Data protection policy
Info of the owner of this website,
Responsible for data protection.
This is a translation of the Spanish text. You can find it in https://audioviator.com/dlgal/
AudioViator complies with the guidelines of the Spanish Organic Law 15/1999 of December 13 on the Spanish Protection of Personal Data, Royal Decree 1720/2007 of December 21, which approves the Regulations for the development of the Organic Law, LOPD ( Data Protection Act) of 2018 and the GDPR (European Data Protection Regulation) and other regulations in force at any time, and ensures the correct use and treatment of the user’s personal data. To do so, together with each form of collecting personal data, in the services that the user may request from AudioViator, the user will be informed of the existence and acceptance of the particular conditions of the processing of their data in each case, informing them of the responsibility of the created file, the address of the person in charge, the possibility of exercising their rights of access, rectification, cancellation or opposition, the purpose of the treatment and the data communications to third parties, as the case may be.
Likewise, AudioViator informs that it complies with Law 34/2002 of July 11, on Services of the Information Society and Electronic Commerce and will request your consent to the processing of your email for commercial purposes at all time.
Obligations of the responsible of the data treatment
The person in charge of responsible of the treatment and all his personnel (if they exist) is obliged to:
- Use personal data to which you have access only for the purpose of this assignment. In no case may you use the data for your own purposes.
- Treat the data according to the instructions of the controller.
If the controller considers that any of the instructions violates the RGPD or any other provision in terms of data protection, the person in charge will immediately inform the person responsible.
- Do not communicate the data to third parties, unless you have the express authorization of the controller, in the legally admissible cases.
- Maintain the duty of secrecy regarding personal data to which you have had access under this order, even after the contract ends.
- Ensure that the persons authorized to process personal data commit themselves, expressly and in writing, to respect the confidentiality and to comply with the corresponding security measures, of which they must be informed accordingly.
- Keep the documentation accrediting the fulfillment of the obligation established in the previous section at the disposition of the person in charge.
- Ensure the necessary training in terms of protection of personal data of persons authorized to process personal data.
- Notification of data security violations
The person in charge of the treatment will notify the person responsible for the treatment, without undue delay and through the e-mail address indicated by the person responsible, for any breach of the security of the personal data in his charge that he or she has knowledge of, together with all the information relevant for the documentation and communication of the incident.
At least the following information will be provided:
- Description of the nature of the breach of the security of personal data, including, where possible, the categories and the approximate number of affected parties, and the categories and approximate number of personal data records affected.
- Contact person information for more information.
- Description of the possible consequences of the violation of the security of personal data. Description of the measures adopted or proposed to remedy the violation of the security of personal data, including, if applicable, the measures adopted to mitigate the possible negative effects.
If it is not possible to provide the information simultaneously, and to the extent that it is not, the information will be provided gradually without undue delay.
- Provide the responsible party with all the information necessary to demonstrate compliance with its obligations, as well as for the performance of audits or inspections carried out by the person in charge or by another auditor authorized by him.
- Assist the treatment manager to implement the necessary security measures for:
- a) Guarantee the confidentiality, integrity, availability and permanent resilience of the treatment systems and services.
- b) Restore availability and access to personal data quickly, in case of physical or technical incident.
- c) Regularly verify, evaluate and assess the effectiveness of the technical and organizational measures implemented to guarantee the safety of the treatment.
- Destination of data
The responsible of the data treatment will not keep personal data related to the manager’s treatment unless it is strictly necessary for the provision of the service, and only for the time strictly necessary for its provision.