In accordance with the provisions of both Regulation (EU) 2016/679 of the European Parliament and of the Council of 27th April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (GDPR) and also Act 3/2018 of 5th December on the Protection of Personal Data and the Guarantee of Digital Rights (LOPD-GDD) and other data protection regulations in force, Users of the website, who have voluntarily expressed their consent for the processing of personal data in a free, clear and unequivocal manner by ticking the box "Data Protection Policy", are hereby informed that their data will be processed in accordance with the company they are registered with, either by the company MAILTECK, S.A. or by the company CUSTOMER COMMUNICATIONS TECKNALIA, S.L., which shall be jointly referred to as CCMS.
Customer Communications Tecknalia, S.L.
Avenida de la Recomba nº 12-14 - 28914 Leganés (Madrid)
91 689 56 65
Contact with DPO: firstname.lastname@example.org
The information that you have provided has been collected in order to manage and process the request made.
CCMS will only process the data provided for the purposes described above and they will not be further processed in a way incompatible with those purposes.
In order to be able to offer you products and services according to your interests and to improve your user experience, we will produce a “commercial profile”, based on the information provided. However, automated decisions will not be made based on that profile.
The personal data provided will be kept as long as the commercial relationship is maintained, or its deletion is not requested by the interested party, for a period of 5 years from the last confirmation of interest.
The data subject, by providing their data through the channels that the CCMS companies facilitate to collect contact information (contact form, commercial visit, etc.).
ANNEX I: INFORMATION SECURITY MANAGEMENT SYSTEM POLICY
Customer Comms knows that the security of the information relating to our clients is highly valuable, and has thus established an Information Security Management System in accordance with the requirements of ISO/IEC 27001:2013 to guarantee the continuity of the information systems, minimise damage risks and ensure compliance with the goals set.
The goal of the Security Policy is to establish the framework required to protect information resources against threats, whether internal or external, deliberate or accidental, in order to guarantee the confidentiality, integrity and availability of the information.
The effectiveness and application of the Information Security Management System is the direct responsibility of the Information Security Committee, who is responsible for the approval, distribution and compliance of this Security Policy. An Information Security Management System Supervisor has been appointed in its name and representation, who has sufficient authority to play an active role in the Information Security Management System, supervising its implementation, development and maintenance.
The Information Security Committee will develop and approve the risk analysis methodology used in the Information Security Management System.
Any person whose activity may, directly or indirectly, be affected by the requirements of the Information Security Management System, is obliged to strictly comply with the Security Policy.
Customer Comms will implement all the necessary measures to comply with applicable regulations in general security and IT security, relating to IT policy, the safety of buildings and facilities and the behaviour of employees and third parties associated with Customer Comms in the use of IT systems. The measures required to ensure information security through the implementation of rules, procedures and controls should guarantee the confidentiality, integrity and availability of the information, which is essential to:
- Comply with current legislation on information systems.
- Ensure the confidentiality of the data managed by Customer Comms.
- Ensure the availability of the information systems both in terms of services offered to clients and internal management.
- Ensure the ability to respond to emergency situations, restoring the operation of critical services in the shortest possible time.
- Avoid undue alterations in the information.
- Promote awareness and training in information security.
- Promote and take part in the ongoing improvement of the information security management system policy.