10 October - 3 Min reading.
Description of our policies
Read our policies carefully
Privacy Policy
Privacy policy
Within the framework of the service provision relationship within the scope of Organic Law 3/2018, of 5 December, on the Protection of Personal Data and guarantee of digital rights, of Royal Decree 1720/2007, of 21 December, approving the Regulation implementing the same, as well as in Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016, on the protection of natural persons with regard to the processing of personal data, repealing Directive 95/46/EC (hereinafter, GDPR), Law 34/2002 of 11 July, on information society services and electronic commerce (hereinafter, LSSI-CE) and Organic Law 3/2018, on the Protection of Personal Data and guarantee of digital rights ALMAGLOBAL SLU guarantees the protection and confidentiality of personal data of any kind provided by our customers, in accordance with the provisions of the General Regulation on the Protection of Personal Data.
1 Data Controller
Owner: Almaglobal S.L.U. (hereinafter "AlmaGlobal" or "dokify", as appropriate)
Registered office: Calle Aguacate 56 3ΒΊE, 28054 Madrid.
VAT NO: B86311693
Public Register: Registered in the Madrid Mercantile Register, Volume: 29387, Book: 0, Folio: 99, Section: 8, Page: M 528963 Registration or entry: 1 / Date 25/11/2011
Telephone and Fax: 918 38 80 49
E-mail: legal@dokify.es
2 Purpose of processing
All data provided by our customers and/or visitors to the website of ALMAGLOBAL SLU or its staff, will be included in the register of personal data processing activities, created and maintained under the responsibility of ALMAGLOBAL SLU, essential to provide the services requested by users, or to resolve doubts or questions raised by our visitors. Our policy is not to create profiles on the users of our services.
3 Legitimacy of processing
A - Contractual relationship: This is the relationship that applies when you purchase one of our products or contract one of our services.
β
B - Legitimate interest: To deal with the queries and claims that you submit to us and to manage the collection of the amounts owed.
β
C - Your consent: If you are a user of our website, by ticking the box on the contact form, you authorise us to send you the necessary communications to respond to your query or request for information.
4 Addressees
We do not disclose your personal data to anyone, with the exception of those public or private entities to which we are obliged to provide your personal data in order to comply with any law. For example, the Tax Law requires us to provide the Tax Agency with certain information on financial transactions exceeding a certain amount.
β
In the event that, apart from the cases mentioned above, we need to disclose your personal information to other entities, we will ask for your prior permission through clear options that will allow you to decide in this respect.
5 Communication
We will not make international transfers of your personal data for any of the above purposes.
6 Conversation
We will only keep your personal data for as long as is necessary to achieve the purposes for which it was collected. In determining the appropriate retention period, we consider the risks involved in the processing, as well as our contractual, legal and regulatory obligations, internal data retention policies and our legitimate business interests as described in this Privacy Notice and Cookie Policy.
β
In this sense, ALMAGLOBAL SLU will keep the personal data once its relationship with you has ended, duly blocked, during the period of prescription of the actions that could derive from the relationship maintained with the interested party.
β
Once blocked, your data will be inaccessible to ALMAGLOBAL SLU, and will not be processed except to make them available to the Public Administrations, Judges and Courts, for the attention of possible liabilities arising from the processing, as well as for the exercise and defence of claims before the Spanish Data Protection Agency.
7 Security
We use all reasonable efforts to maintain the confidentiality of personal information processed on our systems. We maintain strict levels of security to protect the personal data we process against accidental loss and against unauthorised access, processing or disclosure, taking into account the state of technology and the nature and risks to which the data is exposed. However, we cannot be responsible for your use of the data (including your username and password) that you use on our website. Our staff follow strict privacy standards and where we engage third parties to provide support services, we require them to abide by the same standards and to allow us to audit them for compliance.
8 Your rights
We inform you that you may exercise the following rights:
β
A - Right of access to your personal data, to know which personal data are being processed and the processing operations carried out on them.
B - Right to rectify any inaccurate personal data.
C - The right to erasure of your personal data, where this is possible (e.g. by law).
D - The right to restrict the processing of your personal data where the accuracy, lawfulness or necessity of the data processing is in doubt, in which case we may retain the data for the purpose of pursuing or defending claims.
E - Right to object to the processing of your personal data, when the legal basis that enables us to process them is our legitimate interest. ALMAGLOBAL SLU will stop processing your data unless it has a legitimate interest or it is necessary for the defence of claims.
F - The right to data portability, when the legal basis that enables us to process your data is the existence of a contractual relationship or your consent.
G - Right to revoke the consent given to ALMAGLOBAL SLU.
To exercise your rights, you may do so free of charge and at any time by contacting us at Calle Aguacate 56 3ΒΊE, MADRID, enclosing a copy of your ID card.
9 Guardianship of rights
In the event that you feel that your rights have been disregarded by our entity, you may file a complaint with the Spanish Data Protection Agency, by any of the following means:
β
A - E-Office: https://www.aepd.es
B - Postal address: Agencia EspaΓ±ola de ProtecciΓ³n de Datos, C/ Jorge Juan, 6, 28001, Madrid.
C - Telephone: 901.100.099 y 912.663.517
Making a complaint to the Spanish Data Protection Agency does not entail any cost and the assistance of a lawyer or solicitor is not necessary.
10 Updates
ALMAGLOBAL SLU reserves the right to modify this policy to adapt it to new legislation or jurisprudence that may affect its compliance.
β
In order to ensure compliance with the regulations on personal data protection, ALMAGLOBAL SLU has received consultancy and advisory services from clickDatos.
Security policies
Security policy
1 Objective
The global objective of ALMAGLOBAL SLU's Information Security is to guarantee the criteria of Confidentiality, Integrity and Availability of the information, as well as the continuity of the services offered to our clients in the event of disruptive events, articulating a set of internal processes to respond in an orderly manner to an event, minimising the impact on the business, the information and the clients.
β
The Information Security Management System (ISMS) Policy establishes a common framework for action that impacts on the company's culture and the fulfilment of common objectives, whereby all resources must be involved in the proper functioning of security controls and continuity plans established in ALMAGLOBAL SLU.
2 Scope
The Information Security Management System Policy defines a set of principles applicable to all components and systems of the information and document hosting and exchange service of the corporate network, and in particular to those that have a special implication in the action to be taken in the occurrence of disruptive events in terms of information security or continuity of services.
3 Responsibilities
The main figure responsible for the Policy is the Information Security Management System Committee and the person responsible for the System, as they are in charge of reviewing and approving the different information security strategies and processes, ensuring their quality and effectiveness.
β
The roles and obligations for coordinating and executing the Information Security principles are developed in the ISMS documents.
4 Information security management system policy
- Guarantee that the services agreed with the different clients are provided in the event of a disaster in ALMAGLOBAL SLU and the business processes that support it.
β
- To protect the security of ALMAGLOBAL SLU's resources, both in day-to-day management and in the event of a company emergency.
β
- Periodically establish improvement objectives in line with this policy.
β
- The Management of ALMAGLOBAL SLU will be responsible for the management of the key risks for information security and the operational continuity of the processes considered critical for the organisation.
β
- Develop a business continuity plan to recover from a disaster in the shortest possible time.
β
- Train and raise awareness of information security among all employees.
β
- ALMAGLOBAL SLU will ensure that all internal resources are fully informed of their responsibilities within the framework of Information Security.
β
- ALMAGLOBAL SLU must minimise information security risks, ensuring effective incident response plans.
β
- ALMAGLOBAL SLU will ensure the development of appropriate communication plans, both internal and external, which will be reviewed and updated on a regular basis.
β
- To make clear the management's commitment to information security in line with the business strategy, by supporting the ISMS Committee and providing it with the necessary means and powers to carry out its functions.
β
- Define, develop and implement the technical and organisational controls necessary to guarantee the Confidentiality, Integrity and Availability of the information managed in the organisation.
β
- To guarantee compliance with current legislation on personal data protection, intellectual property and the information society, as well as with all applicable legal, regulatory and contractual requirements.
β
- Create a "safety culture" both internally, in relation to all staff, and externally, in relation to customers and suppliers.
β
- Consider the Information Security Management System as a process of continuous improvement, carrying out periodic reviews with the aim of achieving increasingly advanced levels of information security.