USER INFORMATION

Who is responsible for the processing of your personal data?

NETPALMA E HIJOS S.L is responsible for the processing of the user’s personal data and informs you that this data will be processed in accordance with the provisions of Regulation (EU) 2016/679, of 27 April (GDPR), and Organic Law 3/2018, of 5 December (LOPDGDD).

What type of data do we request and process?

Depending on the form or way of obtaining your data, we always ask you for the minimum necessary to fulfil the purposes detailed in each case.

What do we process your personal data for and why do we do it?

Depending on the form where we have obtained your personal data, we will process it in a confidential manner to achieve the purposes:
In the Contact form

To respond to queries or any type of request made by the user through any of the contact forms made available on the website of the controller.
(for the legitimate interest of the responsible, art. 6.1.f GDPR)
Send commercial advertising communications by e-mail, fax, SMS, MMS, social networks or any other electronic or physical means, present or future, that enable commercial communications to be made. These communications will be carried out by the data controller and will be related to its products and services, or those of its collaborators or suppliers, with whom it has reached a promotional agreement. In this case, third parties will never have access to the personal data.
(by consent of the data subject, 6.1.a GDPR)
To carry out statistical analyses and market research.
(for the legitimate interest of the data controller, art. 6.1.f GDPR)
In the Newsletter form

To send newsletters, news, offers and online promotions.
(by consent of the data subject, 6.1.a GDPR)

In the form Request a quote

Send commercial quotations for products and services.
(for the execution of a contract or pre-contract, 6.1.b GDPR).
Send commercial advertising communications by e-mail, fax, SMS, MMS, social networks or any other electronic or physical means, present or future, that enable commercial communications. These communications will be carried out by the data controller and will be related to its products and services, or those of its collaborators or suppliers, with whom it has reached a promotional agreement. In this case, third parties will never have access to the personal data.
(by consent of the data subject, 6.1.a GDPR)

On the CV form

To involve the data subject in recruitment processes and to analyse the applicant’s profile with the aim of selecting a candidate for the vacant position of the controller.
(by consent of the data subject, 6.1.a GDPR)

In the Testimonial form

Moderate and publish on the website the user’s experiences, opinions and suggestions about a product or service.
(by consent of the data subject, 6.1.a GDPR)
In the Ethics or Whistleblowing Channel form

Appropriately manage the ethical channel, processing the corresponding irregularities reported through it, and deciding on the appropriateness of initiating an investigation, in order to detect possible offences and prevent the imposition of any type of liability, as well as to avoid any type of conduct contrary to the internal or external regulations of the entity.
(for compliance with a legal obligation, 6.1.c GDPR)
In the User registration form

To manage the user’s account in order to provide the user with personalised access to the website and the interactive services it offers.
(by consent of the data subject, 6.1.a GDPR)

In the form Appointments

To schedule appointments and meetings with the data controller.
(for the legitimate interest of the data controller, art. 6.1.f GDPR)
Social Networking

Contact through Social Networks in order to maintain a relationship between the User and the Controller, which may include the following operations: – Processing your requests and queries. – Inform about activities and events. – Inform about products and/or services. – Interact through official profiles. The user has a profile on the same social network and has decided to join the social network of the Controller, thus showing their interest in the information published therein, therefore at the time of requesting to follow our official page, they provide us with their consent for the processing of their data. The User may at any time access the privacy policies of the social network itself, as well as configure their profile to guarantee their privacy. Once the User is a follower or has joined the Responsible Party’s social network, he/she may publish comments, links, images, photographs or any other type of content supported by the same.
The User, in all cases, must be the owner of the content published, hold the copyright and intellectual property rights or have the consent of the third parties concerned. – Sending commercial communications relating to the activities of the Group’s companies, as well as external companies with which commercial collaboration or intermediation agreements have been established.
(with the consent of the data subject, 6.1.a GDPR).

Instant Messaging

Scheduling appointments and meetings with the data controller.
(for the legitimate interest of the data controller, art. 6.1.f GDPR)
Send commercial advertising communications by e-mail, fax, SMS, MMS, social networks or any other electronic or physical means, present or future, to customers, which enable commercial communications to be made concerning products or services that are similar to those initially contracted with the customer (art. 21.2 LSSI).
(for the legitimate interest of the data controller, art. 6.1.f GDPR)
To manage, maintain, improve or develop the services provided.
(for the performance of a contract or pre-contract, 6.1.b GDPR)
To manage your online purchase or order, process the payment and proceed with the shipment or activation of the payment, on the basis of the general terms and conditions.
(for the execution of a contract or pre-contract, 6.1.b GDPR)
Send commercial quotations for products and services.
(for the execution of a contract or pre-contract, 6.1.b GDPR)
Send commercial advertising communications by e-mail, fax, SMS, MMS, social networks or any other electronic or physical means, present or future, that enable commercial communications to be made. These communications will be carried out by the data controller and will be related to its products and services, or those of its collaborators or suppliers, with whom it has reached a promotional agreement. In this case, third parties will never have access to the personal data.
(by consent of the data subject, 6.1.a GDPR)
To respond to queries or any type of request made by the user through any of the contact methods made available on the website of the data controller.
(for the legitimate interest of the data controller, art. 6.1.f GDPR).
Video surveillance

Purpose Security and access control, labour and internal activity control Legitimation Public interest in security and access control and legitimate interest of the Data Controller based on Art. 20.3 of the Workers’ Statute Preservation Maximum 30 days
(by consent of the data subject, 6.1.a GDPR)

Images and recordings

File containing static and/or dynamic images. Includes publication in the media of the controller or third parties.
(by consent of the data subject, 6.1.a GDPR)
Customers and suppliers

Commercial management with customers and suppliers.
(for the legitimate interest of the data controller, art. 6.1.f GDPR)
Advertising opt-out

Data management to prevent the sending of commercial communications to those who have expressed their refusal or opposition to receiving them.
(for compliance with a legal obligation, 6.1.c GDPR)
Commercial advertising

Advertising management and commercial prospecting. Includes data from legitimate publicly available sources.
(for the legitimate interest of the controller, art. 6.1.f GDPR)

Rights of data subjects

To respond to requests from citizens in the exercise of their rights under the GDPR
(for the fulfilment of a legal obligation, 6.1.c GDPR)
Users Web, app and other platforms of the data controller

Identification data of users accessing the corporate website.
(for the legitimate interest of the data controller, art. 6.1.f GDPR)
Training, courses, workshops, activities or similar

Management of the conditions of access and use.
(for the legitimate interest of the controller, art. 6.1.f GDPR)

Connection to the Wifi network

Carry out statistical analyses and market research (in the legitimate interest of the data controller, art. 6.1.f GDPR).
Conduct satisfaction and quality surveys (in the legitimate interest of the data controller, art. 6.1.f GDPR).
(on the basis of the data subject’s consent, 6.1.a GDPR)
Legal representatives and contact persons

In the event that you are a legal representative or contact person of one of the entities or persons with whom the Foundation has a relationship, the data controller will process your data in order to monitor the development of the intended relationship.
(by consent of the data subject, 6.1.a GDPR)

How long will we keep your personal data?

They will be kept for no longer than is necessary to maintain the purpose of the processing or there are legal prescriptions dictating their safekeeping and when it is no longer necessary for that purpose, they will be deleted with appropriate security measures to ensure the anonymisation of the data or the total destruction of the data.

To whom do we disclose your personal data?

No communication of personal data to third parties is foreseen except, if necessary for the development and execution of the purposes of the processing, to our service providers related to communications, with whom the data controller has signed the confidentiality and data processor contracts required by the privacy regulations in force.

Do we carry out international transfers?

In accordance with the provisions of Article 44 of the GDPR, authorisation for the international transfer of data to a country that has not been declared as a country with an adequate level of protection may only be granted if sufficient guarantees are obtained. Thus, it may be granted if the controller provides a written contract, concluded between the data exporter and the data importer, containing the necessary guarantees of respect for the protection of data subjects and ensuring the exercise of their rights. It is possible that the data controller may use the services of suppliers who have servers or headquarters in other places and, therefore, these transfers are carried out. To consult the updated list of suppliers, please consult the data controller or via info@netpalma.net.

What are your rights?

The rights of the user are:

Right to withdraw consent at any time.
Right of access, rectification, portability and deletion of their data, and to limit or oppose its processing.
The right to lodge a complaint with the supervisory authority (www.aepd.es) if they consider that the processing does not comply with the regulations in force.
Contact details for exercising your rights:

NETPALMA E HIJOS S.L. C/ Gremi Fusters, 21 Nave 9 – 07009 Palma (Illes Balears). E-mail: info@netpalma.net

OBLIGATORY OR OPTIONAL NATURE OF THE INFORMATION PROVIDED BY THE USER

Users, by ticking the corresponding boxes and entering data in the fields marked with an asterisk (*) in the contact form or presented in download forms, expressly and freely and unequivocally accept that their data are necessary for the provider to deal with their request, the inclusion of data in the remaining fields being voluntary. The user guarantees that the personal data provided to the data controller are truthful and is responsible for communicating any changes to them.

The responsible informs that all the data requested through the website are obligatory, as they are necessary for the provision of an optimal service to the user. In the event that all the data is not provided, there is no guarantee that the information and services provided will be completely tailored to your needs.

If, by any means, you provide us with personal data of other people, the responsible party warns that you must do so with their consent and have previously informed us of the points contained in this Privacy Policy. Likewise, the data controller undertakes to provide any third party whose data you provide us with the relevant information, in accordance with the provisions of article 14 of the General Regulations.

SECURITY MEASURES

That in accordance with the provisions of the regulations in force on personal data protection, the controller is complying with all the provisions of the GDPR and LOPDGDD for the processing of personal data under its responsibility, and manifestly with the principles described in article 5 of the GDPR, whereby they are processed lawfully, fairly and transparently in relation to the data subject and are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.

The controller guarantees that it has implemented appropriate technical and organisational policies to apply the security measures established by the GDPR and the LOPDGDD in order to protect the rights and freedoms of users and has communicated the appropriate information to them so that they can exercise them.

For further information on privacy guarantees, you can contact the responsible party through NETPALMA E HIJOS S.L. C/Gremi Fusters, 21 Nave 9 – 07009 Palma (Illes Balears). E-mail: info@netpalma.net

EFFECTIVENESS

This privacy policy is effective as of 24/01/2024.

The controller reserves the right to modify this policy to adapt it to future legislative or jurisprudential updates that may be applicable, or for other technical, operational, commercial, corporate, etc. reasons. If, as a result of the changes, the rights of users are affected, the responsible party undertakes to inform about the reasons.