BCB SOLUCIONES LINGÜÍSTICAS GLOBALES, S.L. is the owner of the website www.bcbsoluciones.com and the owner and controller of the data processing with the personal information voluntarily provided by its users, having adopted all necessary security measures for the data protection of its users.
The processing of the personal data performed through this Website complies with the provisions of the current legislation at the time of its processing.
DATA PROTECTION INFORMATION
If the user decides to request information on our Website, they will be asked for the data strictly necessary to achieve the purpose for which our Website is intended, which is the information and promotion of our services, all available on our Website. In no case shall they be used for purposes other than those for which they have been voluntarily entered in the Website.
The personal data that the user provides shall be processed as personal data. This personal data shall be subject to processing, whenever necessary to provide the service requested with a legal basis appropriate for the processing together with the rest of the information established by Art.13 of Regulation (EU) 2016/679, which at all times is at the disposal of the users of the Website through the means this Website makes available for the users. By clicking on the “SEND” button they confirm that they have been informed in that respect and have had the possibility to read the Disclaimer and Privacy and Cookie Policies.
Those who voluntarily provide their data to the owner of the Website through any of the means established for that purpose at any time, consent and accept that they expressly, precisely and unequivocally know, as they have clicked on the corresponding box, the following aspects:
The data CONTROLLER is BCB SOLUCIONES LINGÜÍSTICAS GLOBALES, S.L., with address at Calle Poeta Joan Maragall nº56, piso 2ºD, 28020 Madrid, customer service email firstname.lastname@example.org and contact telephone (+34) 91 567 19 92.
The LEGAL BASIS is the contract, compliance with legal obligations in the case of communication or storage of data, legitimate interest in dealing with persons of contact or representatives of legal persons and in the improvement of processes and quality, and consent where applicable.
The LEGITIMISATION for processing is based on the relationship established and on users’ unequivocal consent. We inform users that their consent can be revoked at any time, through easy and simple means.
RECIPIENTS: the data of the content of the services shall not be communicated to third parties. Billing data may be communicated to the tax authorities or bank details to banks for payment collection management. They may be passed on to the justice administration, other competent administrations or to third parties if necessary to provide the professional service commissioned. Once the service has been provided, and after the retention periods have elapsed, the personal data provided shall be destroyed or returned to the customer.
The criterion established for RETENTION of users’ data is the prescription period of actions starting from the end of the service.
INFORMATION ON USERS: we record user IP (Internet Protocol) data assigned to the subscriber holding the telephone line at the time of connection to this Website, for the purpose of security and collaboration with Justice. The data shall be retained by the service provider for the time established in current legislation.
RIGHTS OF ACCESS, RECTIFICATION, OBJECTION, ERASURE, PORTABILITY, RESTRICTION OF PROCESSING
At any time, the user can exercise the rights of access including the right to obtain a copy of the personal data subject to processing, rectification, objection, erasure or deletion, where applicable, portability and limitation of processing, by writing to the data controller and revoking the consent granted, at the address detailed on this Website.
These rights may be effective after certification of the personality in the forms and within the periods established in current legislation, by addressing a letter to the postal address that appears in the Disclaimer or homepage of the Website.
The processing of personal data and sending communications electronically, where applicable, comply with current legislation, in particular the General Data Protection Regulation and implementing rules, and Law 34/2002, of 11 July, on Information Society Services and Electronic Commerce.
Users have the right to lodge a complaint with the control authority.
INFORMATION ON PROVISION OF SERVICES WHEN BCB SOLUCIONES LINGÜÍSTICAS GLOBALES, S.L. ACTS AS DATA PROCESSOR
In the event of provision of a service whereby the customer’s personal data are accessed, BCB SOLUCIONES LINGÜÍSTICAS GLOBALES, S.L. shall act as data processor, with the customer being the data controller. The customer or data controller has accepted the present contractual clauses. In this regard, the data controller will solely provide personal data that it has obtained and is processing lawfully, and the data processor shall be bound to the following:
- It will solely process the data in accordance with the DATA CONTROLLER’s instructions, and for the purpose object of the contract, not informing any third parties even for its retention. The access to personal data is necessary for provision of the service and shall take place through the processor’s resources.
- It undertakes to adopt the necessary security measures and guarantee of the right of the persons affected, as established in Art. 32 of the GDPR, and must take the following measures:
- the pseudonymisation and encryption of personal data;
- the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
- the ability to quickly restore the availability and access to personal data in the event of a physical or technical incident;
- have a process established for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing;
- it will place at the controller’s disposal all the necessary information to demonstrate compliance with the obligations established in the GDPR, and allow and contribute to performing audits, including inspections, by the controller or other auditor authorised by the controller.
- it will assist the controller, whenever possible, to facilitate the response to the rights exercised by the data subjects, and it will aid compliance with the security measures of Art. 32 and 36 of the GDPR, bearing in mind the nature of the processing and the information at the processor’s disposal.
- Once the contractual provision has been fulfilled, the personal data must be destroyed or returned to the CONTROLLER, at its choice which it must state, unless there is a legal provision that demands its retention. The data, where applicable, must be returned in the same manner in which they were obtained and within the period of two months from the effective end of the service, and the CONTROLLER must not hinder their reception. Whenever liabilities may arise between the CONTROLLER and the PROCESSOR, it can keep the data duly blocked. The DATA PROCESSOR shall inform the CONTROLLER in the event of receiving a request to exercise the rights by a data subject and will do so within three working days following receipt of the request and in the same manner in which the CONTROLLER and PROCESSOR typically communicate, with electronic means having preference. The PROCESSOR is not responsible for attending to and responding to the requests of these rights.
- In the event that the DATA PROCESSOR uses the data for another purpose, communicates them or uses them in breach of this contract, it will also be considered data controller. In the event that the DATA PROCESSOR decided to subcontract all or part of this service, it must have the prior written authorisation of the DATA CONTROLLER. Once the subcontracting has been authorised, the data SUB-PROCESSOR must be subject to the same conditions and in the same written manner as the PROCESSOR, with the PROCESSOR being liable to the CONTROLLER in the event of breach by the SUB-PROCESSOR.
- It is bound to professional secrecy with respect to the personal data subject to processing, and must preserve secrecy during the processing and subsequent to its conclusion. It guarantees that the persons authorised to process personal data subject to this contract, have expressly undertaken to respect confidentiality and the duty of secrecy, a commitment which has been documented and is at the CONTROLLER’s disposal.
- The processing that the PROCESSOR shall access as a consequence of this contract are all processing that is necessary to fulfil the object of the contract.