Adhoc informs to the users of this website about is data processing and protection policy regarding to personal data of users and clients that can be stored for web browsing, purchase of products or services procurement. AD-HOC ensures compliance with current regulations regarding personal data protection, as established in the Organic Law 15/1999 of December 13th of Personal Data Protection and Royal Decree 1720/2007 of December 21th, approving the Regulation for the Development of the Data Protection Law and General Regulation of Data Protection (EU) 2016/679.
In accordance with the current regulation on data protection, users are informed that AD-HOC has taken all the necessary technical and organizational measures to guarantee the fulfillment of the aforementioned regulation. All the personal data collected in forms are only processed by AD-HOC’s personnel or those entrusted with data protection here mentioned. All the necessary security measures have been taken and all needed means and techniques have been implemented to avoid the loss, improper use, alteration, unauthorized access and/or theft of the given information.
VERACITY OF THE DATA
The Client or User manifests that all data supplied by him are true and correct and commits to communicate AD-HOC any changes that may occur in them. The user will be responsible for the veracity of the data submitted and will be the sole responsible of any dispute that may result for the untruthfulness of them. It is important to keep the data updated that the users inform AD-Hoc of any given change, or we will not be able to ensure their veracity.
EXERCISE OF RIGHTS
The LOPD and RGPD confers the claimants the exercise of certain rights regarding their personal data processing. The user can exercise them with the data handled by AD-HOC. To do so, the user must contact AD-HOC using the following email address, email@example.com, and providing documentation that demonstrates his/her identity, such as ID or passport. The email must also contain the following information: name and surname of the user, address and identification document and the request.
The user must exercise his or her own rights. However, they may be exercised by an authorized person such as the legal representative. In that case, the documentation demonstrating this must be also provided.
The user can exercise the following rights:
- Right to request access to their personal data.
- Right to request change (in case they are not correct) or deletion of data.
- Right to request limitation of use, in which case they will only be kept by AD-HOC to exercise or defend claims.
- Right to object to the processing of personal data: AD-HOC will stop processing your data, except to defend its lawful rights or in defense of possible claims that are still unclosed.
- Right to portability of data: in case the user wants the data to be processed by other firm, AD-HOC will facilitate the portability.
In case the user had given consent to a particular purpose, the user is granted the right to withdraw the consent at any time without affecting the lawfulness of the data processing based of the consent given before the withdrawal.
If a user considers there is a problem with the way AD-HOC is processing their data, they can address their claims to the Security Responsible or data protection authority in the area, in this case, Agencia Española de Protección de Datos.
The disaggregated data will be stored without deletion date. In case of clients, the storage period will depend on the contracted service by the client. In any case, it will be the minimum necessary, being up to:
- 4 years: Ley sobre Infracciones y Sanciones en el Orden Solical Arts. 66 y sig. Ley General Tributaria
- 5 years: Art. 1964 Código Civil
- 6 years: Art. 30 Código de Comercio
- 10 years: Art. 25 Ley de Prevención del Blanqueo de Capitales y Financiación del Terrorismo.
In case of applicants, the data will be stored a maximum of two years if the applicant has not been selected to be incorporated in future calls, unless otherwise stated.
COLLECTION AND PROCESSING OF DATA
AD-HOC has a duty to inform the website users of the personal data that can be collected by sending an email or submitting a form. AD-HOC will be considered responsible of the data collected by the aforementioned means.
Furthermore, AD-HOC informs the users that the purpose of processing the data is to answer the requests of the users, include them in the list of contacts, and provide the necessary products or services and commercial management.
As established in LSSICE, AD-HOC undertakes not to send commercial communications without identifying them as such. In this sense, the information sent to clients to maintain the existing contractual will not be considered a commercial communication.
In any case, only the necessary information to perform the contracted service or to properly answer a given request will be processed.
COMMUNICATION TO THIRD PARTIES
AD-HOC will not give or provide third parties with the data provided by the user, except in those cases stipulated by law or unless the service so requires and always for the purpose which we have requested your consent.