Responsible for processing
In terms of data protection, Omnitec Systems, SL, must be considered responsible for the processing, in relation to the files and processing specified in this policy, especially the Data Processing section.
The website owner details are:
- Responsible for processing: Omnitec Systems, SL
- Postal address: P.I. Empresarium, C/ Retama 20-22, Naves 15 & 16, 50720-Zaragoza-Spain
- Email address: firstname.lastname@example.org
The personal data requested, if appropriate, will consist only of the strictly necessary to identify and respond to the request made by their owner, hereinafter the interested party. This information will be treated in a fair, lawful and transparent manner in relation to the interested party. Also, the personal data will be collected for explicit and legitimate purposes and not be further processed in a manner incompatible with these purposes.
The data collected from each interested party will be adequate, relevant and not excessive in relation to the corresponding purposes in each case, and will be updated whenever necessary.
Before their data is collected, the data owner will be informed of the general purposes regulated in this policy to be able to provide express, precise and unequivocal consent for the processing of their data, in accordance with the following aspects.
The explicit purposes of the processing are included in the information provided in each of the data collection channels (e.g. website forms, paper forms, recorded messages, posters and information notes).
However, the personal data of the interested party will be treated with the sole purpose of providing an effective response to and compliance with the requests made by the user, specified together with the option, service, form or data collection system that the owner uses.
As a general rule, before processing personal data, Omnitec Systems, SL will obtain unequivocal consent from the owner via the incorporation of informed consent terms in the different information collection systems.
However, if the consent of the interested party is not required, the basis for legitimising the processing by Omnitec Systems, SL is the existence of a specific law or standard that authorises or demands the processing of the data of the interested party.
As a general rule, Omnitec Systems, SL will not transfer or provide any personal data to a third party, unless this is legally required. However, if necessary, the interested party can be informed of such a transfer or provision of data through the informed consent terms included in the different options for collecting personal data.
As a general rule, personal data will always be collected directly from the interested party. However, in certain cases, the data may be collected through third parties, entities or services different from the interested party. If this occurs, the interested party will be informed of this by the informed consent terms contained in the different options for collecting information and within a reasonable time (a maximum of 1 month) after the data have been obtained.
Data maintenance periods
The personal data collected from the interested party will be kept as long as is necessary to fulfil the purpose for which the information was collected. Once the purpose is no longer applicable, the data will be cancelled. This will result in the data being blocked and kept for the availability only of Public Administrations, Judges and Courts, to attend to possible responsibilities arising from the processing.
In relation to the browsing data that can be processed through the website, consult the Cookies Policy on our website for data collected subject to the regulations.
Rights of interested parties
The regulations on data protection grant a series of rights to the interested parties or data holders and Omnitec Systems, SL website or social network profile users.
The rights applicable to interested parties are the following:
- Access: To obtain information about whether and for what purpose your data are being processed, the categories of data concerned, the recipients or recipient categories, the term of conservation and the origin of these data.
- Rectification: To correct inaccurate or incomplete personal data.
- Removal: To obtain deletion of data when:
- The data are no longer necessary for the purpose for which they were collected.
- The data owner withdraws consent.
- The interested party opposes processing.
- The data have to be deleted in compliance with a legal obligation
- The data were obtained by an information society service based on the provisions of article 8, section 1 of the European Regulation on Data Protection.
- Objection: Be opposed to specific processing based on the consent of the interested party.
- Limitation: Limit the data processing when:
- The interested party challenges the accuracy of the personal data; applicable while the company checks their accuracy
- The processing is illegal and the interested party objects to the data being deleted
- The company no longer needs the data for the purposes for which they were collected, but the interested party needs them to prepare, exercise or defend a claim.
- The interested party has opposed processing; applicable while it is checked if the legitimate reasons of the company prevail over those of the interested party.
- Portability: Obtain the data in a structured, commonly used and machine-readable format to transfer them to another data controller when the processing is:
- Based on consent
- Done automatically
- Making a claim: Against the competent control authority.
Interested parties may exercise the above rights by post to Omnitec Systems, SL, P.I. Empresarium, C/ Retama 20-22, Naves 15 & 16, 50720-Zaragoza-Spain, indicating the right to be exercised in the subject line.
Omnitec Systems, SL will respond to your request as soon as possible and within the deadlines established in the data protection regulations.
The security measures adopted by Omnitec Systems, SL are in accordance with the provisions of article 32 of the GDPR. Taking into account the state of the art, the costs of application and the nature, scope, context and purposes of the processing, as well as the variable severity and probability risks for the rights and freedoms of physical persons, the company has established the appropriate technical and organisational measures to ensure the appropriate level of security for the existing risk.
In all cases, Omnitec Systems, SL has implemented sufficient mechanisms to:
- Ensure the confidentiality, integrity, availability and permanent resilience of the processing systems and services.
- Restore availability and access to personal data quickly following a physical or technical incident.
- Regularly check, evaluate and assess the effectiveness of the technical and organisational measures implemented to guarantee the safety of the processing.
- Pseudonymise and encrypt personal data, if applicable.