For the purposes of the provisions of existing legislation on the protection of personal data, Monema Communications SL with NIF B-26439653 and registered office at C / Gran Via No 17, Logroño, La Rioja, Spain (hereinafter Monema) informs its customers or users, ie any person who voluntarily and through any channel available to communicate or access to personal data to Monema, which guarantees security against unauthorized or unlawful processing, loss of personal data, destruction or accidental damage. This implies the establishment of technical, administrative and organizational measures necessary for the integrity, availability and confidentiality of the personal data it processes, taking into account the state of technology, the nature of the data stored and the risks to which they are exposed, and that it will only record personal data in files, processing centers, premises, equipment, systems and programs that meet the conditions determined by current regulations.

 In compliance with the implemented measures and as a proactive data processing manager, Monema makes public this data protection policy (it can be used indistinctly to refer to it the terms “policy”, “privacy policy” or “data protection policy”) that applies to any person who voluntarily and through any available channel, communicates or access to personal data to Monema and consequently implies in its case the obtaining of free, unambiguous, specific, informed and express consent of the customer or user for the processing of personal data by Monema.

Likewise, these guidelines will be of subsidiary application of those others that on the same matter are established, with special character, and are communicated without restrictive character through the registration forms, and/or contractual conditions of the services, remaining the present policy direct or as complementary in that not expressly foreseen and that is not contradicted.

In order to comply with the aforementioned regulations and to help the user or customer of any Service offered by Monema to understand how their personal data is collected, used, treated and protected, Monema informs you of the following aspects related to your right to personal data protection.

1. What data is processed? It contains the information regarding the categories of data processed by Monema.
2. What is the data processed for? It indicates the list of the legitimate bases and purposes for which Monema performs the processing of personal data.
3. Information retention periods. The criteria and periods of conservation related to each of the treatments of personal data are explained according to the purpose of the same one.
4. Exercise of rights. Necessary information about the rights of the customer or user, as well as the means by which you can request Monema to exercise them.
5. Information communicated to third parties: recipients or categories of recipients. Information we share with recipients and the purposes of the communication.
6. International data transfers. The international data transfers that Monema carries out outside the European Economic Area are specified.
7. Security and confidentiality in the treatment of your information Confidentiality and security measures of the information used by Monema for the protection of personal data.
8. Processing of data of minors. Information on data processing by Monema in case the customer or user is a minor.
9. Treatment Manager. The obligations that Monema assumes in case of processing personal data on behalf of the data controller are described.
10. Cookies. Cookie policy.
11. Responsibilities. It is established obligations that correspond to assume the user or customer of Monema.
12. Policy changes. Regulation of the procedure of modification of the Privacy Policy.

What data is processed?

Personal data is any information about an identified or identifiable natural person. In this sense, Monema treats the personal information that the customer or user provides for the recruitment, the information generated through the provision of the same, as well as data generated by Monema. Based on the principle of minimization, the data that we may process will be adequate, relevant and limited to those necessary depending on the purposes for which they are processed, and always respecting the will of the customer or user.

The data being processed depends on the relationship of the user or customer with Monema, as well as the additional processing allowed or authorized by the same.

The data that Monema can edit are the following:

1. a) Data obtained from the Client or user: this is the data provided by the Client or user initially to manage the relationship that unites us or subsequently during the course of the same. These data include contact details (NIF, postal address, installation address, fixed and mobile telephone numbers), e-mail address, date of birth, profession and economic sector and/or activity, payment details and/or bank account for direct debiting of bills, as well as any other type of information obtained, where appropriate, through the customer service channels of the various brands Monema (eg nick or identifier, complaints, queries made or incident), including that obtained through cookies on your visits to the Websites and Apps Monema, and customer or user interactions with the official social networks of Monema.
2. b) Data not obtained from the Client or user:

b.1) Data derived from the provision of the service or product:

1. a) Monema Services Data: are the data referring to the contracted services, installed equipment, average monthly consumption, for example, related to the number of calls, number of minutes, type of call (national, international, roaming…); number of SMS, volume of data used; billing data, for example, income per customer or average of the arithmetic amount, type of services charged through your bill and data of use of the same, including applications, websites and Monema platforms.
2. b) Consumption data in Monema: it is the data obtained from the service provision, and/or any other device available in Monema.
3. c) Traffic data: this is the data associated with call details, i.e. source and destination number, date, time and duration of the call; source and destination number of the SMS and/or MMS sent, the public IP address of each connection made, including its date and time of connection, the number that internationally identifies a client (IMSI), as well as any other event associated with voice traffic, data, messages, recordings (space to record about 30h per user, which are deleted as new recordings are made and there is no space) and destination and source numbers of calls.
4. d) Web visit data: this is the technical and navigation data associated with each access or visit to the website, including the public IP address used, the date and time of the connection, the DNS query, the websites consulted or applications used, the IP of the website consulted, the domain name (URL), the sections visited within the website (URI) and the volume of data used.
5. e) Location data: this is the data on the geographical position of the user’s mobile line, i.e.: the identifier of the antenna with which the communication is associated and its geographical position, the change of antenna and/or switching on and off of the device in order to provide the necessary coverage, date and time of the previous information.

b.2) Data generated or estimated by Monema

These are the data resulting from the analyses carried out by Monema based on the data available from the client or user for internal management, commercial attention and other purposes related to the execution of the contract, as well as, if applicable, for the other purposes indicated in the section corresponding to the purpose or

What do we use your data for?

We can make estimates about your age, gender, terminal used (brand, model, operating system), age (of the customer, of the line or of the terminal used), preferred shopping channel, province of customer service and nearest store, return of commercial campaigns carried out, if the customer or user uses digital media, what is the best time to contact you, payment behavior, degree of propensity to decline, as well as, the basic analysis of aspects related to your personal preferences and interests from the consumption data in Monema.

In addition, if we have consent, we may use the additional data indicated to create commercial profiles of the customer or user such as household composition, economic level, type of work activity, interests and preferences such as travel, sport, games, science, gardening, fashion, music lovers, cinema or theatre, etc.

b.3) Data not obtained from the interested party that come from external sources:

These data will allow Monema to have an updated and more reliable detail that allows the regularization or verification of the data provided by the customer or user for its subsequent use as established in this Policy. In case they are not obtained directly from the interested party, Monema will inform the holder in the terms established in the current regulations, basically the source of origin and category of the data processed. Some examples of external sources that can be consulted by Monema are

• The promotional census, from which it is possible to obtain the name, surname and address of the persons registered there from the National Statistics Institute or the equivalent bodies of the Autonomous Communities.
• The telephone directory, always regulated by the current regulations.
• Lists of persons who are in a professional group and from which only the name, profession, title, activity, academic degree, professional address can be extracted and which indicate that they belong to that group.
• Official journals and newsletters, although with some exceptions.
• The media, such as television, radio, press… etc.

However, the above, it is reported that the provision of services Monema may involve the processing of other categories of data not included in this list, in this case, the Customer or user will be informed in the specific privacy conditions for each of the products or services concerned, and obtained their consent, if necessary, under applicable regulations.

Without prejudice to the data indicated above, Monema reports that the data processed may be subject to a process of irreversible anonymization, in compliance, in any case, with the Code of Good Practice in Data Protection for Big Data projects, as well as the Guidelines and guarantees in the procedures of anonymization of personal data published by the Spanish Agency of Data Protection in order to use all the guarantees established by law and any other measures allowed by the market and technology. You can obtain more information about how we anonymize your data in the corresponding section

Monema treats the customer or user data for the provision of the service, as well as for other purposes that it allows or authorizes in the terms reported in this Privacy Policy or in the specific conditions of each service contracted Monema.

Additionally, during the validity of the contractual relationship, other data may be incorporated for these or other purposes, in which case the client or user will be duly informed at the time of collection of the same, through the channels of commercial attention. Therefore, before carrying out any additional treatment not foreseen in this Policy, we will inform you.

The Customer or user will be solely responsible for all the information provided to Monema for the management and contracting of the products and services, guaranteeing that he/she is entitled to and has obtained the consent of the owner for the delivery. Monema is not responsible for the use of false, inaccurate, incomplete, or outdated information provided by the Customer or User.

To this effect, Monema informs about the legitimizing bases that will allow the different treatments:

1º. Execution of the contract

Monema informs that for the execution of the contract signed with the Customer may use, among the categories of data collected in the first section, those that are necessary for the proper execution of the contract. In addition, we need to treat your data to provide you with the highest quality services, to adapt to your needs, and to improve your experience in these services.

In addition, as a Monema customer, the treatments that may be necessary to comply with this contract will be carried out for the following purposes:

Provide the service, maintain it and manage the contractual relationship with the client or user.

Customer service through any Monema channel to which you can go, including devices and/or applications that Monema makes available for the management of your services.

Accredit the hiring, improve the quality of technical and commercial attention, as well as verify the satisfaction of the clients or users through the recording of their voice and, if necessary, transcription of the attention provided through the channels enabled for this purpose.

Check the customer’s solvency by accessing credit information systems prior to contracting any Monema service and while the aforementioned contractual relationship is in force. The specific credit information systems used by Monema are identified in the “external sources” section

Conducting statistics, surveys or market studies, which aim to evaluate the quality of the product or service, business, commercial or investment decision making, check the sales or products that sell most, etc., including a period of three months after having ceased to be a customer or user, for example, to know the reasons for their departure or dissatisfaction. To do this, Monema has trusted third parties to which it commissions these surveys or market studies to obtain anonymous results.

To maintain the security of electronic communications networks and services, to detect failures or technical errors in the transmission of electronic communications, as well as any processing necessary for the proper provision of the telecommunications service or any other sectoral regulation that may be applicable

Comply with the legal obligations of service quality imposed by the telecommunications legislation and other applicable laws in force.

To detect or prevent the abusive or fraudulent use of Monema services, as well as their irregular hiring.

Any other that is compulsory and necessary for the fulfilment of its functions as a service provider.

2. Legitimate interest

The legitimate interest constitutes a legitimate basis for the processing, provided that such interest in processing the customer or user data by Monema for the indicated purpose is within the reasonable expectations based on the relationship that unites us as a customer or user Monema.

In this sense, it is considered that they are protected by the legitimate interest and, therefore, Monema will be able to treat the following data for each one of the purposes described next:

Data on abnormal traffic that may be carried out from the customer or user connection and that affect the security of networks, systems or equipment may be processed so that Monema can send information or cyber security alerts by any means.

It may be processed data obtained from the Customer or user, data derived from the provision of service or product (data from Monema services, consumption of Monema (and other devices) and visits to our websites and Apps Monema) as well as data generated by Monema, in order to analyze or predict in a very basic way aspects relating to their personal preferences and interests and that, Monema can offer the same, by any means, personalized offers Monema Services.

and data generated by Monema, in order to analyze or predict in a very basic way aspects related to their personal preferences and interests and that, Monema can offer the customer personalized offers of products and services Monema in your television service, as well as products and services of Monema partners.

In addition and for commercial offers, Monema may process the data provided by the user of those who have requested information on Monema Services by any means (including, where appropriate, electronic), for a maximum period of two years since they were provided.

The right to oppose such processing may be exercised by sending the relevant notification to the addresses given in the “Exercise of Rights” section of this Privacy Policy.

3º. Consent

The consent constitutes a legitimizing basis for the processing that will allow Monema to process the following data for each of the purposes described below, after obtaining the corresponding authorization from the customer or user as appropriate.

To this end, each Client or user will receive a specific informative communication beforehand with a sufficient level of detail for the processing of the data for the purposes indicated below:

The data obtained from the Customer or user, data derived from the provision of service (data from Monema services, consumption in Monema (other devices) and visits to our websites and Monema Apps), data generated by Monema and external sources, may be processed in order to make a commercial profile and that Monema can offer you, by any means, including electronic and digital, offers of products and services of Monema.

Time limits for retention of information

We inform you that, in compliance with the principle of limitation of the period of conservation, the data will be treated only and exclusively during the time necessary and for the purposes for which they have been collected at each moment. They will therefore be kept in such a way as to allow identification of the data subjects for no longer than is necessary for the purposes of the processing of the personal data.

For all the above, Monema has established the following retention periods that will be applicable depending on the purpose and the basis of legitimacy, unless in any case has specified a different period in this Privacy Policy or in the conditions of provision of each of the services Monema:

In order to carry out the processing related to the execution of the contract, the data will be kept for the time strictly necessary to fulfil the purposes required by the Service. For example, data obtained from the customer will be kept while the customer is in the registration state; traffic, navigation and location information will be processed for a period that can range from 3 to 12 months in order to comply with the obligations of maintaining network security or preventing fraud.

In application of the civil, commercial and fiscal legislation, the data related to the contracting and invoicing of the products and services contracted, will be stored for a period of 6 years from the time the client leaves the company.

In compliance with Law 25/2007, traffic and location data will be kept for 12 months and may be requested by means of a court order.

In order to carry out the processing related to the analysis of the data to predict the interests and preferences of the client or the user protected by the legitimate interest, as well as the elaboration of a commercial profile in case of having obtained the consent, the data indicated in each of the cases allowed or authorized by the client will be stored and processed with that purpose for a period of 12 months, unless a longer period is necessary to comply with the foreseen purpose. For example, the services that have been contracted by the customer during the validity of the contractual relationship with Monema.

After the above-mentioned periods, the data may be destroyed, blocked or made anonymous, as appropriate, and in accordance with the provisions of the law.

Exercise of rights

In accordance with applicable regulations, Monema informs the user or customer that he has the following rights derived from the applicable regulations:

• Access: allows the data owner to obtain information on whether or not Monema is processing personal data concerning him or her and, if so, the right to obtain information about your personal data being processed.
• Rectification: allows you to correct errors and modify data that proves to be inaccurate or incomplete.
• Deletion: allows the data to be deleted and no longer processed by Monema, unless there is a legal obligation to retain them and/or there are no other legitimate reasons for their processing by Monema. For example, when the personal data is no longer necessary in relation to the purpose for which it was collected, the customer may request that we delete the data without undue delay.
• Limitation: under the conditions established by law, it allows the data processing to be stopped, so that Monema can avoid processing it in the future, which will only keep it for the exercise or defence of claims.
• Objection: in certain circumstances and on grounds relating to their particular situation, data subjects may object to the processing of their data. Monema will stop processing the data, except for compelling legitimate reasons, or the exercise or defense of possible claims.
• Portability: it allows the person concerned to receive his/her personal data, which he/she has provided to Monema, and to be able to transmit them directly to another person in charge in a structured, commonly used and machine-readable format. In order to exercise this right, it will be necessary for the customer to provide a valid email address.
• Digital rights: Monema guarantees the exercise of digital rights to the extent that they are applicable, in compliance with current regulations, specifically the Organic Law 3/18 on Data Protection and Guarantee of Digital Rights (LOPDGDD), some of which are cited here by way of example and not exhaustive:

• • Employee’s digital switch-off outside working hours.
  • Right to forget when data is inadequate, not relevant and/or excessive also in social networks.
  • Protection of privacy with protocols negotiated with workers for the use of digital devices and reinforcement of the privacy of employees in the face of audiovisual or geolocation systems at work.
  • The right to neutrality of the Internet.
  • Child protection.

Monema guarantees the adoption of the necessary measures to ensure the exercise of these rights free of charge, being necessary for such exercise that a copy of your official identification document is attached:

• To exercise any of the rights mentioned above by sending a letter by post, indicating in the request which right you wish to exercise to C/ Gran Vía nº 17, Logroño, La Rioja, Spain
• By writing an e-mail to the following address, providing the same information as in the previous section, to: info@monema.com

As established by law, the exercise of these rights will be attended to by Monema within a maximum period of one month. However, and depending on the complexity of the application, the complete implementation of certain rights may require a longer period, which in no case will exceed two additional months.

Finally, the client will have the right to file a complaint with the national control authority, for this purpose he should contact the Spanish Data Protection Agency, whose contact details are as follows:

Spanish Data Protection Agency

C/ Jorge Juan, 6 – 28001 Madrid

Telephone: 901 100 099/91 266 35 17

Information we communicate or share: recipients or categories of recipients

Monema will only exchange personal data with third party recipients, for any of the purposes set forth in the Privacy Policy, with the aim of maintaining the contractual relationship, making communications to companies that the customer has allowed, to credit information systems, as well as those that are legally required in compliance with any regulations that apply in the terms set forth below:

Necessary for the provision of the service:

Monema has contracted for the management of some of the functions necessary for the provision of the service, reliable suppliers who may have access to personal data, who will act as data processors and who will be contractually obliged to comply with their legal obligations as data processors, to maintain the confidentiality and secrecy of the information.

As for the categories of recipients, it is indicated that, personal information of the Customer may be shared with the commercial and technical services of Monema, depending on the products and/or services that the Customer has contracted. Below is the updated list of service categories managed by suppliers contracted by Monema:

• • Administrative and backoffice, tax and labour services.
  • Financial and banking services.
  • Services of legal activities.
  • Hosting and cloud services.
  • Information removal and destruction services.

Under no circumstances will the Client’s or user’s personal data be shared with third companies without obtaining their prior consent, unless the communication of their data is necessary to ensure the maintenance of the contractual relationship with the client, as well as in the cases provided for by the regulations in force at any given time.

Likewise, given the configuration of Monema’s commercial offer and depending on the technical needs for the provision of the services that form part of it, the necessary data communications may be produced between the co-processors in order to correctly provide and manage the service contracted, offering the commercial offer that best suits the customer’s circumstances (for example, in the case of coverage limitations involving a satellite solution), as well as their interests and preferences.

Data communications to credit information systems

The Client is informed that, in accordance with the regulations in force, in the event of non-payment, the data relating to the debt may be communicated to third party companies duly authorised by law and responsible for managing non-compliance with monetary obligations.

Fulfilment of a legal obligation

Monema may also disclose your personal information to legally authorized third parties when necessary to comply with the law.

Monema may communicate the Customer’s personal data to the various public authorities by virtue of a legal obligation, such as the tax and customs authorities, the judicial authorities, the competent telecommunications authorities, the judicial police, and any other authority that may be applicable in accordance with the regulations in force.

International data transfers

Please note that Monema contracts the management of some of the functions necessary for the provision of the service with processors located outside the European Economic Area and that, in any case, guarantee an adequate level of protection of personal data by having submitted to the Privacy Shield or respect the standard contractual clauses for the transfer of personal data approved by the European Commission and the customer or user by providing their data is aware of and accepts this communication of data, as well:

• Google: https://www.google.es/intl/es/policies/privacy/
• Dropbox: https://www.dropbox.com/es_ES/privacy
• Vtiger: https://www.vtiger.com/policy-legal-center/privacy-policy/
• Amazon:https://www.amazon.es/gp/help/customer/display.html?ie=UTF8odeId=201909010ef_=footer_privacy
• Social networking:

• Facebook: https://es-es.facebook.com/help/cookies
• Twitter: https://twitter.com/privacy?lang=es
• Linkedin: http://www.linkedin.com/legal/privacy-policy
• Youtube: https://www.google.es/intl/es/policies/privacy/

In the above cases or if you have subscribed to the PrivacyShield agreement you can consult the Guide to the US-EU Privacy Shield at the AEPD

Security and confidentiality in the treatment of information

Monema is concerned with ensuring the security, secrecy and confidentiality of data, communications and personal information. Therefore, as part of our commitment and in compliance with current legislation, we have adopted the most appropriate security measures and technical means to prevent their loss, misuse or access without your authorization.

When we receive customer data, we use procedures and security features to prevent any unauthorized access.

The personal data that we may collect through the various communications that we maintain with the client or user will be treated with absolute confidentiality, committing ourselves to keeping them secret and guaranteeing the duty to safeguard them by adopting all necessary and reasonable measures to avoid their alteration, loss and unauthorized treatment or access, in accordance with the provisions of applicable legislation.

In cases of security violation of personal data that pose a risk to the rights of individuals, Monema will take the necessary measures to remedy the situation and mitigate the possible negative effects that such violation may have caused. Likewise, it will notify customers or users and the competent National Authority when required by the applicable data protection regulations.

Processing of data of minors

Monema expressly prohibits those under 14 years of age who provide the same to Monema without the prior consent of their parents, guardians or legal representatives.

In case the Customer grants the use of the services to a user under 14 years old, as the person responsible for it, he will be in charge of authorizing and deciding before Monema about the treatment of his data in the terms exposed in this Policy.

 Monema will ensure the proper use of the data of minors ensuring respect for the laws that apply to them with the measures that are reasonably appropriate.

Whenever the parents, guardians or legal representatives of these minors detect unauthorized data processing, they may submit their queries by writing to info@monema.com.

Treatment Manager

In the event that Monema acts as a processor and all its staff is obliged to:

1 To use the personal data being processed, or those collected for inclusion, only for the purpose of this assignment. Under no circumstances may you use the data for your own purposes or for purposes other than those indicated in the contract.

2 Process the data in accordance with the instructions of the data controller.

3 Keep a written record of all categories of processing activities carried out on behalf of the controller, containing

1. The name and contact details of the manager(s) and each manager on whose behalf the manager is acting.
2. The categories of processing carried out on behalf of each controller.
3. An overview of the appropriate technical and organisational security measures you are implementing.
4. Do not communicate the data to third parties, unless you have the express permission of the data controller, in the legally admissible cases. If the person in charge wants to subcontract, he must inform the person in charge and ask for his previous authorization.
5. To maintain the duty of secrecy with regard to the personal data to which it has had access by virtue of this order, even after the end of the contract.
6. To ensure that the persons authorised to process personal data undertake, expressly and in writing, to respect confidentiality and to comply with the corresponding security measures, of which they must be duly informed.
7. Keep at the disposal of the person responsible the documentation accrediting the fulfilment of the obligation established in the previous section.
8. Ensure the necessary training on personal data protection for persons authorised to process personal data.
9. When the persons concerned exercise the rights of access, rectification, deletion and opposition, limitation of processing and portability of data before Monema, the latter must communicate this by e-mail to the address indicated by the person responsible. The communication must be made immediately and in no case beyond the working day following the receipt of the request, together, if necessary, with other information that may be relevant to resolve the request.
10. Notification of data security violations

4 The data processor shall, without undue delay and via the e-mail address indicated by the data controller, notify the data controller of any breach of the security of the personal data held by him/her, together with any information relevant to the documentation and communication of the incident. At least the following information shall be provided:

1. Description of the nature of the personal data security breach, including, where possible, the categories and approximate number of data subjects concerned, and the categories and approximate number of records of personal data concerned
2. Contact person’s details for more information
3. Description of the possible consequences of the violation of personal data security. Description of the measures taken or proposed to remedy the breach of security of personal data, including, if appropriate, measures taken to mitigate any negative effects.

If and to the extent that it is not possible to provide the information simultaneously, the information shall be provided gradually without undue delay.

Monema shall, at the request of the controller, communicate such data security breaches to data subjects as soon as possible, where the breach is likely to result in a high risk to the rights and freedoms of natural persons.

The communication must be in clear and simple language and must include the elements indicated by the person responsible in each case, as a minimum:

1. The nature of the data breach.
2. Details of the contact point of the person in charge or the person in charge where more information can be obtained.
3. Describe the possible consequences of the violation of personal data security.
4. Describe the measures taken or proposed by the controller to remedy the breach of security of personal data, including, where appropriate, measures taken to mitigate any negative effects.

Make available to the person responsible all the information necessary to demonstrate compliance with his or her obligations, as well as for the performance of audits or inspections carried out by the person responsible or another auditor authorised by him or her.

To implement the technical and organisational security measures necessary to guarantee the confidentiality, integrity, availability and permanent resilience of the treatment systems and services.

The security measures taken by the person in charge, which are not exhaustive, are the following:

ORGANIZATIONAL STEPS

All personnel with access to personal data are aware of their obligations in relation to the processing of personal data and are informed about such obligations and in particular about confidentiality and secrecy which persists even when the employee’s employment relationship with the company ends.

TECHNICAL MEASURES

Identification

There are profiles with administration rights for the installation and configuration of the system and users without privileges or administration rights for access to personal data.

• The existence of passwords for access to personal data stored in electronic systems shall be guaranteed. The password shall have at least 8 characters, a mixture of numbers and letters.
• Where personal data is accessed by different persons, each person with access to the personal data will have a specific username and password (unambiguous identification).
• The confidentiality of passwords must be guaranteed, avoiding their exposure to third parties.

Duty of care

The following are some of the technical measures to ensure the safeguarding of personal data:

• Updating computers and devices: The devices and computers used for the storage and processing of personal data are kept up to date as much as possible.
• Antivirus: In the computers and devices where the automated processing of personal data is carried out, there will be an antivirus system that guarantees, as far as possible, the theft and destruction of information and personal data. The anti-virus system shall be updated regularly.
• Firewall: To avoid undue remote access to personal data, we will ensure that a firewall is activated on those computers and devices where it is necessary to store and/or process personal data.
• Data encryption: When it is necessary to extract personal data outside the premises where they are processed, either by physical or electronic means, the possibility of using an encryption method should be assessed in order to guarantee the confidentiality of the personal data in case of improper access to the information.
• Backup: A backup is made to a second media different from the one used for daily work. The copy will be stored in a safe place, different from the one where the computer with the original files is located, in order to allow the recovery of personal data in case of loss of information.

The security measures will be reviewed periodically, the review may be done by automatic mechanisms (software or computer programs) or manually.

Destination of the data

To return the personal data and, if applicable, the supports where they are recorded, to the person responsible for the processing, once the service has been provided.

The return must involve the complete deletion of existing data on the computer equipment used by the manager. However, the processor may keep a copy, with the data duly blocked, for as long as liability may arise from the performance of the service.

It is the responsibility of the controller:

• Give the person in charge the necessary data to provide the service.
• To ensure, in advance and throughout the treatment, compliance with the RGPD and this contract by the person in charge.
• Supervise treatment.

Cookies

Monema uses “cookies” in the navigation of its website. Cookies are small files that our computers send to the users of the website and automatically collect information about the IP address of the visitor, the day and time it begins and ends the visit, as well as information on the various sections of the website consulted. Users can configure their browser so that it will warn them on screen if they are going to receive a cookie. Users may also configure their computer equipment so as not to receive these cookies, which does not prevent them from accessing the information on the website. These are:

• Own Cookies

Purpose: These cookies are used with the purpose of allowing the visit to our website, the interaction with it.

• Third-party cookies:

Cookies: google-analytics.com

Supplier: Google Inc.

Purpose: To collect diverse information about the user’s navigation through our site. For example, the visitor’s location, details of the visit made (time, pages viewed, etc).

It uses cookies such as “__utma”, “__utmb”, “__utmc” and “__utmz”.

Content from other web services such as some social networks has been integrated.

Each of these services uses its own cookies. If you wish to know the conditions of privacy and use of cookies, please consult the links to the policies provided by these services.

Responsibility

Monema warns that, except for the existence of a legally constituted representation, no user and / or customer may use the identity of another person and communicate their personal data, so that at all times must communicate to Monema, personal data corresponding to their own identity and that are adequate, relevant, current, accurate and true. For this purpose, the user and/or customer will be solely responsible for any damage, direct and/or indirect caused to third parties or to Monema by the use of personal data of another person, or their own personal data when they are false, erroneous, not current or inadequate. Similarly, the user and / or customer who communicates the personal data of a third party, will be responsible to the latter of the obligation of information established in the current legislation for when the personal data have not been collected from the person concerned, and / or the consequences of not having informed.

Monema is not responsible for the breach of the obligations derived from the data protection regulations developed by the customer responsible for the processing in the part that corresponds to its activity and that is related to the execution of the contract or commercial relations that link it to Monema. Each party will have to face the responsibility derived from its own failure to comply with the contractual obligations, legislation and regulations.

Change in policy

Monema may update this Privacy Policy at any time. This update will be made public in any case, and will be communicated directly to the customer or user in the event that it affects their rights or freedoms.

All notifications, modifications and communications by Monema to the customer related to the Privacy Policy will be made with the necessary legal notice, by sending an email to any of the addresses that the user or customer provides to Monema;

The use of the services once this change has been communicated will imply that the client is aware of it under the terms set out in the new published privacy policy.