In accordance with the provisions of both Regulation (EU) 2016/679 of the European Parliament and of the Council of 27th April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (GDPR) and also Act 3/2018 of 5th December on the Protection of Personal Data and the Guarantee of Digital Rights (LOPD-GDD) and other data protection regulations in force, Users of the website, who have voluntarily expressed their consent for the processing of personal data in a free, clear and unequivocal manner by ticking the box "Data Protection Policy", are hereby informed that their data will be processed in accordance with the company they are registered with, either by the company MAILTECK, S.A. or by the company CUSTOMER COMMUNICATIONS TECKNALIA, S.L., which shall be jointly referred to as GRUPO MAILCOMMS.
Avenida de la Recomba nº 14 – 28914 – Leganés, Madrid
913 044 941
Contact with DPO: email@example.com
Customer Communications Tecknalia, S.L.
Avenida de la Recomba nº 12-14 - 28914 Leganés (Madrid)
91 689 56 65
Contact with DPO: firstname.lastname@example.org
At GRUPO MAILCOMMS, the information that you have provided has been collected by one of the GRUPO MAILCOMMS companies, in order to manage and process the request made:
GRUPO MAILCOMMS will only process the data provided for the purposes described above and they will not be further processed in a way incompatible with those purposes.
In order to be able to offer you products and services according to your interests and to improve your user experience, we will produce a “commercial profile”, based on the information provided. However, automated decisions will not be made based on that profile.
The personal data provided will be kept as long as the commercial relationship is maintained, or its deletion is not requested by the interested party, for a period of 5 years from the last confirmation of interest.
The data subject, by providing their data through the channels that the GRUPO MAILCOMMS companies facilitate to collect contact information (contact form, commercial visit, etc.).
Version: 3 | Date: 10/01/2022
ANNEX I: INFORMATION SECURITY AND PRIVACY MANAGEMENT SYSTEM POLICY
Grupo MailComms, aware that the security and privacy of information relating to our customers is a highly valuable resource, has established an Information Security and Privacy Management System in accordance with the requirements of the ISO/IEC 27001 standards. :2013 and ISO/IEC 27701:2019 to guarantee the continuity of information systems, minimize the risks of damage and ensure compliance with the objectives set.
Additionally, for the Certified Electronic Delivery service, based on the nature of the service itself, the provisions established in the European eIDAS Regulation that regulates Trust Services have been followed, and specifically the ETSI 319 401 and ETSI 319 standards. 521 for Providers of Certified Electronic Delivery Services that contain specific precepts for the provision of this type of service. In this sense, the Policy that will govern this service will be the Certification Practices Statement (hereinafter CPS).
Additionally, and to comply with current data protection regulations, a Data Protection Officer (DPO) has been appointed in order to guarantee the security and privacy of personal data, especially taking into account the activity of the company.
The Information Security and Privacy Committee will proceed to develop and approve the risk analysis methodology used in the Information Security and Privacy Management System.
Grupo MailComms will implement all the necessary measures to comply with the applicable regulations regarding security and privacy in general and computer security, regarding computer policy, the security of buildings and facilities and the behavior of employees and third parties associated with Grupo MailComms in the use of computer systems and processing of personal data. The necessary measures to guarantee the security and privacy of the information through the application of norms, procedures and controls must allow to ensure the confidentiality, integrity, availability of the information, essential for:
- Comply with current legislation, regulations and regulations regarding privacy and information systems and with all contractual requirements regarding data protection and trusted electronic services, as well as those deemed appropriate to carry out with the aim of achieve continuous improvement of the organization.
- Ensure the confidentiality of the data managed by Grupo MailComms.
- Ensure the availability of information systems, both in the services offered to customers and in internal management.
- Ensure response capacity in emergency situations, restoring the operation of critical services in the shortest possible time.
- Avoid undue alterations in the information.
- Promote awareness and training in security and privacy of information and in the field of electronic trust services.
- Promote and participate in achieving the continuous improvement of the information security and privacy management system and trusted electronic services.
The Information Security and Privacy Policies and the CPS must be reviewed at planned intervals, at least annually and whenever significant changes occur in the organization, in order to ensure that their suitability, adaptation and effectiveness are maintained.