Privacy Policy

Introducción

This Privacy Policy has been developed taking into account the provisions of the Organic Law on the Protection of Personal Data in force, as well as Regulation 2016/679 of the European Parliament and of the Council of April 27, 2016 regarding the protection of natural persons with regard to the processing of personal data and the circulation of these data, hereinafter the GDPR.

The purpose of this Privacy Policy is to inform the holders of personal data, in respect of whom information is being collected, of the specific aspects relating to the processing of their data, including, among other things, the purposes of the processing, contact information for exercising their rights, information retention periods and security measures, among other things.

Data Controller

In terms of data protection, Milimetric Marketing SL must be considered the Data Controller, in relation to the files/processing identified in this policy, specifically in the Data Processing section.

The identifying details of the owner of this website are listed below:

Data Controller: Milimetric Marketing SL

Postal address: Calle major 1 , 08394, Sant Vicenç de Montalt, (Barcelona).

Email address: info@milimetricmkt.com

Data processing

The personal data requested, if applicable, will consist only of those strictly necessary to identify and respond to the request made by the owner of the same, hereinafter the interested party. Said information will be treated in a fair, lawful and transparent manner in relation to the interested party. Furthermore, personal data will be collected for specific, explicit and legitimate purposes, and will not be subsequently processed in a manner incompatible with said purposes.

Los datos recogidos de cada interesado serán adecuados, pertinentes y no excesivos en relación a las finalidades correspondientes para cada caso, y serán actualizados siempre que sea necesario.

The data subject will be informed, prior to the collection of his/her data, of the general details regulated in this policy so that he/she can give express, precise and unequivocal consent for the processing of his/her data, in accordance with the following aspects.

Purposes of the treatment.

The explicit purposes for which each of the treatments are carried out are included in the informative clauses incorporated in each of the data collection channels (web forms, paper forms, announcements or posters and informative notes).

However, the personal data of the interested party will be processed with the exclusive purpose of providing an effective response and responding to the requests made by the user, specified together with the option, service, form or data collection system that the owner uses.

Legitimation

As a general rule, prior to processing personal data, Milimetric Marketing SL obtains express and unequivocal consent from the owner of the data, by incorporating informed consent clauses in the different information collection systems.

However, in the event that the consent of the interested party is not required, the legitimate basis for the processing under which Milimetric Marketing SL relies is the existence of a specific law or regulation that authorizes or requires the processing of the data of the interested party.

Recipients

As a general rule, Milimetric Marketing SL does not transfer or communicate data to third parties, except as required by law. However, if necessary, such transfers or communications of data are reported to the interested party through the informed consent clauses contained in the different ways of collecting personal data.

Origin

As a general rule, personal data is always collected directly from the interested party, however, in certain exceptions, the data may be collected through third parties, entities or services other than the interested party. In this regard, this information will be transferred to the interested party through the informed consent clauses contained in the different information collection channels and within a reasonable period, once the data has been obtained, and at the latest within one month.

Conservation periods

The information collected from the interested party will be kept as long as necessary to fulfill the purpose for which the personal data was collected, so that, once the purpose has been fulfilled, the data will be cancelled. Such cancellation will result in the blocking of the data, which will be kept only at the disposal of the AAPP, Judges and Courts, to address possible liabilities arising from the processing, during the limitation period of these; once the aforementioned period has elapsed, the information will be destroyed.

For information purposes, the legal periods for retaining information in relation to different matters are listed below:

DOCUMENT	TERM	LEGAL REF.
Documentation of a labor nature or related to social security	4 years	Article 21 of Royal Legislative Decree 5/2000, of August 4, approving the revised text of the Law on Infringements and Sanctions in the Social Order
Accounting and tax documentation for commercial purposes	6 years	Art. 30 Commercial Code
Accounting and tax documentation for tax purposes	4 years	Articles 66 to 70 of the General Tax Law
Building access control	1 month	Instruction 1/1996 of the AEPD
Video surveillance	1 month	Instruction 1/2006 of the AEPD Organic Law 4/1997

 

Browsing data.

In relation to the browsing data that may be processed through the website, in the event that data subject to the regulations are collected, it is recommended that you consult the Cookies Policy published on our website.

Rights of interested parties.

Data protection regulations grant a series of rights to interested parties or data owners, users of the website or users of the social media profiles of Millimetric Marketing SL.

The rights of interested parties are as follows:

• Right of access: right to obtain information about whether your own data is being processed, the purpose of the processing being carried out, the categories of data being processed, the recipients or categories of recipients, the retention period and the origin of said data.
• Right to rectification: right to obtain rectification of inaccurate or incomplete personal data.
• Right to deletion: right to obtain the deletion of data in the following cases:
  • When the data is no longer necessary for the purpose for which it was collected
  • When the owner thereof withdraws consent
  • When the interested party opposes the treatment
  • When they must be deleted in compliance with a legal obligation
  • When the data has been obtained pursuant to an information society service based on the provisions of art. 8 section 1 of the European Data Protection Regulation.
• Right to object: right to object to certain processing based on the data subject’s consent.
• Right to limitation: right to obtain limitation of data processing when any of the following situations apply:
  • When the interested party challenges the accuracy of the personal data, for a period that allows the company to verify the accuracy of the same.
  • When the processing is unlawful and the data subject opposes the deletion of the data.
  • When the company no longer needs the data for the purposes for which it was collected, but the interested party needs it for the formulation, exercise or defense of claims.
  • When the interested party has opposed the treatment while it is verified whether the legitimate reasons of the company prevail over those of the interested party.
• Right to portability: the right to obtain data in a structured, commonly used and machine-readable format and to transmit it to another data controller when:
  • The treatment is based on consent
  • The treatment is carried out by automated means
• Right to lodge a complaint with the competent supervisory authority

Interested parties may exercise the indicated rights by contacting Milimetric Marketing SL, in writing, sent to the following address: info@milimetricmkt.com indicating in the Subject line the right they wish to exercise.

In this regard, Milimetric Marketing SL will respond to your request as soon as possible and taking into account the deadlines provided for in the regulations on data protection.

Security

The security measures adopted by Milimetric Marketing SL are those required, in accordance with the provisions of article 32 of the GDPR. In this regard, Milimetric Marketing SL, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of the processing, as well as the risks of varying probability and severity for the rights and freedoms of natural persons, has established appropriate technical and organizational measures to ensure the level of security appropriate to the existing risk.

In any case, Milimetric Marketing SL has implemented sufficient mechanisms to:

1. Ensure the ongoing confidentiality, integrity, availability and resilience of treatment systems and services.
2. Restore availability and access to personal data quickly in the event of a physical or technical incident.
3. Verify, evaluate and assess, on a regular basis, the effectiveness of the technical and organisational measures implemented to ensure the security of the processing.
4. Pseudonymize and encrypt personal data, where appropriate.