Data Protection Information
Identification: iDISC INFORMATION TECHNOLOGIES, S.L. (“iDISC”)..
Mailing Address: Passeig del Progrés, 96
08640 Olesa de Montserrat
Barcelona - Spain
How do we use personal data?
Within the scope of its business activities, iDISC collects and processes personal data from (1) people interested in its products or services, (2) customers, (3) human resources (including staff and freelancers), and (4) newsletter subscribers. iDISC will process these data, as well as the data it processes for its administrative tasks, fairly and lawfully and, in any case, in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council ("GDPR").
iDISC is a company that primarily offers B2B services, which means that any contact data it may have for contacts and customers is mainly from companies. In these cases, the data are limited to being strictly professional in nature and, consequently, any reference to the personal data pertaining to customers or contacts must be understood as falling under this limitation.
iDISC collects the following personal data for the purposes indicated below:
- Contact via the contact form on our Website: the personal data collected via this form will be used exclusively for notifying users about requested services or handling a request. If we receive explicit consent to do so, the contact data may be processed for promotional purposes, always for the purpose of offering iDISC products or services.
- Customers: whenever a client purchases one of our services, his or her personal data will be used exclusively for the administrative management associated with the acquired product.
- Newsletter: the data collected through this form will be used exclusively to send you the newsletter, as well as commercial communications of promotions and/or advertising of our services.
- Contact via our social media profiles: any data provided to us or shared with us through any social network on which iDISC has an active account will be processed in accordance with the Privacy Policies of the respective social network.
- Candidates: whenever a person has an interview in our offices or online or submits a resume, the candidate’s data will be used to determine his or her suitability for covering potential job vacancies at iDISC. In the event that the candidate is hired by our company, his or her personal data will be used exclusively for managing the employment relationship with iDISC.
- Employees: the personal data of anyone working at iDISC will be processed exclusively for complying with the contract and employment regulations.
- Freelancers: whenever a person works for iDISC as a freelancer, his or her personal data will be used exclusively for managing projects and any related administrative formalities. Occasionally, iDISC may obtain freelancer data via online professional advertising platforms.
With regard to contacts and customers, iDISC may process their data in order to promote its products and services in accordance with its legitimate interest and as long as the data have been obtained under the contractual relationship with the data subject. In all other cases, iDISC will not process the data without the prior explicit consent of the data subjects.
How long do we keep the data?
Whenever there is a contractual relationship between the data subject and iDISC, the personal data will be processed for the duration of the aforementioned relationship and, once concluded, for the period of time necessary for resolving any legal actions arising from compliance or non-compliance with the same. This applies to data belonging to customers, freelancers, or employees.
In the event that the data are processed pursuant to the data subject's consent (use of contact data for promotional purposes or sending newsletters) or pursuant to the legitimate interest of iDISC, the data will be processed until consent has been withdrawn or until iDISC no longer has a legitimate interest in processing the data.
In such cases where contacts have not consented to the processing of their data for promotional purposes, these data will be automatically deleted from our system 5 years after the request for information, provided that the contacts have shown no further interest in the products and services offered by iDISC.
Data belonging to employees and freelancers will be processed for the duration of the contractual relationship and, once concluded, for the period of time necessary for resolving any potential instances of non-compliance in this context. In the event that a person has an interview for a job opening, his or her personal data will be archived for a period of one year; at this time, if the person has not been selected, his or her personal data will be deleted from our system.
Data belonging to customers, freelancers, and employees will be processed by iDISC in order to fulfill the contractual relationship. Any refusal to submit these personal data may prevent iDISC from entering into the contract.
With regard to contacts outside our portfolio of customers and providers, we will only process data for promotional purposes if the data subject has given us his or her consent to do so. The data subject will always have the option of withdrawing his or her consent for the processing of data for these purposes.
Whenever we process a customer’s data for promotional purposes, we will process the data based on the legitimate interest of iDISC.
Data transfers to third parties
Personal data will not be transferred to third parties without the prior explicit consent of the data subject, unless legal obligations require iDISC to do so.
Processed Data Categories:
- Identification data (first and last name)
- Contact data (email, phone number, mailing address)
- Financial data
- Academic data
- Professional data
The customers' identification and contact data refer exclusively to professional data and do not include any data processing outside this scope.
Under no circumstances will we process especially sensitive data, such as data related to health, ideology, or beliefs.
You have the right to:
- Revoke the consent given.
- Access your personal data.
- Rectify your personal data.
- Erase your personal data.
- File a claim or a request for the enforcement of your rights with the Spanish Data Protection Agency.
- Be notified of any security issue that could affect your rights.
- Restrict processing.