Responsible for processing
Viwom Video Marketing S.L. (henceforth VIEWED), with official address at C/ Teruel nº 1, floor 1º offices C and D, 26006 – in Logroño, La Rioja (Spain), reports that:
a) guarantees the protection of personal data voluntarily provided by the user when communicating with VIEWED
- through email
- filling in data collection forms,
- formalizing a contractual relationship or
- using any other service that involves data communication.
b) process the data in accordance with the European Data Protection Regulation 679/2016, of April 27, hereinafter RGPD, and in accordance with the provisions of this policy, which it publishes based on the principle of proactive responsibility and transparency in the information, and try to demonstrate the unequivocal consent of the interested party through it.
Finality of processing
Personal data collected and processed by VIEWED, through this website, fairs, contracts, conferences, newsletters, draws, or other means, will be appropriate, relevant and limited to those necessary in relation to the purposes for which they are processed.
- The purpose of the processing for the data collection forms on the web and for other non-specified voluntary data submission is to handle the specific request, as a response to inquiries, subscription and newsletters, commercial contact, registration in workshops, sending documentation and information related to the services and, in any case, commercial and/or advertising communications.
- The purpose of the processing for the contracting of services is to establish and maintain the contractual relationship that may be established, in accordance with the nature and characteristics of the service contracted and for the maintenance of historical records.
In all cases, the personal data will be maintained in a way that allows the identification of the interested party only the time necessary for the purposes of the processing.
Legitimacy of processing
The legal basis for legitimizing the processing of data by VIEWED depends on the different processing activities, the type of holders of personal data and purposes thereof. For these cases we have as basis of legitimacy.
– Acceptance or express consent for Stakeholders that contact VIEWED to request information, make inquiries, subscribe to the sending of information and newsletters, training, etc. and that they voluntarily provide the requested personal data.
– Contract for customers who access VIEWED services and provide their consent through the formalization of the contract.
– VIEWED prevailing legitimate interests or third parties to whom the data is communicated for when contact data is collected beyond the forms indicated in the section on purpose of the processing (example: receipt of business cards, inquiries by e-mail) .
The services provided by VIEWED are aimed at professionals of legal age. The use of the services offered by minors must have been previously authorized by their parents, guardians or legal representatives as they are considered responsible for the acts performed by the minors in their charge.
Transfers: VIEWED only transfers personal data to third parties to meet their contractual or legal obligations of the service, with suppliers or public or private organizations. In these cases the holder consents said assignments and in exercising their rights can be informed about them.
International Transfers VIEWED communicates that in the development of its activity it uses services from suppliers to whom it communicates data (such as processing managers) with a residence outside the European Economic Area, carrying out an international data transfer. Below are the providers so their privacy policies can be checked:
- Google, Inc: https://www.google.es/intl/es/policies/privacy/
- Hubspot: https://legal.hubspot.com/privacy-policy
- Mail chimp: https://mailchimp.com/legal/privacy/
- Dropbox: https://www.dropbox.com/es_ES/privacy
- Facebook: https://es-es.facebook.com/about/privacy
- Linkedin: https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy
In all cases, these providers have signed the privacy Shield agreement that the Guide about the US-EU Privacy Shield can be consulted in the AEPD
Personal information provided or collected from users and whose manager is VIEWED is structured in files; whether automated or not and VIEWED carries out a record of processing activities in accordance with current regulations.
In addition, for data processing VIEWED establishes the appropriate technical and organizational measures that guarantee the confidentiality, integrity, availability, resilience of the data included in processing and that are necessary to guarantee its adequate security, including protection against unauthorized or illegal processing and against loss, destruction or accidental damage, and that tend to:
- Pseudonymization and encryption of personal data.
- The ability to guarantee the confidentiality, integrity, availability and permanent resilience of the processing systems and services.
- The ability to restore availability and access to personal data quickly, in the event of a physical or technical incident.
- The process of regular verification, evaluation and assessment of the effectiveness of technical and organizational measures to ensure the safety of processing.
The user can at all times exercise the rights recognized on their personal data, as well as the revocation of the consent for the aforementioned uses, by means of written communication with the request or right exercised addressed to VIEWED at the address given in this contract as a VIEWED address or via e-mail email@example.com, including in both cases a photocopy of your ID or other similar identification document.
The recognized rights that can be exercised are the following:
- Access. Request information about the data we process, the purpose of the processing and its legitimacy.
- Rectification. Request the modification of the data if they are incorrect.
- Suppression. Request the elimination of data in legally established cases
- Opposition. Stop processing the data, except for justified reasons.
- Limitation of the processing, they will only be conserved by the VIEWED for the exercise or the defence of claims.
- Right to the portability of the data: in case you want your data to be treated by another SUPPLIER, VIEWED will facilitate the portability of your data to the new responsible party.
For more information on exercising these rights you can consultthe citizen’s guidepublished by the Spanish Agency for data protection.
If you consider that the processing of your personal data violates the regulations, you can file a claim:
- before those responsible for VIEWED or
- before the Spanish Agency for Data Protection , through your postal address: C/Jorge Juan, 6, CP 28001, Madrid (Spain).
Nonetheless, the interested party will respond, in any case, regarding the veracity of the data provided, reserving VIEWED the right to exclude all false or illicit data, without prejudice to the other actions that proceed in Law.
VIEWED warns that, except for the existence of a legally constituted representation, no interested party may use the identity of another person and communicate their personal data. For such purposes, the interested party will be solely responsible for any damage, whether direct and/or indirect, caused to third parties or VIEWED for the use of personal data of another person, or their own personal data when they are false, erroneous, not current, inadequate or irrelevant.
Anyone who communicates the personal data of a third party, will respond to the information obligation established in the RGPD for when the personal data has not been collected from the interested party, and/or the consequences of not having informed him.
Acting as processing manager
In those cases in which VIEWED accesses and/or deals with personal data whose responsibility and ownership pertains to its clients and acts as the processor in accordance with the provisions of current regulations, it undertakes to thoroughly regulate the content of the contracts of processing manager, regulating aspects such as:
- Object, duration, nature and purpose of the processing.
- Designate a Data Protection Delegate, if applicable.
- Keep a Record of Activities including the types of personal data and stakeholder categories of the person responsible.
- Obligation of the person in charge of processing personal data only following the documented instructions of the person in charge.
- Conditions for the responsible party to give their prior, specific or general authorization to subcontracting.
- Notification of data security violations:
- Once the contractual provision is fulfilled, the data will be destroyed or returned, as agreed between the parties. However, it is possible for VIEWED to be used for research, scientific and statistical purposes …. prior to anonymization of the same.