KNOWEE CARDS, S.L. (hereinafter, KNOWEE) provides a service so that the user can have their own professional contact card on the KNOWEE website and share it with whoever they want in different ways.
The user may share their professional card with third parties in three ways:
- Communicating the Knowee code to the third party (11-character code between upper and lower case, alphanumeric that identifies a card).
- Providing the third party with the QR code linked to your card.
- Providing a third party with a physical card that has a Knowee code or a QR code or NFC chip. In this case, the third party will only have to upload the user’s physical card to the Knowee website and the system will find the Knowee card without the user needing to enter any additional data.
Likewise, the user may share their Knowee card by sending it to the contacts they wish, as long as the communication of their personal data complies with current legislation on the matter.
We inform you below, in the form of questions and answers, of the conditions under which our entity processes your personal data:
Who is responsible for the processing of your data?
- Who: KNOWEE CARDS, S.L. CIF: B-86815172.
- Postal address: Avda. de Fuencarral, 44; Ed 3, L 19, 28108 – Alcobendas (Madrid).
- Email: firstname.lastname@example.org.
For what purpose do we process your personal data?
We process the personal data you provide us with for the following purposes:
- The management of the relationship with the client and the billing and collection of services. The provision of data for this purpose by our clients is obligatory, otherwise the fulfillment of the contract is prevented.
- The management of relationships with our suppliers, as well as the billing and payment of services. For this purpose, it is mandatory that the supplier provides us with their data, since, otherwise, the contract could not be executed.
- Channel requests for information, suggestions and complaints that you may send us, contact the sender of the information, respond to your request or query and follow up later. Providing data for this purpose is voluntary, although, if you do not do so, the request, query or claim cannot be responded to. Therefore, the communication of your personal data for these purposes is a necessary requirement so that we can respond to these requests.
- Sending commercial communications about our products or services if you expressly authorize us to do so by checking the box enabled for this purpose. The authorization is voluntary and your refusal would only have the consequence that you would not receive commercial offers for our products or services.
- If you become a friend or follower of ours on social networks, we will process your data to keep you informed of our activities and promotions through these channels. Providing data for this purpose is voluntary, although, if you do not do so, you will not be able to be our friend or follower on the corresponding social network. The categories of data processed for this purpose are identifying data.
How long will we process your data?
We only keep your data for the period of time necessary to fulfill the purpose for which it was collected, comply with the legal obligations imposed on us and address any possible responsibilities that may arise from compliance with the purpose for which the data was collected. collected.
The data for the management of the relationship with clients and suppliers and the billing and collection of services will be kept for this purpose throughout the time that the contract is in force. Once said relationship has ended, where applicable, the data may be kept for the time required by applicable legislation and until any responsibilities arising from the contract expire.
The data for sending commercial communications about our products or services will be kept indefinitely, until, where appropriate, you express your desire to delete them or your desire to stop receiving such communications.
The data of potential clients who do not contract our products or services and who do not wish to receive commercial information will be deleted when it is confirmed that the contract will not take place. In the event that the previous relationship between the parties, not yet consummated, could give rise to possible liabilities, the data will be kept until they expire.
The data processed to respond to requests, petitions, queries or claims will be kept for the time necessary to respond to them and consider them definitively closed. Subsequently, they will be kept as a communication history for a period of one year, unless you request their deletion sooner.
The data provided through social networks will be kept as long as you remain a friend or follower of ours on the corresponding platform.
What is the legitimacy for the processing of your data?
Customer and supplier data will be processed on the basis of the contractual relationship existing between the parties, as a consequence of the provision of services offered.
The prospective offer of our products and services is based on the consent of the interested party. Said consent is revocable at any time, without any consequences other than ceasing to receive advertising and without affecting the data processing carried out previously.
The processing of personal data to respond to your requests for information, requests, queries and complaints is based on the consent of the interested party. Said consent can be withdrawn at any time, although this will not affect the legality of the treatments carried out previously.
The data provided through social networks will be processed on the legal basis of your consent, and you may revoke it at any time, although this will not affect the legality of the treatments carried out previously.
The categories of data processed are those requested in each case by the form or contract through which you provide us with your data.
To which recipients will your data be communicated?
The data will be communicated to the competent Public Administrations, in the cases provided for in the Law and for the purposes defined therein, to the corresponding financial entities, for the management of collections and payments, as well as to the entity that provides scanning services. cards, INTSIG (CamCard software provider company).
Although this is not a transfer of data, it may be that third parties, which act as our suppliers, access your information to carry out the service. These managers access your data following our instructions and without being able to use it for a different purpose and maintaining the strictest confidentiality and based on a contract in which they undertake to comply with the requirements of current regulations regarding the protection of personal data.
This company contracts its virtual infrastructure according to a cloud computing model through the company Google Workspace, located in the USA, which offers adequate data protection guarantees by applying the Standard Contractual Clauses approved by the European Commission for international data transfers.
What are your rights when you provide us with your data?
Anyone has the right to obtain confirmation as to whether we are processing personal data that concerns them or not. Interested persons have the right to access their personal data, as well as to request the rectification of inaccurate data or, where appropriate, request its deletion when, among other reasons, the data is no longer necessary for the purposes for which it was provided. collected.
Under the conditions provided for in the General Data Protection Regulation, interested parties may request the limitation of the processing of their data or its portability, in which case we will only keep it for the exercise or defense of claims.
In certain circumstances and for reasons related to their particular situation, interested parties may object to the processing of their data. If you have given consent for a specific purpose, you have the right to withdraw it at any time, without affecting the legality of the processing based on consent prior to its withdrawal. In these cases we will stop processing the data or, where appropriate, we will stop doing so for that specific purpose, except for compelling legitimate reasons, or the exercise or defense of possible claims.
In addition, data protection regulations allow you to object to being subject to decisions based solely on the automated processing of your data, where appropriate.
The aforementioned rights are characterized by the following:
- Its exercise is free, unless the requests are manifestly unfounded or excessive (e.g., repetitive), in which case a fee proportional to the administrative costs borne may be charged or a refusal to act may be required.
- You can exercise your rights directly or through your legal representative or volunteer.
- Your request must be responded to within one month, although, taking into account the complexity and number of requests, the deadline can be extended by a further two months.
- We have the obligation to inform you about the means to exercise these rights, which must be accessible and without being able to deny you the exercise of the right for the sole reason of opting for another means. If the request is submitted electronically, the information will be provided by electronic means where possible, unless you ask us otherwise.
- If, for any reason, the request is not processed, we will inform you, no later than one month, of the reasons for this and of the possibility of complaining to a Supervisory Authority
All the aforementioned rights can be exercised through the means of contact listed at the beginning of this clause.
In the event of any infringement of your rights, especially when you have not obtained satisfaction in exercising your rights, you may file a complaint with the Spanish Data Protection Agency (contact details accessible in www.aepd.es), or another competent supervisory authority. You can also find out more about your rights by contacting these bodies.
How do we protect your personal data?
We are firmly committed to protecting the personal data we process. We use reasonably reliable and effective measures, controls and procedures of a physical, organizational and technological nature, aimed at preserving the integrity and security of your data and guaranteeing your privacy.
Furthermore, all staff with access to personal data have been trained and are aware of their obligations in relation to the processing of their personal data.
In the case of the contracts we sign with our suppliers, we include clauses in which they are required to maintain the duty of secrecy with respect to the personal data to which they have had access by virtue of the order made, as well as to implement security measures. technical and organizational measures necessary to guarantee the permanent confidentiality, integrity, availability and resilience of personal data processing systems and services.
All these security measures are reviewed periodically to guarantee their adequacy and effectiveness.
However, absolute security cannot be guaranteed and there is no security system that is impenetrable, so, in the case of any information being processed and under our control that is compromised as a result of a security breach, we will take the necessary measures. appropriate measures to investigate the incident, notify the Control Authority and, where appropriate, those users who may have been affected so that they can take appropriate measures.
What is your responsibility as the data owner?
By providing us with your personal data, the person who does so guarantees that he or she is over 14 years of age and that the data provided is true, accurate, complete and up-to-date.
For these purposes, the interested party is responsible for the veracity of the data and must keep it conveniently updated so that it responds to their real situation, being responsible for any false and inaccurate data that they may provide, as well as for damages, direct or indirect, that could arise.
If you provide data from third parties, you assume the responsibility of informing them in advance of everything provided for in article 14 of the General Data Protection Regulation under the conditions established in said provision.
How have we obtained your data?
In those cases in which user registration is carried out through social networks, the personal data that we will process will come from the social network in question, to which, previously, the interested party will have provided said data for the purposes provided for in its corresponding policies. Of privacy. The categories of data that we will collect from the social network in question are those that appear in our registration form and that you have provided to said social network. If, to proceed with registration on our website, more data than those provided by the social network are essential, you must additionally complete them in our registration form, subject to the privacy conditions provided for in this Policy.
No specially protected data is processed.