Tecalis Privacy Policy

Responsible for data processing

The data controller in accordance with the purposes of the General Data Protection Regulation (GDPR) of the European Union and other national data protection laws of the Member States, as well as other data protection regulations is:

Designated Data Protection Officer

The designated data protection officer is:

General information on data processing

1. Scope of the processing of personal data

Generally, we only process the personal data of our users to the extent necessary to provide a functioning website with all of our content and services. The processing of personal data on an ongoing basis is only carried out under the user's consent. Exceptions include cases where prior consent cannot technically be obtained and where data processing is permitted by law.

2. Legal basis for data processing

Art. 6 para. 1 GDPR serves as the legal basis for obtaining the data subject's consent to the processing of his or her data. The article states that processing shall be legal - among others - if it relates to:

1. Processing of personal data necessary for the performance of a contract to which the data subject is a party.
2. Processing operations required to carry out pre-contractual activities.
3. Processing personal data to comply with a legal obligation to which the company is subject.
4. If the vital interests of the data subject or another natural person require the processing of personal data.
5. If the data processing is necessary to safeguard the legitimate interests of the company or a third party, as long as the interests or fundamental rights and freedoms of the data subject that require the protection of personal data do not prevail.

3. Deletion of data and duration of storage

The data controller - in accordance with the purposes of the General Data Protection Regulation (GDPR) of the European Union and other national data protection laws of the member states as well as other data protection regulations - is:

Website provision and creation of log files.

1. Scope of the processing of personal data

Each time our website is accessed, our system automatically collects relevant data and information from the computer system of the calling device. The following data is collected:

• Browser type and version used.
• User's operating system
• User's Internet Service Provider
• User's IP address
• Date and time of access
• Web pages from which the user's system accessed our website
• Web pages accessed by the user's system through our website

This data is stored in the log files of our system but is not stored together with other personal user's data.

2. Purpose of data processing.

The temporary storage of the IP address by the system is necessary for the delivery of the website to the user's device. For this purpose, the user's IP address must keep maintained during the session.

Storage in log files is done to ensure the functionality of the website. The data is also used to optimize the website and to ensure the security of our IT systems. Data analysis for marketing purposes is not performed.

3. Duration of storage

The data will be deleted as soon as it is no longer required for collection. The session is completed when the data collection for the provision of the website is achieved.

If data is stored in log files, this is done for a maximum of seven days. Storage beyond this period is not possible. In this case, the IP addresses of the users are deleted or alienated so that an assignment of the calling customer is no longer possible.

4. Objection and deletion

The collection of data for the provision of the website as well as the storage of data in log files are essential for the operation of the website. Therefore, the user cannot object to the aforementioned processes if he/she wants to continue browsing the website.

Signature User Privacy Policy

Description and scope of data processing

Tecalis, in its capacity as Data Processor, only processes the personal data provided to it by Signature users for the purpose of providing the services that the Data Controller has contracted. 

2. Purpose of data processing

The data will be used to send specific information related to a document, verify the data related to the sending and/or delivery of the same, the signature of the documents sent, the verification of the identity of the intervening parties and the verification of the date, time and place where the signature was made.

Tecalis will not use the user's personal data for any purpose other than those described in this Privacy Policy, in the general and particular conditions contracts and in the data processor contract.

The user must read and accept the Privacy Policy before proceeding with the use of the platform, especially when the functionality to be used is the collection of the user's signature, complying with the provisions of the European Regulation 679/2016, art. 9.2, which indicates that the express consent of conformity of the user must be obtained when data of certain special categories are collected, which includes biometric data: the advanced electronic signature of Tecalis incorporates biometric technology that captures the biometric data of the graph of the person who performs the signature. This data includes, but is not limited to, speed, acceleration or pressure.

3. Duration of storage

Tecalis undertakes to store the data only for the time required by law and to ensure compliance with the appropriate security measures provided for in the applicable data protection laws.

4. User's rights

The User may exercise his/her data protection rights provided for in Articles 15 to 22 of the GDPR by means of a request to the Data Controller, i.e. the natural or legal person who has sent him/her a signature request via Signature. Tecalis, in its capacity as Data Processor, will provide the necessary support for this purpose.

Likewise, users should be aware that they can file a complaint with the AEPD in the event that they consider that their data protection rights have been violated.

In any case, the user may refer to the Data Controller at any time to consult the information regarding the processing of his personal data.

Use of cookies

1. Description and scope of data processing.

Our website uses cookies. Cookies are text files that are stored in the user's Internet browser or computer system. If a user calls up a website, a cookie may be stored on the user's operating system. These cookies contain a string of characters that allow the browser to be uniquely identified when the website is reopened.

We use cookies to make our website easier to use. Some elements of our website require the calling browser to be identified even after a page break. The following data is stored and transmitted in cookies:

a) Language settings b) Frequency of page visits c) Use of the website's functionalities

The user data collected in this way is anonymized by technical measures. Therefore, it is no longer possible to assign the data to the user accessing the site. The data is not stored together with other personal data of the users. When accessing our website, the user is informed about the use of cookies for analytical purposes and his consent is obtained for the processing of personal data used in this context. Reference is also made to this privacy policy.

2. Purpose of data processing.

The purpose of using technical cookies is to simplify the use of the website for users. Some functions of our website cannot be provided without the use of cookies.

User data collected by technical cookies is not used to create user profiles.

3. Duration of storage and possibility of objection and deletion.

Cookies are stored on the user's device and transmitted to our site by the user. Therefore, the user also has full control over the use of cookies. You can disable or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically.

If cookies are deactivated for our website, some of the site's functions may not be used to their full extent. If the user uses the Safari browser version 12.1 or higher, cookies will be deleted automatically.

Newsletter

1. Description and scope of data processing.

Description and scope of data processing. The user can subscribe to a newsletter on our website free of charge. When subscribing to the newsletter, the following data is transmitted to us:

a) E-mail address b) First name c) Last name(s) d) IP address of the user's device e) Date and time of registration

The collected data will be used exclusively for sending the newsletter.

2. Purpose of data processing.

The collection of the user's e-mail address serves to deliver the newsletter to the recipient. The collection of additional personal data as part of the registration process serves to prevent misuse of the services.

3. Duration of storage.

The data will be deleted as soon as they are no longer needed to achieve the purpose for which they were collected. Thus, the user's e-mail address will be stored as long as the newsletter subscription is active.

If data is stored in log files, this is done for a maximum of seven days. Other personal data collected in the course of the registration process is generally deleted after a period of seven days.

4. Purpose and deletion

The subscription to the newsletter can be canceled by the data subject at any time. For this purpose, each newsletter contains a cancellation link. Through this system, it is also possible to revoke consent to the storage of personal data collected during the registration process.

Contact by e-mail

1. Description and scope of data processing

The user can contact us via the e-mail address provided on our website. In this case, the user's personal data transmitted in the e-mail will be stored.

2. Purpose of data processing

The data will be used exclusively for the purpose of processing the conversation.

Contact form.

1. Description and scope of data processing.

We have a contact form available on our website that can be used for electronic contact. If a user uses this option, the data entered will be transmitted to us and stored. When sending the message, the following data will also be stored:

a) E-mail address b) First name c) Last name(s) d) Telephone number e) CV (if it is a job application) f) IP address of the user's device g) Date and time of contact

As part of the submission process, consent to the processing of your data will be obtained and reference will be made to this privacy policy. Alternatively, the user may contact us via the email address provided on the website. In this case, the user's personal data transmitted in the e-mail will be stored. The data will be used exclusively for the processing of the conversation.

2. Purpose of data processing.

The processing of personal data serves us exclusively to establish contact. If the user contacts us by e-mail, data processing is necessary. Further personal data processed during the sending process serves to prevent misuse of the contact form and to ensure the security of our IT systems.

3. Duration of storage.

If data is stored in log files, this is done for a maximum of seven days. Other personal data collected in the course of the registration process is generally deleted after a period of seven days.

4. Purpose and deletion

The user has the possibility to revoke consent to the processing of his personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued. In this case, all personal data stored in the course of establishing contact will be deleted.

Corporate web appearances

Use of corporate presence in social networks. On our company's website, we provide information and offer users of different social networks the possibility to make communications. If the user performs an action on our company's website in a social network (e.g., comments, contributions, likes, etc.), his or her personal data (e.g., name or profile picture) may be made public. However, as we generally - or to a large extent - do not influence the processing of personal data by the companies that own these social networks, we cannot make any binding statements regarding the purpose and scope of data processing.

Our corporate presence in social networks is used for communication and exchange of information with (potential) customers. In particular, we use the corporate presence for the presentation of the company. Company postings may contain:

a) Information about services b) Customer contact c) Company news

Each user is free to publish personal data through these activities. The data generated is not stored in our systems. All companies that own the social networks we use corporately are headquartered in the United States, have signed, and are certified under the Privacy Shield Agreement signed between the European Union and the United States. This guarantees their commitment to comply with the standards and regulations of European data protection law. More information can be found at the following link: https://www.privacyshield.gov

The user can object at any time to the processing of the personal data we collect in the context of their use of our corporate social media presence and assert their rights as a data subject referred to in Article 4 of this privacy policy by sending an email to dpd@tecalis.com. For more information on the processing of your personal data by the companies that own the social networks, you should consult their respective ownership policies.

The social networks in which our company has a presence and the companies of which they are part are the following:

• Instagram and Facebook: they are part of the company Facebook Ireland Ltd.
• Twitter: Twitter International Company

Use of corporate presences in career-oriented networks

1. Description and scope of data processing

We use corporate presences in professionally oriented networks and maintain a corporate presence in the following professionally-oriented networks:

• LinkedIn: LinkedIn Corporation

On our site, we provide information and offer users the possibility to communicate with us. The corporate presence is used for job applications, information/public relations, and active recruiting.

We do not have any information about the processing of the user's personal data by the companies responsible for the social networks. More information can be obtained by consulting the privacy policies available on their websites.

If the user performs an action on our company's website (e.g. comments, contributions, likes, etc.), his or her personal data (e.g. name or profile picture) may become public. As part of the submission process, consent to the processing of your data will be obtained and reference will be made to this privacy policy.

Alternatively, the user may contact us via the email address provided on the website. In this case, the user's personal data transmitted in the e-mail will be stored. The data will be used exclusively for the processing of the conversation.

2. Purpose of data processing

Our corporate web presence serves to inform users about our services. Each user is free to publish personal data through the activities.

3. Duration of storage

We store the activities and personal data published through our corporate web presence until the user revokes his consent. In addition, we comply with the statutory retention periods.

4. Purpose and deletion

The user can object at any time to the processing of the personal data we collect within the scope of his or her use of our corporate presence and assert his or her rights as a data subject referred to in Article 4 of this privacy policy by sending an e-mail to dpd@tecalis.com. All of the companies that own the professionally-oriented social networks that we use corporately are headquartered in the United States, have signed, and are certified under the Privacy Shield Agreement signed between the European Union and the United States. This guarantees their commitment to comply with the standards and regulations of European data protection law. More information can be found at the following link: https://www.privacyshield.gov.

Hosting

The website is hosted on the servers of a service provider contracted by us. Our service provider is: Google Ireland Limited, IE 6388047V, Gordon House, Barrow Street Dublin 4, Ireland. The servers automatically collect and store information in so-called server log files, which the browser automatically transmits when a user visits the website. The information we store is:

a) Browser type and version b) Operating system used c) Referrer URL d) Host name of the accessing device e) Time and date of server request f) IP address of the user's device

This data will not be merged with other data sources. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website; to this end, server log files must be saved. The website server is geographically located in the Netherlands.

Geotargeting

We use the IP address and other information provided by the user (e.g. a postal code) to approach potential target groups on a regional basis (so-called "geotargeting").

Regional target group targeting is used, for example, to automatically display regional offers or advertisements that are often more relevant to users. The legal basis for the use of the IP address and any other information provided by the user (e.g. zip code) is based on our legitimate interest in ensuring more accurate targeting and thus providing offers and advertisements with greater relevance for our users.

Part of the IP address and additional information provided by the user (e.g. postal code) is simply processed and not stored separately.

The user can prevent geo-targeting, for example, by using a VPN or a proxy server that prevents precise location. In addition, depending on the browser you are using, you can also deactivate a location targeting in the respective browser settings (As long as the respective browser supports it).

We use geo-targeting on our website for the following purposes:

a) Customer targeting b) User registration is required for the provision of certain content and services on our website.

Use of plugins

1. Description and scope of data processing

Google Analytics examines, among other things, the origin of visitors, their time spent on individual pages, and the use of search engines, which enables better monitoring of the success of advertising campaigns.

Google places a cookie on the user's device. This allows personal data to be stored and evaluated, particularly user activity (which pages have been visited and which items have been clicked on), device and browser information (IP address and operating system), data about the advertisements displayed (which advertisements have been displayed and whether the user has clicked on them) and also data about advertising partners (pseudonymized user IDs). The information generated by the cookie about your use of this website will be transmitted to and stored by Google on servers in the United States. However, if IP anonymization is enabled in this online presence, Google will truncate the IP address beforehand, within member states of the European Union or other signatory states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there.

Google has signed and is certified under the Privacy Shield Agreement between the European Union and the United States. In doing so, Google agrees to comply with the standards and regulations of European data protection law. More information can be found at the following link: https://www.privacyshield.gov/.

IP anonymization is active on this online presence. On behalf of the operator of this online presence, Google will use this information to evaluate your use, to compile reports on the activities, and to provide additional services associated with internet use. The IP address transmitted by your browser as part of Google Analytics is not combined with other Google data. You may refuse the use of cookies by selecting the appropriate settings on your browser. However, please note that if you do this you may not be able to use the full functionality of our website. More information about data collection and storage by Google can be found on their website.

2. Purpose of data processing

The purpose of processing personal data is to specifically address a target group that has already expressed an initial interest by visiting the site.

3. Duration of storage

Personal information will be stored for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law. Advertising data in the server logs are anonymized on Google's statements to remove portions of IP address and cookie information after 9 and 18 months respectively.

4. Purpose and deletion

The user has the right to revoke his declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out based on the consent until the revocation.

You can prevent Google from collecting and processing your personal data by preventing the storage of cookies by third parties on your device. More information about objection and removal options against Google can be found on their website.