1.3. In accordance with the T&C applicable to the Services, the Customer must be an individual professional, entrepreneur, or a company. If the Customer is an individual he / she shall be 18 years old or over, in order to access and use the Services.
2.1. The Service Provider may collect and process the following Personal Data provided by the Customer: (a) information provided by the Customer when required due to the provision of the Services; (b) information about the use and resources accessed by the Customer; (c) communications maintained and exchanged with the Customer; (d) Information collected through the using of Cookies as depicted in the separate Cookies Policy; and (e) information collected as a consequence of the Services provided.
2.4. The Service Provider shall apply the applicable technical and organizational measures in order to protect the Personal Data stored by the Service Provider from its destruction, loss, variation, disclosure, access our unauthorized use, accidental or illegal, and from any other illegal processing. The Service Provider shall apply the same or similar levels of protection in accordance with the current standards that apply in the sector. Notwithstanding the above, the Customer acknowledges and accepts that the Internet is not a completely secure environment, and thus the Service Provider cannot guarantee an eventual breach of the security measures that are applied or any other security incidents that may occur in the course of the provision of the Services.
In order to comply with the provisions contained in the Constitutional Act 15/1999, of 13 of December, on Personal Data Protection, which specifically apply to the Service Provider, the Service Provider informs to the Customer about the following conditions:
3.2. The purpose of the collection and processing of Personal Data by the Service Provider is the management, administration and performance of the Services offered by the company, and its use for communications with Customers as well as the eventual delivery of commercial information about products and services similar or equivalent to those contracted herein that may be of interest for the Customers.
3.3. The Customer may exercise its rights to access, rectify, cancel and oppose, at any time, the processing of its Personal Data in accordance with the applicable law, by writing a notice to the Service Provider at the following e-mail address firstname.lastname@example.org. The official models and forms to exercise these rights are made available to the User on the website of the Spanish Data Protection Agency, which is located at the following URL: www.agpd.es.
4.1. The Customer may carry out the processing of personal data on the Customer’s website, by using the services provided by the Service Provider. In such case, the Customer agrees and acknowledges to manage the personal data of its users and customers in full compliance with the data protection regulations and, when necessary, the rules on data protection and e-commerce that will become applicable. In this regard, the Customer shall be the sole and exclusive owner, thus assuming full responsibility in relation to such personal data, and must indemnify and keep harmless the Service Provider as a result of damages caused by any incident or administrative, judicial or extrajudicial claim that any third party might initiate in this regard.
4.2. With regard to the Service Provider, and in the event that it might process personal data of users and customers of the Customer, then there may be a data processing performed by the Service Provider on behalf of the Customer. Consequently, the Service Provider will have access to such personal data for the sole purpose of providing the services described in the T&C. The Service Provider will only process the aforementioned information according to the instructions of the data controller and data not apply or use them for purposes other than as contained in this clause, therefore shall not be disclosed, even for safekeeping, to any other people. Also upon completion of the relations linking the two sides, Service Provider must destroy the above data as well as any support or document containing any personal data provided by the data controller. Service Provider shall adopt the security measures described as “basic level”, in accordance with the provisions of Articles 89 to 94 and 105 to 108 of the Royal Decree 1720/2007, in relation to these personal data.