Privacy policy
I. PERSONAL DATA PROTECTION POLICY 8TEES CREATIVE AGENCY SL (the “Company”) is an Organization in which personal dataprocessing activities are carried out, which attributes an important responsibility to the design and organization of procedures so that they are aligned with legal compliance in this matter. In the exercise of these responsibilities and in order to establish the general principles that should govern the treatment of personal data in the Company, it approves thisPolicy for the protection of personal data, which notifies its Employees and makes available of all your interest groups.
1. Purpose The Policy for the protection of personal data is a measure of proactive responsibility that has the purpose of ensuring compliance with the applicable legislation in this matter and in relation to it, respect for the right to honor and privacy in the treatment of the personal data of all the people who are related to The Company. In development of the provisions of this Personal Data Protection Policy, the Principles that govern the processing of data in the organization are established and, consequently, the procedures, and the organizational and security measures that the people affected by They undertake to implement this Policy in their area of responsibility. To this end, 8TEES CREATIVE AGENCY SL will assign responsibilities to the personnel who participate in data processing operations.
2. Scope of applicationThis Personal Data Protection Policy will be applicable to the Company, its administrators, managers and employees, as well as all the people who are related to it, with the express inclusion of service providers with access to data (“ Those in charge of the treatment ”)
3. Principles of the treatment of personal data As a general principle, The Company will scrupulously comply with the legislation on the protection of personal data and must be able to demonstrate it (Principle of“ proactive responsibility ”) , paying special attention to those treatments that may pose a greater risk to the rights of those affected (Principle of “risk approach”). In relation to the above, 8TEES CREATIVE AGENCY SL will ensure compliance with the following Principles:
➔ Legality, loyalty, transparency and limitation of purpose. The data processing must always be informed to the affected party, through clauses and other procedures; and it will only be considered legitimate if there is consent for the processing of data (with special attention to that provided by minors), or it has another valid legitimacy and the purpose thereof is in accordance with the Regulations.
➔Minimization of data. The data processed must be adequate, pertinent and limited to what is necessary in relation to the purposes of the treatment.
➔Accuracy. The data must be exact and, if necessary, updated. In this regard, the necessary measures will be taken so that personal data that are inaccurate with respect to the purposes of the treatment are deleted or rectified without delay.
➔Limitation of the conservation period. The data will be kept in a way that allows the identification of the interested parties for no longer than necessary for the purposes of the treatment.
➔ Integrity and Confidentiality. The data will be treated in such a way as to guarantee adequate security of personal data, including protection against unauthorized or illegal treatment and against its loss, destruction or accidental damage, through the application of appropriate technical or organizational measures.
➔Data transfers. The purchase or obtaining of personal data from illegitimate sources or in those cases in which said data has been collected or transferred in contravention of the law or its legitimate origin is not sufficiently guaranteed.
➔Data transfers. The purchase or obtaining of personal data from illegitimate sources or in those cases in which said data has been collected or transferred in contravention of the law or its legitimate origin is not sufficiently guaranteed.
➔Hiring providers with access to data. Only providers that offer sufficient guarantees to apply appropriate technical and security measures in the data processing will be chosen for hiring. The due Agreement in this regard will be documented with these third parties.
➔International data transfers. Any processing of personal data subject to European Union regulations that involves a transfer of data outside the European Economic Area must be carried out in strict compliance with the requirements established in the applicable law.
➔Rights of those affected. The Company will facilitate to those affected the exercise of the rights of access, rectification, deletion, limitation of treatment, opposition and portability, establishing for this purpose the internal procedures, and in particular the models for their exercise that are necessary and timely, which must satisfy, at least, the legal requirements applicable in each case. The Company will promote that the principles contained in this Policy for the protection of personal data are taken into account (i) in the design and implementation of all work procedures, ( ii) in the products and services offered (iii) in all contracts and obligations that they formalize or assume and (iv) in the implementation of anysystems and platforms that allow access by employees or third parties and / or the collectionor processing of data from personal character.