PRIVACY POLICY FOR THE WEBSITE

 

We make this privacy policy available to you in order to inform you in detail about how we treat your personal data and protect your privacy and the information you provide us.

If, in the future, we make changes to this privacy policy, we will inform you through this website or by other means, so that you can know the new privacy conditions that are adopted.

KNOWEE CARDS, S.L. (hereinafter referred to as KNOWEE) provides a service for the user to have their own professional business card on the KNOWEE website and to share it with anyone in different ways.

The user can share his professional card with third parties through three ways:

  1. Communicating the Knowee code to the third party (11-character code in upper and lower case, alphanumeric that identifies a card).
  2. Giving the third party the QR code linked to your card.
  3. Providing a physical card with a Knowee code or QR code or NFC chip to a third party. In this case, the third party will only upload the user’s physical card to the Knowee website and the system will find the Knowee card without the user needing to enter any additional data.

Likewise, the user can share his Knowee card by sending it to the contacts that he wants, provided that the communication of his personal data complies with the current legislation in the matter.

We inform you below, in the form of questions and answers, of the conditions under which our entity processes your personal data:

Who is responsible for the processing of your data?
  • Identity: KNOWEE CARDS, S.L. CIF: B-86815172.
  • Postal address: Avda. de Fuencarral, 44; Ed 3, L 19, 28108 – Alcobendas (Madrid).
  • E-mail: support@know.ee.
Under what purpose do we process your personal data?

We process the personal data you provide to us for the following purposes:

  1. The management of the relationship with the client and the billing and collection of services. The provision of data for this purpose by our customers is obligatory, otherwise preventing the performance of the contract.
  2. Managing relationships with our suppliers, as well as billing and payment for services. For this purpose, it is mandatory for the provider to provide us with your data, otherwise the contract could not be executed.
  3. Channel requests for information, suggestions and complaints you may send us, contact the sender of the information, respond to your request or query and follow up later. The fact of providing the data for this purpose is voluntary, although, if not, the request, consultation or complaint cannot be answered. Therefore, the communication of your personal data for this purpose is a necessary requirement for us to be able to respond to such requests.
  4. Sending commercial communications of our products or services if you expressly authorize us to do so by checking the box enabled for that purpose. Authorization is voluntary and your refusal would only result in you not receiving commercial offers for our products or services.
  5. If you become a friend or follower of us on social networks, we'll process your data to keep you informed of our activities and promotions through such channels. The fact of providing the data for this purpose is voluntary, although, if not, you can not be a friend or follower of us in the corresponding social network. The categories of data processed for this purpose are identifying data.
For how long will your data be processed?

We only keep your data for the period of time necessary to fulfill the purpose for which they were collected, comply with the legal obligations imposed on us and take care of the possible responsibilities for which the data were collected.

The data for the management of the relationship with customers and suppliers and the billing and collection of services will be kept for this purpose for the whole time that the contract is in force. Once this relationship has ended, the data may be kept for as long as required by the applicable law and until any liability arising from the contract expires.

The data for the sending of commercial communications of our products or services will be retained indefinitely, until, if necessary, you express your willingness to delete them or your desire to stop receiving such communications.

The data of potential customers who don't contract our products or services and don't wish to receive commercial information, will be deleted when it's confirmed that the contract will not be carried out. If the previous relationship between the parties, even if not consummated, could lead to possible liabilities, the data will be kept until they expire.

The data processed to deal requests, queries or claims will be kept for the time necessary to respond to them and render them definitively closed. They will then be kept as a communication history for a period of one year, unless you request their deletion earlier.

The data provided through social media will be kept as long as you remain as a friend or follower of us on the corresponding platform.

What is the legitimacy for the processing of your data?

Customer and supplier data will be processed on the basis of the contractual relationship between the parties as a result of the provision of services offered.

The prospective offer of our products and services is based on the consent of the interested party. Such consent may be revoked at any time, without any consequences other than to stop receiving advertising and without affecting the data processing carried out previously.

The processing of personal data for the response to your requests for information, queries and complaints is based on the consent of the person concerned. Such consent may be withdrawn at any time, but this shall not affect the lawfulness of any previous treatment.

The data provided through social media will be processed on the legal basis of your consent, and may be revoked at any time, although this will not affect the legality of the treatments carried out previously.

The categories of data processed are those requested in each case the form or contract through which we provide your data.

To whom will your data be communicated?

The data shall be communicated to the competent public administrations, in the cases provided for in the Law and for the purposes defined therein, to the corresponding financial institutions, for the management of collections and payments, as well as the entity providing card scanning services, INTSIG (CamCard software provider).

Although this is not a data transfer, it may be that third parties, acting as our suppliers, access your information to carry out the service. These data controllers access your data following our instructions and without being able to use them for a different purpose and maintaining the strictest confidentiality and on the basis of a contract in which they undertake to comply with the requirements of the current regulations of personal data protection.

This company contracts its virtual infrastructure according to a model of cloud computing through the company Google Workspace, located in the US, which provides adequate data protection guarantees when applying the Standard Contractual Clauses approved by the European Commission for international data transfers.

What are your rights to the data you have given us?

Anyone has the right to obtain confirmation as to whether or not we are processing personal data concerning you. Interested persons have the right to access your personal data, as well as to request rectification of inaccurate data or, where appropriate, request their deletion where, inter alia, the data are no longer necessary for the purposes for which they were collected.

Under the conditions provided for in the General Data Protection Regulation, data subjects may request the limitation of the processing of their data or its portability, in which case we'll only keep them for the exercise or defence of claims.

In certain circumstances and for reasons related to their particular situation, data subjects may object to the processing of their data. If you have given consent for a specific purpose, you have the right to withdraw it at any time, without affecting the lawfulness of the processing based on consent prior to its withdrawal. In these cases we will stop processing the data or, if necessary, we'll stop doing so for that specific purpose, except for compelling legitimate reasons, or the exercise or defense of possible claims.

Furthermore, the data protection rules allow you to object to decisions based solely on the automated processing of your data, where appropriate.

The abovementioned rights are characterized by following

  • It's free of charge, except in the case of manifestly unfounded or excessive applications (e.g. repetitive applications), in which case a fee may be charged in proportion to the administrative costs incurred or refuse to act
  • You can exercise the rights directly or through your legal representative or volunteer
  • Your request must be answered within one month, although if the complexity and number of requests are taken into account, the deadline can be extended by a further two months.
  • We have the obligation to inform you about the means to exercise these rights, which must be accessible and not be able to deny you the exercise of the right for the reason of choosing another means. If the request is made by electronic means, the information shall be provided by these means where possible, unless otherwise requested.
  • If, for any reason, the request is not acted upon, we will inform you, at the latest within one month, of the reasons for this and of the possibility of claiming before a Supervisory Authority

All the above rights may be exercised through the means of contact at the beginning of this clause.

Against any violation of your rights, especially when you have not obtained satisfaction in your exercise, you can file a complaint with the Spanish Data Protection Agency (contact details accessible at www.aepd.es)or another competent supervisory authority. You can also learn more about your rights by contacting these bodies.

How do we safeguard your personal information?

We are committed to protecting the personal data we process. We use physical, organisational and technological measures, controls and procedures, reasonably reliable and effective, aimed at preserving the integrity and security of your data and guaranteeing your privacy.

In addition, all staff with access to personal data have been trained and are aware of their obligations regarding the processing of their personal data.

In the case of contracts that we sign with our suppliers we include clauses in which they are required to maintain the duty of secrecy with respect to personal data to which they have had access under the order made, and implement the technical and organisational security measures necessary to ensure the continued confidentiality, integrity, availability and resilience of personal data processing systems and services.

All these security measures are reviewed periodically to ensure their adequacy and effectiveness.

However, absolute security can't be guaranteed and there is no security system that is impenetrable so, in the case of any information subject to processing and under our control was compromised as a result of a security breach, we will take appropriate measures to investigate the incident, notify the Supervisory Authority and, where appropriate, those users who might have been affected, so that they take appropriate action.

What is your responsibility as data subject?

By providing us with your personal information, the person who does so guarantees that you are over 14 years old and that the data provided are true, accurate, complete and updated.

To this end, the data subject is responsible for the veracity of the data and must keep them properly updated so that they respond to their real situation, being responsible for false and inaccurate data that may provide, as well as for damages, direct or indirect, which may arise.

If you provide data from third parties, you assume the responsibility of informing them in advance of everything provided for in article 14 of the General Data Protection Regulation under the conditions established in that provision.

How did we get your data?

In cases where the user registration is made through social networks, the personal data that we will process will come from the social network in question, to which, previously, the data subject has provided such data for the purposes provided for in their respective privacy policies. The categories of data that we will collect from the social network in question are those contained in our registration form and that you have provided to that social network. If, in order to register on our website, more data is required than those provided by the social network, you must fill them in additionally in our registration form, subject to the privacy conditions provided in this Policy.

Especially sensitive data are not processed.