Privacy Policy
DATA OF THE DATA CONTROLLER
AICRUMIT S.L. NIF: B01660513 Registered office: CEEIM Building. Module 5. Espinardo University Campus Street, 7, 30.100 MURCIA (ESPAÑA)SCOPE OF APPLICATION
This Policy will apply to:
Individuals who visit the website of AICRUMIT S.L. (hereinafter, any reference to this entity will also include its English version). Individuals who voluntarily communicate with AICRUMIT S.L. via email, chat, or complete any of the data collection forms published on the AICRUMIT S.L. website. Individuals who request information about the products and services of AICRUMIT S.L. or wish to participate in any of AICRUMIT S.L.’s commercial actions. Individuals who formalize a contractual relationship with AICRUMIT S.L. by contracting its products and services. Individuals who use any other service on the website that involves the communication of data to AICRUMIT S.L. or the access to data by AICRUMIT S.L. for the provision of its services. Any other individuals who, directly or indirectly, have given their express consent for their data to be processed by AICRUMIT S.L. for any of the purposes outlined in this Policy.The use of the products and services of AICRUMIT S.L. requires the express acceptance of this Policy.
AICRUMIT S.L. warns that, unless there is a legally established representation, no user and/or client may use the identity of another person or provide their personal data. Therefore, the data provided to AICRUMIT S.L. must be personal data corresponding to their own identity, and must be appropriate, relevant, current, accurate, and true. In this regard, the user and/or client will be solely responsible for any direct or indirect damage caused to third parties or to AICRUMIT S.L. due to the use of another person’s data or their own data when it is false, incorrect, outdated, inappropriate, or irrelevant. Likewise, the user and/or client who provides personal data of a third party will be responsible for having obtained the corresponding authorization from the interested party, as well as the consequences in case of failure to do so.
Similarly, the user and/or client who provides personal data to AICRUMIT S.L. declares to be of legal age, in accordance with Spanish law, and refrains from providing data to AICRUMIT S.L. if this is not the case. Any data provided regarding a minor will require prior consent or authorization from their parents, guardians, or legal representatives, who will be responsible for the data provided by minors under their care.
This Policy will apply subsidiarily to any other conditions related to the protection of personal data that are specially established and communicated, without limitation, through registration forms, contracts, and/or terms of specific services, and this Policy will therefore complement those mentioned in matters not expressly covered by them.
PURPOSES OF COLLECTING AND PROCESSING PERSONAL DATA
AICRUMIT S.L., as the data controller, informs users about the existence of various processing activities and files in which personal data communicated to AICRUMIT S.L. is collected and stored.
The purposes of collecting and processing personal data are as follows:
Regarding the “cookies” used by AICRUMIT S.L. when navigating through its website, these are stored on the user’s terminal device (computer or mobile device) and collect information when visiting these web pages. The purpose is to improve the usability of the website, understand users’ browsing habits or needs in order to adapt to them, and gather statistical information. In the case of users who are already customers of AICRUMIT S.L., the information collected through cookies will also be used for their identification when accessing the various tools provided by AICRUMIT S.L. for service management. In any case, users can configure their browser to disable or block the reception of all or some cookies. Not wishing to receive cookies does not prevent access to the information on AICRUMIT S.L.’s websites, although the use of certain services may be limited. If consent to receive cookies has been given and is later withdrawn, the cookies stored on the user’s device must be deleted through the settings of the different browsers. All information about the cookies used by AICRUMIT S.L. is published in its Cookie Policy, available for consultation at [https://aicrumit.com/cookies](https://aicrumit.com/cookies).
In the case of forms filled out by interested parties for participating in any of AICRUMIT S.L.’s commercial actions, the purpose will be to facilitate such participation, as well as to send commercial and advertising communications about AICRUMIT S.L.’s services, unless the interested party expressly opposes this at the time their data is collected. However, the interested party may modify their decision at any time, as often as desired, through the means provided by AICRUMIT S.L. for this purpose.
When contracting the services offered by AICRUMIT S.L., only the personal data necessary to establish the contractual relationship and enable the provision and payment of services by the clients will be collected. These data will be collected and processed for the following purposes:
RETENTION PERIOD OF PERSONAL DATA
AICRUMIT S.L. will retain personal data for the strictly necessary period to fulfill the purposes outlined above. AICRUMIT S.L. may keep such data duly blocked during the period in which responsibilities may arise from its relationship with the client.
In the case of data retained due to compliance with Law 25/2007, of October 18, on the retention of data related to electronic communications and public communications networks, the retention period for such data will be as specified in that regulation.
RECIPIENTS OF PERSONAL DATA
The recipients of the personal data collected by AICRUMIT S.L. are as follows:
The employees of AICRUMIT S.L. in the performance of their duties.
The suppliers of AICRUMIT S.L. involved in the provision of services, if necessary for the provision of the same.
The companies in the corporate group of which AICRUMIT S.L. is a part, as defined in Article 42 of the Spanish Commercial Code, whose activity is the marketing of services identical or similar to those offered by AICRUMIT S.L.
The judicial or administrative bodies, as well as the State Security Forces, if AICRUMIT S.L. is required under applicable law to provide information related to its clients and services.
Any other entities that, due to the nature of the service, must access the provided data, as detailed in the Specific Conditions applicable to the product or service contracted by the client and expressly accepted by the client.
RIGHTS OF USERS AND EXERCISE OF THESE RIGHTS
Users may exercise at any time the following rights recognized by the GDPR:
Right of access. Users have the right to obtain from AICRUMIT S.L. information about whether personal data concerning them is being processed, to access the data, and to obtain information about the processing being carried out.
Right to obtain a copy of their personal data.
Right of rectification. Users have the right to request that AICRUMIT S.L. rectify their personal data if it is inaccurate or incomplete.
Right of deletion. Users have the right to request the deletion of their data when it is no longer necessary for the purposes for which it was provided, or when the other legally required circumstances are met.
Right to restrict processing.Users have the right to request a restriction on the processing of their personal data, so that the processing operations applicable to them are limited in the cases provided for in Article 18 of the GDPR.
Right to data portability.Users have the right to receive their personal data in a structured format, provided that the data concerns only the user and has been provided by the user.
Users may exercise these rights in the following ways:
Whether or not they are customers of AICRUMIT S.L., users may exercise their rights by sending a communication accompanied by their ID card or valid document proving their identity, directed to AICRUMIT S.L., C/ González Cebrián, 3. Bajo 30002 Murcia (Murcia) Spain, to the attention of the Administration Department, specifying the right they wish to exercise.
In cases of manifestly unfounded or excessive requests due to their repetitive nature, AICRUMIT S.L. reserves the right to charge a fee for the administrative costs incurred or the right to refuse to act on such requests, in accordance with the provisions of Article 12.5 of the GDPR.
CONTROL AUTHORITY
Users and/or customers may contact the relevant local supervisory authority if they believe that the processing of their personal data has not been carried out in accordance with current legislation.
The data protection supervisory authority in Spain is the Spanish Data Protection Agency, whose contact details are available on its website, specifically at: http://www.agpd.es/portalwebAGPD/CanalDelCiudadano/contacteciudadano/index-ides-idphp.php.
International data transfers
For those products and services of AICRUMIT S.L. that require international data transfers to enable the provision of the services, this circumstance will be outlined in the Specific Terms and Conditions applicable to the relevant product or service contracted by the customer, and will be expressly accepted by the customer prior to the transfer.
AICRUMIT S.L. AS DATA PROCESSOR
In accordance with Article 28 of the GDPR and related provisions, AICRUMIT S.L. will process personal data for which the customer holds the role of data controller or data processor, when this is necessary for the proper provision of the contracted services. In such cases, AICRUMIT S.L. will act as the data processor in accordance with the following terms:
AICRUMIT S.L. will only process the data according to the instructions of the customer, the data controller or processor, and will not use it for any purpose other than that stated in this Privacy Policy and/or the applicable contractual conditions.
Once the provision of services that require the processing of personal data is completed, the data will be destroyed, along with any media or documents containing personal data or any type of information generated during, for, and/or by the provision of the services outlined in the relevant Conditions. However, AICRUMIT S.L. may retain the data in a properly blocked state for the period during which any potential liabilities may arise from its relationship with the customer.
If AICRUMIT S.L. uses the data for a different purpose or discloses or processes it in violation of this Privacy Policy and/or the relevant Service Conditions, it will also be considered responsible for the processing.
AICRUMIT S.L. undertakes, in accordance with Article 28 of the GDPR, to maintain professional confidentiality regarding the personal data it must access and/or process in order to comply with the terms of the applicable Service Conditions, both during and after the termination of the services, committing to use such information solely for the intended purpose and requiring the same level of commitment from any person within its organization who participates in any phase of the processing of personal data for which the customer is responsible.
In accordance with the GDPR, the following rules will apply regarding the form and modalities of access to the data for the provision of services:
- If AICRUMIT S.L. needs to access the processing resources located on the customer’s premises, the customer will be responsible for establishing and implementing the security policies and measures, as well as for communicating them to AICRUMIT S.L., which undertakes to respect them and ensure their compliance by the people within its organization involved in the provision of the services.
- When AICRUMIT S.L. accesses the customer’s data processing resources remotely, the customer must establish and implement security policies and measures in its remote processing systems, with AICRUMIT S.L. being responsible for establishing and implementing security policies and measures in its own local systems.
- When the service is provided by AICRUMIT S.L. at its own premises, AICRUMIT S.L. will record in its Activity Register the circumstances related to the data processing, as required by the GDPR, including the corresponding security measures for such processing.
ACCESS AND/OR PROCESSING OF DATA BY AICRUMIT S.L.
The access to and/or processing of data by AICRUMIT S.L., without prejudice to any specific legal or regulatory provisions that may apply in each case or any measures AICRUMIT S.L. adopts on its own initiative, will be subject to the necessary security measures to:
- Ensure the confidentiality, integrity, availability, and permanent resilience of processing systems and services.
- Restore the availability and access to personal data quickly in case of a physical or technical incident.
- Regularly verify, evaluate, and assess the effectiveness of the technical and organizational measures implemented to ensure the security of processing.
- Pseudonymize and encrypt personal data, where applicable.
The customer authorizes AICRUMIT S.L., as the data processor, to subcontract third parties, on behalf and for the account of the customer, for services such as data storage, backup copy custody, and security, as well as any other necessary services to facilitate the provision of the contracted services, always respecting the obligations set forth by the GDPR and its implementing regulations. At any time, the customer may request from AICRUMIT S.L. the identity of the subcontracted entities providing the aforementioned services, who will act in accordance with the terms outlined in this document and after formalizing a data processing agreement with AICRUMIT S.L. as per Article 28.4 of the GDPR.
The customer authorizes AICRUMIT S.L. to perform the following actions, as long as they are necessary for the execution of the services provided. This authorization is limited to the actions necessary for the provision of each service and has a maximum duration tied to the validity of the applicable contractual conditions:
- To carry out the processing of personal data on portable devices exclusively by the users or user profiles assigned to the provision of services.
- To carry out processing outside of the customer’s or AICRUMIT S.L.’s premises, exclusively by the users or user profiles assigned to the provision of services.
- To allow the entry and exit of media and documents containing personal data, including those attached to or included in an email, outside of the premises controlled by the customer as the data controller.
- To execute data recovery procedures that AICRUMIT S.L. may be obligated to perform.
AICRUMIT S.L. is not responsible for non-compliance with the obligations arising from the GDPR or the corresponding data protection regulations by the user and/or customer in relation to their activities and as it pertains to the execution of the contract or business relationships with AICRUMIT S.L. Each party will be responsible for its own non-compliance with contractual obligations and applicable regulations.
INFORMATION ABOUT DATA PROTECTION
Purposes: To respond to your requests and send you commercial information about our product, including via email.
Legal Basis: Consent of the data subject.
Recipients: No data transfers are foreseen.
Rights: You can withdraw your consent at any time, as well as access, rectify, delete your data, and exercise other rights at info@aicrumit.com.
Additional Information: You can find more information at the Legal Notices link.
