate considers appropriate) and MESSAGE.

If the web page contains a contact form, all fields marked with an asterisk (*) must be filled in, so that the omission of any of the required data will make it impossible to send the message.

If you are interested, please send us your Curriculum Vitae.

Purpose of the treatment: The purpose of the treatment of the candidates’ data will be incorporated in a treatment register with the purpose of being able to participate in the personnel selection processes carried out by the company OPENSPRING IT IBERIA S.L.U.

Data retention period: Personal data will be kept for a period of six months from the time the interested party has submitted their data, or if applicable, has provided us with their Curriculum Vitae.

Profiling: No automated decisions will be made that may affect your rights and freedoms.

Legal Basis / Legitimation: The explicit consent of the interested party who voluntarily sends us his or her Curriculum Vitae, and/or fills out the “Work with us” form.

Recipients: Except for the cases indicated above, the data will not be transferred to any third party entity, except by legal obligation, legal requirement, or with the prior consent of the owner of the data.

International Data Transfers: In the processing of your data by our entity, we need to contract external services that may involve your data being stored and/or processed by organizations that are established or operate from outside the European Union, which would imply that we carry out international transfers of your data.

Before proceeding with the contracting of any data processor, we ensure that the due guarantees established by the European Data Protection Commission are offered. If the organization operates from the United States we check that it is covered by (Privacy Shield), or any other basis that legitimizes the international transfer of data.

 

5.4.- Data processing of our suppliers.

Purpose of the treatment: The purpose of the treatment of the data of the suppliers of the company OPENSPRING IT IBERIA S.L.U. is the commercial, administrative, accounting and fiscal management of the same.

In order to manage the business and contractual relationship, our suppliers provide us with contact data of employees who are responsible for specific departments. These data are strictly limited to professional reasons necessary to manage the relationship with the supplier. It is the obligation of the supplier to have previously obtained the consent of the data subject to provide us with his/her data.

Data retention period: Personal data will be retained for as long as the contractual relationship with the supplier is in force. In addition, they will be kept for the periods required by tax regulations.

Profiling: No profiling will be carried out, nor will automated decisions be made that may affect the rights and freedoms of the interested parties.

Legal Basis / Legitimation: Execution of a contract and provision of services.

We are also entitled to process your data for legal reasons, in order to comply with the appropriate tax obligations.

Recipients: In compliance with the principle of transparency in the duty of information, we inform you that your personal data may be transferred to:

– Tax Agency

– Bank entities for the payment of invoices and remittances.

– Any other entity or professional that is necessary and essential for the execution of the contract or provision of services.

– Companies in charge of the processing such as consultancy, consultants, companies responsible for software maintenance, server or web hosting, backup management, e-mail providers, etc.

– Clients of the company OPENSPRING IT IBERIA S.L.U, in cases of subcontracting services.

Except for the cases indicated above, the data will not be transferred to any third party entity, except by legal obligation, legal requirement, or with the prior consent of the owner of the data.

International Data Transfers: In the processing of your data by our entity, we need to contract external services that may involve your data being stored and/or processed by organizations that are established or operate from outside the European Union, which would imply that we carry out international transfers of your data.

In case of contracting a US-based data processor, we ensure that the appropriate safeguards established by the European Data Protection Commission (Privacy Shield) are provided.

 

  1. EXERCISE OF THEIR RIGHTS.

Any person has the right to obtain confirmation as to whether or not we are processing personal data concerning them.

Interested parties have the right to access their personal data, and to obtain a copy of the personal data being processed, as well as to request the rectification of inaccurate data, or, where appropriate, to request its deletion, when, among other reasons, the data is no longer necessary for the purposes for which it was collected.

In certain circumstances, the interested parties may request the limitation of the processing of their data, in which case, we will only keep them for the exercise or defense of claims.

In certain circumstances, and for reasons related to their particular situation, data subjects may object in whole or in part, for legitimate reasons, to the processing of their data. The data will no longer be processed, except for compelling reasons, or the exercise or defense of possible claims.

The owner of the data has the right to withdraw the consent given.

In certain circumstances, you may exercise your right to data portability, which means that your personal data may be transferred directly from one entity to another entity, where technically feasible.

In certain circumstances, you may exercise your right to data portability, which means that your personal data may be transferred directly from one entity to another entity, where technically feasible.

Any interested party shall have the right to lodge a complaint with a supervisory authority. The Supervisory Authority in Spain is the Spanish Data Protection Agency (Agencia Española de Protección de Datos), Calle Jorge Juan 6 – 28001 – Madrid, Email: info@agpd.es

How can you exercise your rights in relation to your data?

To exercise your rights of access, rectification, deletion, limitation or opposition, portability and withdrawal of your consent, you can do so as follows:

In writing, accompanied by proof of identity, addressed to OPENSPRING IT IBERIA S.L.U., c/ José Lázaro Galdiano, 4, 3ª Planta – 28036 (Madrid)

By email to dpo@openspring.com

 

7.- PRIVACY POLICY CHANGES.

This Privacy Policy may need to be updated; therefore it is necessary that you review this policy periodically, and if possible each time you access the Web Site in order to be adequately informed about the type of information collected and its treatment.