INSERBO, S.L., informs website users about its policy regarding the treatment and protection of personal data of users and clients.

It guarantees at all times the complete and full compliance with the obligations established by the data protection regulations and services of the information society: Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016, regarding the protection of individuals with regard to the processing of personal data and the free movement of such data (GDPR), Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights (LOPDGDD), and Law 34/2002, of July 11, on Information Society Services and Electronic Commerce (LSSIce).


DATA CONTROLLER

INSERBO, S.L.
VAT number: B25287491
C/. Ponent, 3 - Torrefarrera - Postal Code 25123 (Lleida - Spain)
Lleida Commercial Registry, Volume 891, General Section, Folio 13, Sheet No. L-17.262.
Email: inserbo@inserbo.com


PURPOSES OF DATA PROCESSING

The data provided by the User are used for various purposes, which are listed below:

Purpose of processing Legal basis for processing
Manage inquiries submitted through the contact form. Society's legitimate interest in responding to information requests through the website.
Express consent given at the time of data collection through web forms.
Sending newsletters, commercial communications, and promotions. Express consent given at the time of data collection through web forms.
Manage the personnel selection process and the relationship as a job candidate. Express consent given at the time of data collection through web forms.
Manage incidents and website maintenance. Society's legitimate interest.

DATA RETENTION PERIOD
Purpose of processing Retention period
Manage inquiries submitted through the contact form. We will process your data for as long as necessary to address your request or inquiry.
Sending newsletters, commercial communications, and promotions. We will process your data until you unsubscribe.
Manage the personnel selection process and the relationship as a job candidate. We will process your data for a maximum of 24 months.
Manage incidents and website maintenance. We will process your data for the time necessary to comply with the applicable legal time limits for prescription.

DATA RECIPIENTS

In order to fulfill the purposes stated in this Privacy Policy, it is necessary for us to grant access to your personal data to third parties that support us in the services we offer you (Data Processors).

The data processors will carry out the processing of a contract or the provision of a service to the Controller, following their instructions at all times and ensuring the same levels of security.


USER RIGHTS

The user has the right to:

  • Request access to their personal data being processed and receive this information in writing by the requested means.
  • Request the rectification of inaccurate personal data or, where appropriate, request their deletion when, among other reasons, the data is no longer necessary for the purposes for which it was collected.
  • Request the restriction of the processing of their data.
  • Object to the processing of their personal data when applicable, in which case their data will no longer be processed except for legitimate reasons.
  • Right to data portability. The data subject has the right to receive their personal data if it has been provided in a structured, commonly used, and machine-readable format, and to transmit it to another controller, provided that the following requirements are met:
    1. The processing is based on consent or a contract.
    2. The processing is carried out by automated means.
    3. Right to withdraw consent.
    4. Right to lodge a complaint with the Spanish Data Protection Agency.

The User may exercise the aforementioned rights at the postal or email address of the Controller, proving their identity with a scanned copy of their ID card or equivalent document, and specifying the right they wish to exercise.


DATA SOURCE

Personal data must be provided voluntarily by the data subject. Failure to provide certain data or failure to answer questions that may be asked of the data subject in registration processes or through electronic forms may result in the impossibility of accessing certain services for which it is essential to have this personal data. In this case, the Data Controller must inform the data subject of the mandatory or necessary nature of providing the personal data for the operation of the service.

The Controller ensures the confidentiality of your personal data and guarantees their security, taking the necessary measures to prevent their alteration, loss, processing, or unauthorized access.


INFORMATION PROVIDED BY THE DATA SUBJECT

Individuals under the age of 18 cannot provide their personal data without the prior consent of their parents/guardians.

By entering their data in the contact forms or submitting them in download forms, the data subject expressly and freely gives their consent for the Controller to process their data to fulfill their request, and the inclusion of data in the remaining fields is voluntary.

The data subject guarantees that the personal data provided to the lender are true and takes responsibility for communicating any changes to this information.

All data requested through the website is necessary to provide optimal service to the data subject. If all the data is not provided, it is not guaranteed that the information and services provided by the Controller will fully meet their needs.


SECURITY MEASURES

In compliance with the provisions of the current regulations on the protection of personal data, the Controller is complying with all the provisions of the GDPR and the LOPDGDD for the processing of personal data under its responsibility, and explicitly with the principles set forth in Article 5 of the GDPR and Article 4 of the LOPDGDD, by which personal data are processed lawfully, fairly, and transparently in relation to the data subject and are adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.

The Controller guarantees that it has implemented appropriate technical and organizational policies to apply the security measures established by the GDPR and the LOPDGDD to protect the rights and freedoms of the data subject and has provided them with the appropriate information so that they can exercise these rights.


SECURITY BREACHES

The Controller will report any security breaches that affect the database used by this website or that affect any of our third-party services to each and every individual whose data may have been affected and to the relevant authorities, within 72 hours of detecting the breach.


APPLICABLE LEGISLATION AND JURISDICTION

For the resolution of any disputes or matters related to this website or the activities carried out on it, Spanish legislation shall apply, and the parties expressly submit to the jurisdiction of the courts and tribunals of Lleida to resolve any conflicts arising from or related to its use.