TYM PRIVACY POLICY

Last updated: 19 April 2021

1. PRIVACY POLICY. INTRODUCTION

The company Teclas y Monitores Optimización de Recursos, S.L. (TYM) complies with rigorous standards and policies when processing your personal data. To this end, we implement the requirements contained in REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 as well as Organic Law 3/2018, of 5 December, on the Protection of Personal Data and guarantee of digital rights. And other legal provisions that may be applicable.

Therefore, Teclas y Monitores Optimización de Recursos, S.L, located at Calle Poeta Joan Maragall 23, 28020 Madrid, respects your privacy and that of your personal data. To this end, we aim to ensure that your personal data is protected by adopting technical and organisational security measures that meet current security standards.

2. DATA CONTROLLER

Who is responsible for your data?

  • Owner: TECLAS Y MONITORES OPTIMIZACIÓN DE RECURSOS, S.L. (hereinafter, “TYM”)
  • Address: 23 Poeta Joan Maragall Street, 28020 Madrid
  • VAT NUMBER: B81893414
  • Telephone: 913 72 83 21
  • E-mail: dpo@tym.es

3. PURPOSE OF DATA PROCESSING AND CATEGORIES OF DATA PROCESSED

For what purpose and for how long will we process your personal data?

TYM, will process your data, manually and/or automatically, for the following specific purposes:

  • Contractual:
    • Provide you with the requested service.
    • To exchange information necessary to provide the requested service.
    • To invoice you for this service.
    • To comply with all legal obligations in terms of contracts, taxes arising from our business activity with you.
  • Informative: To respond to requests, questions, requests, orders, which is made by the user through any of the forms of contact that are made available to them with the express, informed and voluntary consent of the owner of the data.
  • Employment and internships.

What categories of data do we process?

For the purposes mentioned above, TYM processes the following categories of data:

  • Identification data: name, surname, company name, postal address, e-mail address, postcode, telephone number.
  • Traffic and location data.
  • Electronic communications metadata.

The user guarantees that the data provided is true, accurate, complete and up to date, and shall be liable for any direct or indirect damage or harm that may be caused as a result of non-compliance with this obligation.

In the event that the user provides data of third parties, he/she declares that he/she has their consent and undertakes to provide them with the information contained in this clause, exempting TYM from any liability in this regard.

4. TIMES AND MEASURES IMPLEMENTED

How long do we keep your data?

TYM will only keep users’ personal data for the time necessary to carry out the purposes for which they were collected, as long as they do not revoke the consents granted. Subsequently, if necessary, TYM will keep the information blocked for the legally established periods. The data will also be kept for as long as the relationship of interest between the interested party and TYM is maintained, and for the legally or contractually established periods for the exercise of any action or claim at the disposal of the interested party or TYM.

In the case of the data you provide in connection with the sending of CVs for job offers, they will be kept for one year from the date of the last update. After this period, without having been updated, the data will be deleted, unless you tell us otherwise.

What security measures do we put in place to safeguard your data?

TYM maintains a strong commitment to the protection of personal data and the privacy of users, therefore, to protect the different types of data reflected in this privacy policy will carry out the necessary technical security measures to prevent its loss, manipulation, dissemination or alteration.

TYM will process your Data in accordance with the security requirements applicable to the processing of data in accordance with current legislation.

To this end, we have extensive technical and organisational protection measures in place that comply with internationally recognised IT standards and are periodically reviewed.

In this way, we ensure that your Data is adequately protected at all times against misuse or any other form of prohibited processing.

TYM adopts the security levels required by current legislation having implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risk arising from the processing of personal data, such as accidental or unlawful destruction, loss or alteration of personal data transmitted, stored or otherwise processed, or unauthorised communication or access to such data, which may in particular result in physical, material or immaterial damage. Notwithstanding the foregoing, security measures on the Internet are not impregnable and leaks may occur as a result of malicious acts by third parties.

TYM will block the data when they are no longer necessary or relevant for the purpose for which they were collected, in accordance with the provisions of data protection legislation. However, TYM may continue to use the data for the aforementioned purposes of sending commercial communications as long as the user does not revoke the consent given.

5. DATA COMMUNICATIONS

To which recipients will your data be communicated?

TYM may share your Data with other third parties, such as external service providers or IT service providers, CRM, external consultants or cooperation partners for the purposes set out in this Policy or in the framework of any other legal reporting or information duties.

TYM will ensure that such third parties comply with their respective confidentiality obligations.

In order to ensure compliance with the requirements under data protection rules, TYM will enter into agreements with all third parties with whom it shares your Data.

We inform you that certain data, within the framework of the regulations in force or the contractual relationship you may have with TYM, may be communicated to:

  • Public administrations with competence in TYM’s sectors of activity, when so established by the regulations in force.
  • The State Security Forces and Corps and judicial authorities by virtue of the provisions of the Law.
  • Banks and financial institutions in the case of collection of the services offered.

6. LEGITIMISATION OF THE PROCESSING

What is the legitimacy for the processing of your data?

Personal data means any information about an identified or identifiable natural person (“Data”).

You give your consent for TYM to process the personal data you provide when contacting or sending an email, for example, making an enquiry or formulating a request, in order to attend to and manage your specific request, this data being necessary for the maintenance and fulfilment of this relationship.

As indicated, the purpose of the processing is the management of requests and queries made by you as a contact, as well as the sending of commercial and advertising communications about TYM’s activities in general. TYM also carries out processing with your prior, express and free consent as a user, in accordance with that consent (or based on your legitimate interest of information in order to maintain commercial relations, as well as You as a user, may revoke such consent by written request with a copy of your National Identity Document addressed to the following email address: dpo@tym.es

7. YOUR RIGHTS AS A DATA SUBJECT AND YOUR RIGHT TO LODGE A COMPLAINT WITH THE SUPERVISORY AUTHORITY

As a user/stakeholder affected by the processing, you can exercise certain rights in relation to us under the GDPR and the GDPR and other applicable data protection regulations via our information or contact service whose details are set out in section 2 of this document. The following section contains an explanation of the rights you have as a data subject under the GDPR.

Rights of users/stakeholders

As a data subject, you are in particular entitled to exercise the following rights against TYM:

Right of access: at any time, you may request that we provide you with information about your Data that we have stored. This information concerns, among other things, the categories of data we process, the purposes of the processing, the origin of the Data if we have not collected it directly from you, and the recipients to whom we have disclosed your Data, if any. You may receive a free copy of the Data which are the subject of the contract.
Right of rectification: You may request rectification of your Data. We will take appropriate measures to keep your Data, which we store and process on an ongoing basis, accurate, complete, up to date and appropriate to the latest information you provide to us.
Right of erasure: you may request the erasure of your Data, provided that the applicable legal requirements are met. For example, this may be the case:
If the Data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
If you withdraw the consent on which the processing is based and the processing is not based on another legal ground.
If you object to the processing of your Data and no other legitimate grounds for the processing prevail, or if you object to the processing for direct marketing purposes.
If the Data have been processed unlawfully, unless the processing is necessary: for compliance with a legal obligation requiring the processing of your Data; in particular with regard to the legal deadlines for keeping records; for the formulation, exercise or defence of claims.
Right to restriction of processing: You may obtain restriction of processing of your Data: if you contest the accuracy of the Data, for a period of time that allows us to verify the accuracy of the Data; if the processing is unlawful and you object to the erasure of your Data and request instead the restriction of its use; if we no longer need your Data, but you need it for the formulation, exercise or defence of claims; if you have objected to the processing, while we verify whether our legitimate grounds override yours.
Right to data portability: Upon your request, we will transfer your Data to the extent technically feasible to another controller. However, you only have this right if the processing has your consent as a legal basis. Instead of receiving a copy of your Data, you may also request that we transmit your Data directly to another controller that you specify.
Right to object: You may object at any time, on grounds relating to your particular situation, to the processing of your Data, if the processing is based on your consent or on our legitimate interest or on the legitimate interest of a third party. In this case, we will stop processing your Data. The latter does not apply if we can demonstrate compelling legitimate grounds for the processing which override your interests, or if we need your Data for the formulation, exercise or defence of claims or suggestions.

Deadline for the attention of the rights of data subjects

TYM always tries to respond to your requests within 30 days. However, this period may be extended for reasons related to the right of the data subject concerned or the complexity of his or her request.

Restrictions on providing information when addressing data subjects’ rights

In certain situations, we may not be able to provide you with information about all of your Data due to legal provisions or requirements. If we are obliged to refuse your request for information in such a case, we will also inform you at the same time of the reasons for the refusal.

Complaint to the supervisory authority

TYM takes your complaints and rights very seriously. However, in the event that you believe that we have not fully addressed any claims or complaints regarding the protection of your data, you have the right to lodge a complaint with the Spanish Data Protection Agency (AEPD).

8. LEGAL TEXTS

You can consult the data protection regulations on the following websites:

http://www.agpd.es/portalwebAGPD/canaldocumentacion/legislacion/union_eur opea/reglamentos/common/pdfs/Reglamento_UE_2016 679_Proteccion_datos_DOUE.pdf https://www.boe.es/buscar/pdf/2018/BOE-A-2018-16673-consolidado.pdf