PRIVACY POLICY
By means of this notice, “Teradisk Consuting, SL” (hereinafter “Teradisk”), informs users of the website www.teradisk.com and www.teradisk. net, in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation) and Organic Law 3/18 of 5 December on the Protection of Personal Data and the guarantee of digital rights and other applicable regulations, of its personal data protection policy so that they may decide expressly, freely and voluntarily, to provide “Teradisk” with the personal data that is requested from them motivated by the request for information or for the contracting of the various products/services offered within the field of cloud consulting, server hosting and services, comprehensive management of IT infrastructures, hosting services, backups, as well as all types of related services.
Unless specifically stated otherwise, it is considered necessary to complete all data required on the form or similar form in a true, accurate, complete and up to date manner. Otherwise, “Teradisk” may, depending on the case, either not register the user or refuse the specific service requested. All data provided by the user/interested party will be processed in accordance with the following detailed characteristics.
Information on the processing of personal data
Identification of the responsible party: “Teradisk Consuting, SL”, with registered office at Tarragona, street, number 157, 4th floor, 08014 Barcelona, with Tax Identification Number: B66443375, registered in the Barcelona Mercantile Register in volume 44617, folio 207, Section 8, page B461316, 1st entry. Contact e-mail legal@teradisk.com.
Identification of the Data Protection Delegate: For all matters relating to personal data, such as queries, requests, suggestions, etc., you can contact the Data Protection Officer designated by “Teradisk” via the following e-mail address legal@teradisk.com [indicate if there is a name, telephone number or further contact details].
Purpose of data processing:
All data provided will be processed for the following purposes:
- Responding to requests made by the data subject.
- Maintenance of the relationship to be established, if any.
- Management, administration, information, provision and improvement of the services to be contracted out.
- Commercial communications related to our products and services.
The personal data provided shall be kept for as long as the business relationship continues. The data subject does not either request its deletion or it is unnecessary for the purposes of the processing. The data shall not be destroyed when there is a legal provision requiring it to be kept, in which case the data shall be blocked, and shall only be kept at the disposal of the Public Administrations, Judges and Courts, for the attention of possible liabilities arising from the processing, during the period of prescription of the latter.
No automated decisions, including profiling, are currently made on the basis of your personal data. In the event that such automated decisions are to be made in the future, prior consent will be sought.
Legitimation of the processing:
Any processing carried out on your personal data has been previously and expressly consented to by you. Beforehand, you will be informed of all the details required by law in order for you to give informed consent.
You may withdraw this consent at any time as detailed later in this document.
Recipients, assignments and transfers of data:
Your data will not be passed on to third parties, except when it is indispensable for the provision of the service or legal obligation.
Likewise, your data will not be transferred to countries outside the European Union unless it is indispensable for the fulfilment of the purposes and you give us your prior express authorisation.
“Teradisk” uses the WhatsApp application to communicate with its customers, in order to manage and monitor the services and products contracted, and in this regard, we inform you that the company that manages the WhatsApp application is based in the United States of America, which is considered an international transfer of data to a country that does not comply with European Data Protection regulations. For this reason, it is necessary that you expressly authorise us to use this channel of communication by ticking the corresponding box on the forms where you are asked to give your consent. We recommend that you consult the WhatsApp Privacy Policy before proceeding. If you wish to use the WhatsApp application to communicate with us, we inform you that “Teradisk” is only responsible for and guarantees the confidentiality, security and processing of data, in accordance with current legislation, with respect to the data collected directly from the user, having no control over or responsibility for the processing and subsequent uses that WhatsApp may make of the data provided through this channel.
Rights of data subjects:
You may exercise the rights detailed below at any time by post to “Teradisk”, Tarragona Street, number 157, 4th floor, 08014 Barcelona; or by e-mail to legal@teradisk.com. The request must contain the name, surname(s) and documentation accrediting the identity of the interested party or its legal representative, as well as a document accrediting representation, the request specifying the petition, the address for notification purposes, the date and signature of the applicant and documents accrediting the petition being made. If the petition does not meet the specified requirements, it will be required to be corrected.
The rights of data subjects are: access, rectification, limitation, portability, opposition and suppression; and their definition is as follows:
Right of access:
The data subject shall have the right to obtain confirmation from the controller as to whether or not personal data relating to him or her are being processed and, if so, the right of access to the personal data and to the following information:
- a) the purposes of processing
- b) the categories of personal data processed
- c) the recipients or categories of recipients to whom the personal data has been or will be disclosed, in particular recipients in third parties or international organisations
- d) if possible, the envisaged retention period for the personal data or, if not possible, the criteria used to determine this period
- e) the existence of the right to request from the controller the rectification or erasure of personal data or the restriction or objection to the processing of personal data relating to the data subject, or the right to object to such processing
- f) the right to lodge a complaint with a supervisory authority
- g) where the personal data has not been obtained from the data subject, any available information on their source
- h) the existence of automated decisions, including profiling, as referred to in Article 22(1) and (4), and, at least in such cases, meaningful information about the logic involved and the significance and expected consequences of such processing for the data subject.
Where personal data are transferred to a third country or to an international organisation, the data subject shall have the right to be informed of the appropriate safeguards pursuant to Article 46 concerning the transfer. The controller shall provide a copy of the personal data under processing. The controller may charge for any further copies requested by the data subject a reasonable fee based on administrative costs. Where the data subject submits the request by electronic means, and unless the data subject requests otherwise, the information shall be provided in a commonly used electronic format.
Right to rectification:
The data subject shall have the right to obtain without undue delay from the controller the rectification of inaccurate personal data relating to him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data supplemented, including by means of an additional statement.
Right to erasure:
The data subject shall have the right to obtain without undue delay from the controller the erasure of personal data relating to him/her, who shall be obliged to erase personal data without undue delay if any of the following conditions are met:
- a) the personal data is no longer necessary for the purposes for which it was collected or otherwise processed
- b) the data subject withdraws the consent on which the processing is based pursuant to Article 6(1)(a) or Article 9(2)(a) and the consent is not based on any other legal basis
- c) the data subject objects to the processing pursuant to Article 21(1) and no other legitimate grounds for the processing prevail, or the data subject objects to the processing pursuant to Article 21(2)
- d) the personal data have been unlawfully processed
- e) the personal data must be erased in order to comply with a legal obligation under Union or Member State law applicable to the controller
- f) the personal data has been obtained in connection with the provision of information society services referred to in Article 8(1)
Where the controller has made public the personal data in respect of which the data subject has exercised his or her right of erasure, the controller shall, taking into account available technology and the cost of its implementation, take reasonable steps to inform third parties who are processing such information of the request for erasure of the data, as well as of any link to such data or to any copy or replica thereof.
This right shall be limited by other rights such as the right to freedom of expression and information, by the fulfilment of a legal obligation, or when there are reasons of public interest.
Right to restrict processing:
The data subject shall have the right to obtain the restriction of the processing of the data from the controller, whenever one of the following conditions is met:
- a) the data subject contests the accuracy of the personal data within a period which allows the controller to verify the accuracy of the personal data
- b) the processing is unlawful and the data subject objects to the erasure of the personal data and requests the restriction of their use instead
- c) the controller no longer needs the personal data for the purposes of the processing, but the data subject needs them for the purposes of making, exercising or defending claims
- d) the data subject has objected to the processing pursuant to Article 21(1), while it is being verified whether the legitimate grounds of the controller outweigh those of the data subject
Where the processing of personal data has been restricted pursuant to paragraph 1, such data may be processed, with the exception of their retention, only with the consent of the data subject or for the purposes of the formulation, exercise or defense of claims, or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a particular Member State.
Any data subject who has obtained the restriction of processing pursuant to paragraph 1 shall be informed by the controller prior to the lifting of the restriction of processing.
Right to object:
The data subject shall have the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data relating to him or her on the basis of Article 6(1)(e) or (f), including profiling on the basis of those provisions.
The controller shall no longer process the personal data, unless it can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or for the formulation, exercise or defense of claims.
Where personal data is processed for direct marketing purposes, the data subject shall have the right to object at any time to the processing of personal data concerning him or her, including profiling insofar as it is related to such marketing.
Where the data subject objects to the processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.
Where personal data is processed for scientific or historical research or statistical purposes in accordance with Article 89(1), the data subject shall have the right, on grounds relating to his or her particular situation, to object to the processing of personal data relating to him or her, unless processing is necessary for the performance of a task carried out for reasons of public interest.
Right to data portability:
The data subject shall have the right to receive personal data relating to him/her which he/she has provided to a controller in a structured, commonly used and machine-readable form and to transmit it to another controller without being prevented from doing so by the controller to whom he/she has provided it, when:
- a) the processing is based on consent within the meaning of Article 6(1)(a) or Article 9(2)(a) or in a contract within the meaning of Article 6(1)(b), and
- b) the processing is carried out by automated means.
2.When exercising his or her right to data portability in accordance with paragraph 1, the data subject shall have the right to have personal data transmitted directly from data controller to data controller where technically feasible.
The exercise of the right referred to in paragraph 1 of this Article shall be without prejudice to Article 17. This right shall not apply to processing which is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
The controller shall communicate any rectification or erasure of personal data or restriction of processing carried out pursuant to Article 16, Article 17(1) and Article 18 to each recipient to whom personal data has been disclosed, unless this is impossible or would involve a disproportionate effort. The data controller shall inform the data subject about these recipients, if the data subject requests so.
Revocation of consent: The data subject who has given consent to the processing of his or her personal data may also withdraw such consent with equal ease. Withdrawal of consent does not render the processing previously carried out unlawful.
The data subject shall have the right to lodge a complaint with the competent supervisory authority.
Where personal data are further processed for other purposes, the controller shall inform the data subject of this fact.
Security measures: The Data Controller declares that it has adopted the technical and organisational measures necessary to guarantee the security of the data and to avoid its alteration, loss, unauthorised processing or access, taking into account the state of technology, the nature of the data stored and the risks to which they are exposed, whether from human action or from the physical or natural environment.
The www.teradisk.com and www.teradisk.net website contains links to other websites that may be of interest to the interested party. “Teradisk” assumes no responsibility for these links, and no guarantee can be given as to the observance of adequate privacy policies, and the interested party therefore accesses the content of the aforementioned websites under the conditions of use set out therein and under his sole responsibility.
Contact form
We inform you that the data you voluntarily provide in this form will be processed by “Teradisk Consuting, SL” in order to respond to your request. Your data will not be passed on to third parties, except when it is indispensable for the provision of the service or legal obligations. You can exercise your rights of access, rectification, limitation, portability, opposition and erasure of data by sending an e-mail to legal@teradisk.com. More information at www.teradisk.com.
If you have any questions, concerns or recommendations regarding our Privacy Policy, you may contact us by e-mail at the following address: legal@teradisk.com
“Teradisk Consuting, SL”
All rights reserved