Table of contents
3. PERSONAL DATA PROCESSED BY MERE ACCESS TO THE WEBSITE
3.1. What data is processed
3.2. How this data is used
3.3. Data recipients
3.4. Lawful processing
3.5. Data processing duration
4. USER RIGHTS AND HOW TO EXERCISE THEM
5. OTHER PERSONAL DATA PROCESSING ACTIVITIES
5.1. Cookies and similar technologies
5.2. Contact form
5.3. “Work with us” form
5.4. Product demo request
5.5. “Watch webinar” form
5.6. “Ebooks” and “White Papers” form
1. WEBSITE CONTROLLER
This website is operated by TRUEITSYSTEMS S.L, with NIF B87306841, a company registered at Calle Miguel Yuste 17, 28037, Madrid (hereinafter, “the Company”).
The Company has formally appointed a Data Protection Officer (DPO), who can be contacted at dpo@trueitsystems.com.
2. PURPOSE
The Company respects the privacy rights of its Users and recognises the importance of protecting the personal data it collects about them.
The purpose of this document is to inform website Users about the processing of personal data carried out on this website.
3. PERSONAL DATA PROCESSED BY MERE ACCESS TO THE WEBSITE
3.1. What data is processed
By simply accessing the website, the Company collects the IP address and other connection-related data. The IP address is a code that identifies the User’s internet connection at a given moment.
Only the User’s internet service provider can identify the subscriber assigned to a specific IP address at a particular time.
Due to the nature of the web server, the User’s IP address is automatically recorded along with the date and time of access.
3.2. How this data is used
This data is used exclusively to manage the normal operation of the website and perform statistical analyses regarding its usage.
3.3. Data recipients
The Company does not share this information with third parties, unless legally required to do so (e.g., an official request in the context of a police investigation).
3.4. Lawful processing
The legal basis for processing the IP address is the technological necessity of enabling the website’s operation.
3.5. Data processing duration
IP addresses will be stored for one month.
4. USER RIGHTS AND HOW TO EXERCISE THEM
Under data protection regulations, Users have the following rights:
- Access: Users can know what information is held about them, where it was obtained, who it has been shared with, and how it has been processed.
- Rectification: Users can correct any incorrect or outdated data.
- Erasure: Users can request that their data stop being processed.
- Objection: Users can request that their data no longer be used for a specific purpose.
- Restriction: Users can limit the processing of their data while allowing it to be stored for future use.
- Portability: Users can obtain a copy of their data in an electronic format and, in some cases, request its transfer to another service provider.
- Withdrawal of consent: Users can revoke the consent they previously provided.
These rights require the ability to identify the User and link their identity to the data processed by the Company.
However, for data collected through mere website access, the Company cannot establish this link, unless the User provides documentation proving their identity (e.g., a certificate from their internet provider indicating the assigned IP address at a specific time).
Users can exercise these rights or withdraw their consent by sending an email to dpo@trueitsystems.com or by postal mail to the address mentioned above.
If Users require more information or believe their data protection rights have been violated, they may contact the Spanish Data Protection Agency (www.aepd.es).
5. OTHER PERSONAL DATA PROCESSING ACTIVITIES
5.1. Cookies and similar technologies
The Company uses cookies and similar technologies for storing and retrieving data on User devices. Cookies are files downloaded onto the User’s browser that can later be read by the Company.
These cookies allow the Company to recognise Users who have previously accessed the website and conduct analyses to improve the service. However, they do not reveal the User’s identity unless additional information is provided through other means.
For more details, please refer to the Cookie Policy.
5.2. Contact form
Personal data collected through the contact form will be processed to handle the User’s request.
- Legal basis: User’s consent upon submitting the request.
- Retention period: Data will be processed for the duration necessary to resolve the request, then retained for three years to address any legal obligations.
Users can withdraw consent and exercise their rights at any time.
5.3. Job applications
The Company will process CV data and any information generated during interviews to manage the recruitment process.
- Legal basis: User’s consent upon submitting their CV.
- Retention period: If the candidate is not selected, data will be kept for one year for future opportunities. Candidates can request deletion at any time.
5.4. Product demo request
- Legal basis: User’s consent upon submitting the request.
- Retention period: Data will be processed for as long as necessary to handle the request and then retained for three years.
5.5. “Watch webinar” form
- Legal basis: User’s consent upon submitting the request.
- Retention period: Data will be processed for as long as necessary to handle the request and then retained for three years.
5.6. “Ebooks” and “White Papers” forms
- Legal basis: User’s consent upon submitting the request.
- Retention period: Data will be processed for as long as necessary to handle the request and then retained for three years.
6. FURTHER INFORMATION
If the User has any questions regarding this Privacy Policy, they can send an email to: dpo@trueitsystems.com.
7. SECURITY POLICY
TRUEITSYSTEMS S.L manages its information systems in line with best practices and in accordance with ISO 27001:2022. The Company adopts the following security principles:
- Regulatory Compliance: All information systems comply with applicable legal and regulatory security requirements.
- Risk Management: Risks are minimised to acceptable levels while maintaining a balance between security controls and information needs.
- Awareness and Training: Employees receive security training and awareness programmes.
- Confidentiality, Integrity, and Availability:
- Ensuring that only authorised individuals can access data.
- Maintaining the accuracy of information and processes.
- Guaranteeing business continuity through contingency plans.
- Accountability: All employees must adhere to security policies.
- Continuous Improvement: Security controls are periodically reviewed and enhanced.
- Incident Management: A response plan is in place to address security breaches effectively.