This policy has been updated for its validity as of May 25, 2018, with the entry into force of the General Data Protection Regulation (known, in short, as RGPD). The full name of the aforementioned standard is “REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and the free movement of This data and repealing Directive 95/46 / EC (General Data Protection Regulation) “.
At the same time, it is in compliance with the Organic Law 3/2018, of December 5, on the Protection of Personal Data and the guarantee of digital rights and Law 34/2002, of July 11, on services of the society of the information and electronic commerce (abbreviated LSSI or LSSI-CE).
ADDITIONAL INFORMATION ON DATA PROTECTION (SECOND INFORMATION LAYER).
The purpose of this declaration is to inform interested parties of the Privacy and Personal Data Protection Policy implemented by EADTrust, European Agency of Digital Trust SL. (abbreviated EADTrust) in the exercise of its activity as a provider of trusted electronic services and in other areas.
Who is responsible for the processing of your data?
- Identity: European Agency of Digital Trust S.L. NIF: B85626240 Commercial Registry of Madrid, volume 26.403, folio 63, section 8, page M-475828.
- Mailing address: C / Alba 15 28043 – Madrid
- Phone: +34 91 716 05 55
- Email: email@example.com
- Any questions or additional information about how we treat your data, the exercise of rights or other issues related to personal data, write to: firstname.lastname@example.org
What data do we collect and deal with?
In the execution of its corporate purpose EADTrust collects and treats personal data of:
- Users of electronic notification services “NOTICEMAN”
- Clients of other electronic signature services, voting and electronic forum of Societies, issuance of certificates and time stamps qualified according to the Regulation (EU) eIDAS and not qualified, among others.
- Job applicants and employees of EADTrust
- Users of the domains and subdomains of EADTrust.
- Applicants for the issuance of certificate service
EADTrust S.L respects the principle of data minimization. Therefore, it only requests the appropriate and relevant minimum data: identification and contact data; economic, financial and insurance data; academic and professional data; data derived from the employment relationship and data related to transactions of goods and services.
Whenever we request your personal data, we will inform you with clarity of what personal data we collect and for what purpose.
The USER, in relation to the data that you provide, must make sure that they are legitimate and will answer for their veracity. You must communicate any changes that affect the data, so it exempts EADTrust from any type of responsibility related to the updating of the information not communicated.
For what purpose do we process your data?
EADTrust treats your data, exclusively, in order to manage your requests for information or provision of any of our services; or to meet your interest of work with us This includes the possibility of receiving communications EADTrust electronics.
These data are necessary to be able to offer the Requested services; If you do not provide them, EADTrust will not be able to manage your request.
We do NOT elaborate profiles based on these data and we do not know they make automated decisions.
How legitimately do we process your data?
In accordance with the applicable data protection regulations, your personal data may be processed if:
- You have given your consent to the effects of the treatment. Of course, you can withdraw your consent at any time.
- It is necessary for the provision of any of our services through a contractual relationship between you and us.
- With such treatment, we seek a legitimate interest that is not impaired by your privacy rights. Such legitimate interest will be duly communicated to you in the privacy notice related to that particular treatment.
- It is required by law.
How long do we keep your data?
We keep your personal data in a legal and appropriate manner and only as long as it is necessary for the purposes for which they were collected. You can find more information about this in the specific sections of this Policy, dedicated to the owners of the data we are dealing with.
To whom will your data be communicated?
The categories of recipients to whom the personal data of the different categories of interested parties can be communicated are:
- External payroll service and labor and tax advice
- Occupational Risk Prevention Service
- Public Organizations and Courts of Justice
- IP telephony provider
- Email providers
- Providers of cloud hosting and storage services located in Europe.
How can you exercise your rights on your data?
You can contact EADTrust at any time to:
- Know if we treat your personal data.
- Access your personal data and any other information indicated in Article 15.1 of the RGPD.
- Rectify your personal data that is inaccurate or incomplete according to Article 16 of the RGPD.
- Delete your personal data in accordance with Article 17 of the RGPD.
- Limit the processing of your personal data in accordance with Article 18 of the RGPD.
- Request the portability of your data in accordance with Article 20 of the RGPD.
- Oppose the processing of your personal data in accordance with article 21 of the RGPD.
If you have given your consent for a specific purpose, you have the right to withdraw the consent granted at any time, without affecting the legality of the treatment based on the consent prior to its withdrawal.
You can consult the procedure for the exercise of your rights in the section “Information for the exercise of rights”.
Confidentiality and data security
EADTrust undertakes to comply with its obligation of professional secrecy and confidentiality regarding personal data obtained from interested parties, and to act proactively in the taking of organizational and technical measures to guarantee the security of personal data and prevent their alteration, loss, treatment or unauthorized access.
For this purpose, the state of the technology and the provisions of current legislation for the protection of personal data will be taken into consideration.
The web pages of EADTrust use technical cookies from the content platform, but no analysis or treatment is performed on them, so the application of article 22.2 of the LSSI, is limited to a use that does not require the consent of the user. Get more information in our COOKIES Policy.
Data protection in electronic communications
EADTrust informs that the personal data of the addressee (s) of the emails that it sends are obtained and treated in accordance with the provisions of its Privacy and Data Protection Policy, Regulation (EU) 679/2016 (RGPD) and the Organic Law 03/2018 (LOPD GDD) in force, taking into consideration the provisions of Law 34/2002 (LSSI-CE).
These data are added to the register of treatment activities managed by EADTrust as the responsible party.
Email messages are addressed exclusively to the recipients that appear in its header. The message, the information contained in it, as well as that of all the attached documentation, are of CONFIDENTIAL CHARACTER. If you receive a message from EADTrust by mistake, please inform us immediately and proceed to destroy the message received. Any disclosure, copy, distribution or unauthorized use of the information contained in the messages of EADTrust is prohibited by current legislation on the protection of personal data.
The sending of electronic communications does not imply an obligation on the part of EADTrust to control the absence of viruses, worms, Trojans and / or any other harmful computer program, corresponding to the recipient having the necessary hardware and software tools to guarantee both the security of its information system like the detection and elimination of harmful computer programs. EADTrust S.L is not responsible for the damages that such computer programs may cause to the recipient.
The requirements of this Policy complement, and do not replace, any other existing requirement under the applicable data protection legislation, which will prevail, in any case.
This Policy is subject to periodic reviews and EADTrust may modify it at any time. When this occurs, we will notify you of any changes and ask you to re-read the most recent version of our Policy and confirm your acceptance.
You can also check this Policy periodically in www.eadtrust.rgpd.de.
The latest update is June 2019.