Flumotion

In accordance with the provisions of current data protection legislation, Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter, the GDPR), as well as Organic Law 3/2018 of December 5 on Data Protection and the Guarantee of Digital Rights (hereinafter, LOPD-GDD), the user is hereby informed in accordance with the provisions of Article 13 of the GDPR and Article 11 of the LOPD-GDD:

  1. DATA CONTROLLER

Who is the data controller for your personal data?

  • Company Name: FLUMOTION SERVICES SA
  • Tax ID: A64249162
  • Address: 29 JORDI GIRONA STREET – 08034 BARCELONA
  • Email: MCHIRIVELLA@FLUMOTION.COM
    • Website: WWW.FLUMOTION.COM

Commercial Registry details:

2. PURPOSE

For what purpose will we process your personal data?

FLUMOTION SERVICES SA processes your information to:

  1. Maintain the business relationship and provide the contracted service.
  2. Prepare a quote tailored to your needs.
  3. Manage email communications with interested parties.
  4. Conduct the company’s recruitment processes.
  5. Manage the company’s employees and human resources.
  6. Send commercial information related to our sector: CLOUD-BASED VIDEO MANAGEMENT SOFTWARE DEVELOPMENT. DISTRIBUTION IS VIA THE INTERNET THROUGH YOUR PARTNER
  7. Provide assistance, healthcare, or services that involve the processing of health data for the provision of the contracted services.
  8. Monitoring facility security (video surveillance).
  9. Managing training activities

How long will we retain your data?

The personal data you provide will be retained for as long as the business relationship remains in effect. However, to ensure maximum transparency with you, we indicate that the general guidelines we follow are:

  • General identification data (email, first name, last name, phone number, etc.): for the duration of the business relationship or until consent is revoked.
  • In any case, it will be deleted when it is no longer used for the purpose for which it was collected.
  • Law on Infractions and Sanctions in the Social Order (obligations regarding enrollment, registration, deregistration, contributions, payment of wages…); Arts. 66 et seq. General Tax Law (accounting books…): four (4) years.
  • Personal actions without a specific statute of limitations (Article 1964 Civil Code): five (5) years
    Accounting, tax, and labor (Article 30 of the Commercial Code—accounting books, invoices…): six (6) years.
  • Labor: contracts, work hour records, pay stubs and contribution records, identification documents, four (4) years; in the case of occupational risk prevention reports, illness or accident files, and contracts with prevention services, five (5) years.
  • Data subject to the Law on the Prevention of Money Laundering and Terrorist Financing (Article 25): ten (10) years.
  • Recruitment processes: two (2) years from the submission of the resume.
  • Healthcare: five (5) years from the discharge of each care process.
  • Video surveillance: thirty (30) days, except for recordings of an infraction and/or crime.
  • Furthermore, regarding the sending of commercial information, even if the relationship between the parties ends, the data controller will continue to retain your information for the purpose of sending newsletters related to our products and services. You may always exercise the rights granted to you under current regulations by contacting us through the method most convenient for you.
  • Aggregated and anonymized data: no time limit

Notwithstanding these general time limits, we inform you that we will periodically review our systems to delete any data that is not legally required.

3. LEGAL BASIS

What is the legal basis for processing your data?

Depending on the purpose for which we collect your data, the processing of your data is necessary:

  1. To manage the business relationship you have established and entered into with us.
    1. Performance of a contract (based on Article 6.1.b of the GDPR)
    2. Consent of the data subject (permitted under Article 6.1.a of the GDPR)
  2. To prepare a quote tailored to your needs.
    1. Performance of a contract and/or pre-contractual relationship (permitted under Article 6.1.b of the GDPR)
  3. To manage email communications with data subjects.
    1. Consent of the data subject (permitted under Article 6.1.a of the GDPR)
    2. Legitimate interest (pursuant to Article 6.1.f GDPR)
  4. Conducting the company’s recruitment processes.
    1. Consent of the data subject (pursuant to Article 6.1.a GDPR)
    2. Management of the company’s employees and internal human resources
    3. Contract performance (pursuant to Article 6.1.b GDPR)
    4. Sending commercial communications
    5. Consent of the data subject (pursuant to Article 6(1) of the GDPR)
    6. Consent of the data subject (pursuant to Article 20 of the LSSICE)
    7. Legitimate interest (pursuant to Article 6(1)(f) of the GDPR and Article 21(2) of the LSSICE)
  5. Provision of care or healthcare services.
    1. Consent of the data subject (permitted under Article 6.1.a GDPR)
    2. Monitoring facility security (video surveillance)
    3. Legitimate interest (permitted under Article 6.1.f GDPR)
    4. Managing training activities
    5. Performance of a contract (permitted under Article 6.1.b GDPR)
    6. Consent of the data subject (pursuant to Article 6.1.a of the GDPR)

Furthermore, all data collected is necessary for the provision of the service. However, data marked with an asterisk (*) is mandatory. If the mandatory data is not provided, the data controller will not be able to provide the contracted service.

Finally, we inform you that only individuals over the age of 14 may provide personal data on this website. As required by the LOPD and GDPR, in the case of minors under 14, the consent of their parents or legal guardians is mandatory for us to process their personal data.

Furthermore, only individuals over the age of 18 may contract our services. For minors under the age of 18, the consent of their parents or legal guardians is required for us to provide the services offered, unless the minor is emancipated.

4. RIGHTS OF DATA SUBJECTS

What are my rights regarding data protection?

In accordance with Articles 13 of the GDPR and 11.2.c) of the LOPDGDD, you may exercise any of the following rights by contacting us at the postal address CALLE JORDI GIRONA 29 – 08034 BARCELONA or at the email address MCHIRIVELLA@FLUMOTION.COM . In any case, under current regulations, you have the following rights as set forth in Articles 15 through 22 of the GDPR and Articles 12 through 18 of the LOPDGDD:

  • Right to request access to personal data concerning the data subject.
  • Right to request rectification or erasure.
  • Right to request restriction of processing.
  • Right to object to processing.
  • Right to data portability.

You may request the forms to exercise your rights from the Data Controller via the email address provided in the Data Controller’s contact information. Additionally, you may file a complaint with the Spanish Data Protection Agency (AEPD). For more information, see Section VII of this document.

5. RECIPIENTS

To whom will your data be disclosed?

You will always be informed and, where applicable, your express consent will be requested to disclose your personal data or carry out international transfers in accordance with current regulations (Articles 13.1.e and 44 of the GDPR, as well as Articles 11.1 and 40 of Law 3/2018 on the Protection of Personal Data). Therefore, we inform you that the third parties with whom the Data Controller works have their servers located within the EU, EEA, or Switzerland, and have adequate security measures in place to ensure proper and confidential data processing.

Except in the cases mentioned above and unless required by law, your data will not be transferred or disclosed to any third party, except in cases provided for by law or when strictly necessary for the provision of a service. Generally, data may be transferred to:

  • Technology service providers.
  • Payment service providers.
  • Courier and parcel delivery companies.
  • Third parties or intermediaries, acting as service providers, who operate on our behalf (administrative agencies, consulting firms, independent contractors, etc.).
  • Third-party data processors, collaborators, or entities with a close business relationship with the data controller for the sole purpose of providing our services.

Data transfers will be carried out with the strictest confidentiality, employing the necessary measures, such as the signing of confidentiality agreements, or adherence to their privacy policies as set forth on their respective websites. The User may object to the transfer of their data to Data Processors by submitting a written request through any of the aforementioned channels. The Data Controller will not transfer or disclose your data to any third party, except in cases provided for by law or when the provision of a service requires a contractual relationship with a Data Processor. Thus, the User agrees that some of the personal data collected may be provided to these Data Processors (payment platforms, administrative agencies, intermediaries, etc.) when necessary for the effective provision of a contracted service or purchased product. The User also agrees that, in the case of service provision, such services may be, in whole or in part, subcontracted to other individuals or companies, who shall be considered Data Processors, with whom the corresponding confidentiality agreement has been entered into, or who have adhered to their privacy policies, as set forth on their respective websites. The User may refuse the transfer of their data to the Data Processors by submitting a written request through any of the aforementioned means.

6. SOURCE OF YOUR DATA

How did we obtain your data?

The personal data used by FLUMOTION SERVICES SA is provided by the data subject themselves, thereby complying with the provisions of Articles 13 of the GDPR and 11 of the LOPDGDD mentioned above, or by group companies or partners, about which you can obtain more information by writing to the email address MCHIRIVELLA@FLUMOTION.COM or at the Data Controller’s office at the postal address indicated in this document.

What categories of data do we process?

The categories of personal data processed are:

Identification data

First name

Last name

ID number / Foreigner ID number / Passport or equivalent document

Mailing addresses

Email addresses

Gender

Date of birth

Place of birth

Contact phone number (mobile / landline)

Commercial information: our own and third-party

Financial data

Bank account number

Credit card number

Resume

Academic data

Degrees

Hobbies

Membership in associations or clubs

Video surveillance

Image

The processing of sensitive data will be carried out in accordance with the provisions of Articles 9 of the GDPR and 9 of the LOPDGDD, and the data subject will be informed in all cases regarding which data will be used by the data controller.

7. ADDITIONAL INFORMATION

  • Security Measures: Users of the data controller’s website are hereby informed that we have implemented all reasonable security, technical, and organizational measures within our power to prevent the loss, misuse, alteration, unauthorized access, and theft of data, thereby ensuring the confidentiality, integrity, and quality of the information contained therein, in accordance with current data protection regulations. The personal data collected in the forms is processed solely by the data controller’s staff or designated data processors. The Website also features SSL encryption, which allows Users to securely submit their personal data via the website’s contact or registration forms.
  • Social Media: The data controller maintains profiles on some of the major social media platforms (Facebook, Instagram), and in all cases acknowledges responsibility for processing the data of its followers, fans, subscribers, commenters, and other user profiles (hereinafter, “followers”) published by the data controller.

The purpose of data processing by the data controller, where not prohibited by law, is to inform followers about its activities and offers through any means permitted by the social media platform, as well as to provide personalized customer service to Users. The legal basis for this processing is the data subject’s consent, which may be revoked at any time.

Under no circumstances will the data controller extract data from social media platforms unless the User’s specific and express consent has been obtained for that purpose (for example, to conduct a contest).

  • Confidentiality: The information provided by the User shall, in all cases, be considered confidential and may not be used for any purposes other than those described herein. The data controller undertakes not to disclose or reveal information regarding the User’s requests, the reasons for the requested advice, or the duration of its relationship with the User.
  • Accuracy of Data: The User declares that all data provided by them is true and correct and undertakes to keep it up to date. The User is responsible for the accuracy of their data and shall be solely liable for any conflicts or disputes that may arise from the falsity of such data. It is important that, in order for us to keep personal data up to date, the User informs the Data Controller whenever there has been any change to such data.

Documentation prepared by LegalDPO (https://legaldpo.es/), based on information provided by the Data Controller. The content complies with regulations in force as of February 2023 and may vary in accordance with legislative changes or judicial criteria; it is the Data Controller’s obligation to verify the validity of the regulations at all times.

8. SUPERVISORY AUTHORITY

We make every effort to comply with data protection regulations, as your data is our most valuable asset. However, please be advised that if you believe your rights have been infringed, you may file a complaint with the Spanish Data Protection Agency (AEPD), located at C/ Jorge Juan, 6, 28001 – Madrid. More information about the AEPD. http://www.agpd.es/. Documentation prepared by LegalDPO. https://legaldpo.es/

Scroll to Top