Privacy Policy

 

Data Protection Policy

Below, we provide information regarding our Data Protection Policy applicable to the processing of “Web Users” carried out on our website:

Web Users

Identification of the Responsible Entity. The personal data you provide is included in a data processing activity named WEB USERS, managed by Galde Analytics, S.L. (NIF: B10641728), located at Calle Alameda de Mazarredo, 47, Bajo, 48009, Bilbao, Bizkaia (Spain).

You can contact the Responsible Entity by phone at (+34) 688887394 or via email at [email protected] or [email protected].

Data Protection Officer. There is no appointed Data Protection Officer for this entity.

Purpose. We process the information provided by individuals to manage orders and, in general, to conduct the commercial and administrative management of the sales contract.

Retention Period.

Personal data will be retained for the following periods:

• Duration of the commercial relationship or until the data subject requests its deletion.
• Additionally, data will be retained for as long as legally required.

Automated Decisions and Profiling. No automated decisions, including profiling, are made.

Legal Basis for Processing. The processing is based on the preparation and execution of the commercial relationship.

Recipients of Data Transfers. Data will not be transferred or communicated to third parties.

However, we work with service providers who may legitimately and confidentially access your data. These are considered Data Processors:

• IT maintenance companies.
• Fiscal, accounting, and labor consultancy firms.
• Legal advisors.

International Transfers. Our servers and offices are located in Spain, and no international data transfers are anticipated.

We use certain services (backups, office systems, email providers, etc.) from companies based in the U.S. These companies comply with the EU-U.S. Privacy Shield Agreement, which ensures privacy protection levels considered adequate by the EU.

However, since July 16, 2020, the validity of the Privacy Shield Agreement has been annulled. Instead, the EU Model Contract Clauses (MCCs), also known as Standard Contractual Clauses, are in effect. You can find more details on this topic on the Google Cloud blog: Google Cloud’s Commitment to EU International Data Transfers and the CJEU Ruling

Rights. All individuals have the right to know whether our company is processing their personal data.

Interested parties have the right to:

• Access their personal data.
• Rectify any inaccurate data.
• Delete their data when it is no longer necessary for the purposes for which it was provided.
• Request limitation of processing in certain circumstances, where data will only be kept for the exercise or defense of legal claims.
• Object to the processing of their data for reasons related to their personal situation.

In such cases, data will no longer be processed unless legally justified or necessary for defending potential claims.

• Request portability of their data, which will be provided in an electronic, structured, and commonly used format to facilitate its use in another system or application.

If consent has been granted for a specific purpose, individuals have the right to withdraw consent at any time.

How to Exercise Your Rights. To exercise these rights, you can:

• Use the forms available at our offices or the models provided by the Spanish Data Protection Agency (AEPD) on its website: www.aepd.es.
• Submit the request, along with a copy of your ID or passport, to:
  • Postal Address: Calle Alameda de Mazarredo, 47, Bajo, 48009, Bilbao, Bizkaia (Spain).
  • Email: [email protected] or [email protected].