Compliance with the General Data Protection Regulation (GDPR)
The guarantee of confidentiality of personal data of all stakeholders is important for Infraspeak, S.A.
Nonetheless, Infraspeak S.A. needs to use personal data about different individuals with whom it contacts to better serve its customers.
We include in this group clients, users, suppliers, partners, employees and any other individual that the company has a relation with or needs to contact.
This policy describes how personal information should be collected, analysed and stored, in order to fulfill the requirements on data protection and in order to comply with relevant legislation on this matter.
Also, this policy exists to ensure that Infraspeak, S.A.:
Fulfills the requirements of the GDPR and follows best practices;
Protects the rights of its employees, clients, users and partners;
Maintains a posture of transparency on the way in which it stores and processes personal data; and,
Protects itself from risks relating to data breaches.
All personal data relating to members, clients, users or visitors which use Infraspeak, S.A. products will be treated in accordance with local General Data Protection Regulation in force at the date of writing.
This policy applies:
To all users, whether they are individual customers or business customers.
To Infraspeak, S.A. headquarters;
To all Infraspeak, S.A. subsidiaries and associated companies, under international accounting guidelines, as well as, to existent or deemed permanent establishments;
To all employees and volunteers of Infraspeak, S.A.;
To all partners, suppliers and any individual or collective person which collaborates with Infraspeak, S.A. or in its name.
It also applies to all data related to identifiable individuals that Infraspeak S.A. retains, which may include:
Individuals or Companies names;
Other information about these individuals or companies;
Access to the data covered by this policy is restricted to those who need it for the performance of their functions;
Personal data of any individual or any other information covered by this policy cannot be shared informally.
Access to confidential and/or sensitive information presupposes a formal request to the hierarchical responsible (manager), with the exception of the board of directors.
INFRASPEAK S.A. will offer training to all employees to help them understand the responsibility involved in the collections, processing and storage of data.
INFRASPEAK S.A.employees will keep all data secure in accordance with this policy, taking the necessary precautions and following the guidelines described in this document;
Personal data, our any other individual information, can only be shared with the proper authorization, either internally or externally;
The stored information should be regularly reviewed, and updated if necessary. If not necessary, it should be deleted;
All INFRASPEAK S.A. employees shall request support of a manager if they have any doubts about their data protection duties.
INFRASPEAK S.A., as creator and service provider of Place Checkup guarantees the user complete privacy, confidentiality and security of the data entered in the Application, including their personal data, as well as the data related to their commercial partners. However, INFRASPEAK S.A. is not responsible for acts of third parties.
The user account database guarantees total confidentiality of all data entered.
When entering into a service contract, INFRASPEAK S.A. asks the user for their personal data for strict commercial use, namely for billing, contact or statistical purposes.
Under no circumstances, the user's personal data will be disclosed, provided to third parties, or used for advertising or marketing purposes, without the user's express consent, unless the user violates the terms and conditions of use of the service. In this case, the data may be used for the purposes of civil, administrative or criminal liability.
The user authorizes INFRASPEAK S.A. to use his data to send information regarding new services and updating existing services.
INFRASPEAK S.A. will provide the user’s account data in case, and only if, it is notified or judicially intimidated for the purpose.
The user can update or change his personal data at any time.
The security of the information entered by customers is a priority for INFRASPEAK S.A. and, in this sense, the investment of storing the data in supplier software such as Amazon Web Services or Hubspot is continuously made, one of the best services available in the market, with several active security mechanisms. The data entered on the Place Checkup or www.infraspeak.com platform is safeguarded by performing daily backups, allowing their recovery in case of system failure.
Right of consent: The owner of personal data should show in an explicit manner that it allows its personal data to be stored and analysed, and can at any moment revoke this consent;
Right of data portability: The owner of personal data can demand that this data is given to another provider;
Right to be forgotten: The owner of personal data has the right of obtaining from the Data Officer the elimination of personal data, when this personal data is no longer necessary. All personal data will be totally and definitively erased from operation databases and backups.
Right of opposition: The owner of personal data has the right to oppose, at any time, for reasons related to their particular situation, to the processing of their personal data;
Right to rectification: The owner of personal data has the right to request, free of charge, access to its personal data and its rectification;
To exercise this rights, please contact us through email@example.com
INFRASPEAK S.A., and all its employees, as responsible people for the collection, processing and storage of data, must guarantee:
The lawfulness, loyalty and transparency about the data and its holders;
Limiting the purpose of using the data to specific, explicit and legitimate purposes, which cannot be further processed in a way incompatible with those purposes;
Minimizing the use of data only for the strictly necessary purpose and to accomplish its purpose;
The accuracy of the data and its updating whenever necessary;
Rectification or, if this is not possible, immediate elimination of inaccurate data;
Limiting data conservation only for the period necessary for the purposes which they are required;
The complete integrity and confidentiality of the data, with the guarantee of protection against unauthorized or illicit treatment and against its loss, destruction or accidental damage.
Data Officer: Felipe Ávila da Costa