Privacy policy

SERVEIS INTEGRALS ESED, S.L., is a company located at Av. Ernest Lluch 32 TCM2 - 08302 Mataró (Barcelona), with NIF number B65440729 (“ESED”).

At ESED, we are committed to protecting your fundamental right to personal data protection, and this privacy policy aims to inform you of your rights under the General Data Protection Regulation (“GDPR”).

However, please note that, for certain services, such as access to our Tool when contracted by your organization, ESED will process your data as a data processor.

In this regard, data processing resulting from these services is regulated in the data processing agreement between ESED and your organization, included as Annex I in the Contracting Conditions.

Therefore, this policy only applies to data processing performed by ESED as the data controller.

What information do we process?

Data you provide directly:

We collect information about you when you contact us through the available channels, such as the registration form or subscription form.

When you contact us through these channels, we request personal data such as your name, email, phone, CIF, and information about your organization.

All fields marked with an asterisk (*) on forms are mandatory; omitting them may prevent us from providing the requested services. You must provide truthful information; identity theft or the use of aliases or anonymous names is prohibited.

You must protect your reference data, passwords, and access codes at all times. You will be solely responsible for any use of your personal account, and you agree to use this information diligently, not share it with third parties, and immediately notify us of any loss or theft.

To keep your information up-to-date and error-free, you should promptly inform ESED of any changes to your personal data via email at esed@esedsl.com.

Also, by clicking "Accept" (or equivalent) in the forms, you declare that the information and data you provided are accurate and truthful.

Data obtained indirectly:

While browsing, various cookies and tracking devices may be installed on your device, as explained in our Cookie Policy.

Where do the data originate?

We consider all data processed by ESED to have been freely provided by you.

If the personal data provided belong to a third party, you guarantee that you have informed them of this Privacy Policy and obtained their authorization to provide the data to ESED for the stated purposes. You also guarantee that the data provided are accurate and up-to-date and are liable for any damage or harm, direct or indirect, caused by failing to comply with this obligation.

For what purposes and on what legal basis do we process the data?

ESED processes personal data for the following purposes and based on the following legal bases:

Based on managing a contractual or pre-contractual relationship:

• Manage the acquisition of the products and services we offer, handle any related issues or requests, and carry out any post-sales service management.
• Provide requested services and respond to information requests.
• Manage your registration in our Tool as a representative of the contracting organization.

Based on ESED's legal obligations:

• Allow users to exercise their rights.
• Comply with applicable regulations.

Based on explicit, free, and unequivocal consent provided when collecting your data:

• Create profiles for statistical or segmentation purposes, and/or make automated decisions.
• Conduct segmentation and profiling according to your interests and analyze your use of our services, such as browsing history or bookings made on our website, to tailor offers and promotions to each customer, offering personalized services and information.

Based on ESED's legitimate interest:

• Keep you informed about ESED's products and services related to those previously contracted and that may be of interest.
• Conduct periodic service reviews and satisfaction surveys to assess and improve service quality.
• Conduct internal reviews and, if necessary, contact the client if potential fraud or identity theft is detected or suspected.

However, if you do not want your data processed for these purposes, you may object at any time by contacting us at contacte@esedsl.com as outlined in the "Exercise of Rights" section of this Privacy Policy.

Who receives the data?

All personal data transfers are necessary to fulfill the stated purposes or to comply with a legal obligation:

• To public administrations, the judiciary, and law enforcement to comply with applicable legal obligations.
• Payment service providers (e.g., banks, payment gateways) if the client makes any payments through these services.
• IT service providers that support ESED’s services, such as hosting providers, CRMs, and email service companies.

Please note that any transfers are made with all necessary legal safeguards. We also ensure that specific contracts are in place with all service providers as required by law.

Likewise, if any suppliers are located in non-EU countries or countries not deemed adequate under data protection laws, appropriate precautions are taken to ensure secure data transfers, either because the supplier provides adequate safeguards, such as EU Standard Contractual Clauses, or one of the exceptions set forth in the regulation applies.

Exercising Your Rights

You may exercise the following rights:

• Right to access your personal data to know which data is being processed and for what purposes.
• Right to rectification of any inaccurate personal data.
• Right to erasure of your personal data, where possible.
• Right to restrict data processing in cases of doubtful accuracy, legality, or necessity of data processing. Data may be retained for defense or claim purposes.
• Right to object to automated decision-making, including profiling.
• Right to object to data processing based on ESED's legitimate interest.
• Right to data portability where data processing is based on a contractual relationship or your consent.
• Right to withdraw consent given to ESED.

You can exercise your rights at any time, free of charge:

• By emailing contacte@esedsl.com, indicating the right you wish to exercise and your identification data.
• By writing to Av. Ernest Lluch 32 TCM2 - 08302 Mataró (Barcelona), stating the right you wish to exercise.

When exercising your rights, and only if we have doubts about your identity, we may request additional information to verify your identity.

You also have the right to file a complaint with the Spanish Data Protection Agency if you believe we have violated data protection laws.

Additionally, you can sign up for the Robinson List at www.listarobinson.es, a system managed by the Spanish Digital Economy Association (ADIGITAL), where you can register to opt-out of receiving marketing communications.

Data Retention Period

We will retain your data only as long as necessary to provide these services. Any data provided through our channels will be blocked once it is no longer required to manage the service and will be available only in case of a legal obligation.

Security and Confidentiality

To prevent unauthorized access or disclosure of personal data, we have implemented appropriate technical and physical measures, along with management processes, to safeguard and secure the information collected from you.

Minors

Minors under 14 may not use services available on our website without prior authorization from their parents, guardians, or legal representatives, who are solely responsible for any actions taken by minors under their charge on the site, including filling out forms with personal data.

Privacy Policy Updates

We make every effort to keep our privacy policy up-to-date. If changes are made, they will be clearly identified wherever possible.

This privacy policy was reviewed and published on [October 25, 2024].