Customer Comms

Data Protection

Data Protection

In accordance with the provisions of both Regulation (EU) 2016/679 of the European Parliament and of the Council of 27th April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (GDPR) and also Act 3/2018 of 5th December on the Protection of Personal Data and the Guarantee of Digital Rights (LOPD-GDD) and other data protection regulations in force, Users of the website, who have voluntarily expressed their consent for the processing of personal data in a free, clear and unequivocal manner by ticking the box "Data Protection Policy", are hereby informed that their data will be processed in accordance with the company they are registered with, either by the company MAILTECK, S.A. or by the company CUSTOMER COMMUNICATIONS TECKNALIA, S.L., which shall be jointly referred to as GRUPO MAILCOMMS.

Data controller Customer Communications Tecknalia, S.L. -> Read more
Owner: Customer Communications Tecknalia, S.L.
NIF: B-86414000
Address: Avenida de la Recomba nº 12-14 - 28914 Leganés (Madrid)
Telephone: 91 689 56 65
Email: info@customercomms.com
Contact with DPO: dpo@customercomms.com
Purpose To provide requested information and manage contact with potential customers -> Read more
At GRUPO MAILCOMMS, the information that you have provided has been collected by one of the GRUPO MAILCOMMS companies, in order to manage and process the request made:

MAILTECK will only process the data provided for the purposes described above and they will not be further processed in a way incompatible with those purposes.

In order to be able to offer you products and services according to your interests and to improve your user experience, we will produce a “commercial profile”, based on the information provided. However, automated decisions will not be made based on that profile.

The personal data provided will be kept as long as the commercial relationship is maintained, or its deletion is not requested by the interested party, for a period of 5 years from the last confirmation of interest.
Legitimacy Consent of the interested party -> Read more
The data subject, by providing their data through the channels that the GRUPO MAILCOMMS companies facilitate to collect contact information (contact form, commercial visit, etc.).
Recipients Collaborating companies -> Read more
  • Collaborating and participated companies for commercial purposes.
  • By legal requirement when a rule so requires.
Rights You may exercise your rights in the legally established manner and terms -> Read more
  • General confirmation: Any person is entitled to obtain confirmation on whether MAILTECK are processing personal data that concerns them.
  • ARCO Rights: Interested persons have the right to access their personal data, as well as to request the rectification of inaccurate data or, where appropriate, request its deletion when, among other reasons, the data is no longer necessary for the purposes for which it was collected.
  • Limitation of the processing: In certain circumstances, the interested parties may request the limitation of the processing of their data, in which case we will only keep them for the exercise or defence of legal claims.
  • Objection to processing: In certain circumstances and or reasons relating to their particular situation, the interested parties may object to the processing of their data.
    Therefore, MAILTECK will stop processing the data, except for compelling legitimate grounds, or the exercise or defence of potential legal claims.
  • Portability of the data: In certain circumstances and or reasons relating to their particular situation, the interested parties may request to receive the personal data provided in the contact form, in a structured, commonly used and machine-readable format and have the right to transmit those data to another data controller without hindrance.
  • Claim before a public body: if your right to protection of personal data is violated, you can file a claim with the Spanish Agency for Data Protection (www.aepd.es).
  • Channel to exercise your rights: Data subjects may exercise their rights recognised in the regulations against and before each of the data controllers, via the addresses enabled as DPO in the section «Data Controller».
Additional information More information about Data Protection -> Read more
  • Personal data has been obtained from the channels that MAILCOMMS GROUP companies provide to collect contact information (Contact form, Commercial visit, etc.)
  • The categories of data to be processed are identification data (name, surname(s), email, etc.)
  • MAILCOMMS GROUP, doesn’t process especially protected data
Information Security Policy You can find out more about the Information Security Policy base on ISO 27001 -> Read more
ANNEX I: INFORMATION SECURITY MANAGEMENT SYSTEM POLICY

Customer Comms knows that the security of the information relating to our clients is highly valuable, and has thus established an Information Security Management System in accordance with the requirements of ISO/IEC 27001:2013 to guarantee the continuity of the information systems, minimise damage risks and ensure compliance with the goals set.

The goal of the Security Policy is to establish the framework required to protect information resources against threats, whether internal or external, deliberate or accidental, in order to guarantee the confidentiality, integrity and availability of the information.

The effectiveness and application of the Information Security Management System is the direct responsibility of the Information Security Committee, who is responsible for the approval, distribution and compliance of this Security Policy. An Information Security Management System Supervisor has been appointed in its name and representation, who has sufficient authority to play an active role in the Information Security Management System, supervising its implementation, development and maintenance.

The Information Security Committee will develop and approve the risk analysis methodology used in the Information Security Management System.

Any person whose activity may, directly or indirectly, be affected by the requirements of the Information Security Management System, is obliged to strictly comply with the Security Policy.

Customer Comms will implement all the necessary measures to comply with applicable regulations in general security and IT security, relating to IT policy, the safety of buildings and facilities and the behaviour of employees and third parties associated with Customer Comms in the use of IT systems. The measures required to ensure information security through the implementation of rules, procedures and controls should guarantee the confidentiality, integrity and availability of the information, which is essential to:

  • Comply with current legislation on information systems.
  • Ensure the confidentiality of the data managed by Customer Comms.
  • Ensure the availability of the information systems both in terms of services offered to clients and internal management.
  • Ensure the ability to respond to emergency situations, restoring the operation of critical services in the shortest possible time.
  • Avoid undue alterations in the information.
  • Promote awareness and training in information security.
  • Promote and take part in the ongoing improvement of the information security management system policy.