PRIVACY AND COOKIES POLICY
This privacy policy describes the methods used to process the information and personal data of users who browse this website (hereinafter, the "Site").
Issued in accordance with Article 13 of Regulation (EU) 2016/679 (hereinafter, "GDPR") and in accordance with Article 22 of Law 34/2002, of July 11, on information society services and electronic commerce, and with Organic Law 3/2018, of December 5, on Data Protection and Guarantee of Digital Rights.
1 - Who is responsible for processing personal data (i.e., who decides on the purposes and methods of processing)?
The data controller is Omnitel Comunicaciones S.L., with registered office at C/ Colquide 6 Edificio Prisma, portal 2, 1ºA - 28231 Las Rozas de Madrid (Spain), e-mail dpo@grupo-omnitel.es (hereinafter, the "Company").
2 - How to contact the Data Protection Officer (DPO)
You may contact the DPO by writing to dpo@grupo-omnitel.es.
3 - What personal data is processed
a) Navigation data
The computer systems and software procedures used for the operation of the Site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified data subjects, but which by its very nature could, through processing and association with data held by third parties, make it possible to identify users. This category of data includes the IP addresses or domain names of the computers and terminals used by users connecting to the Site, the URI/URL (Uniform Resource Identifier/Locator) notation addresses of the resources requested, the time of the request, the method used to send the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the reply given by the server (successful, error, etc.) and other parameters relating to the user's operating system and computer environment.
This data, which is necessary for the use of the web services, is also processed for the following purposes
- obtain statistical information on the use of the services (most visited pages, number of visitors per time slot or per day, geographic areas of origin, etc.)
- control the correct operation of the services offered
- exercising and/or defending the Company's rights in court, including in the event of a finding of infringement by the judicial authorities.
b) Data provided voluntarily by the user
In order to use certain services, the provision of personal data is required, in relation to which please refer to the specific information in accordance with Article 13 of the GDPR provided at the time of collection.
c) Cookies
The Site uses cookies.
What are cookies?
Cookies (or bookmarks) are small text files created by the web server on the user's device when the user accesses a particular site for the purpose of storing and transporting information.
These markers are sent by the web server to the user's device (usually the browser) and stored in order to recognize that device on each subsequent visit. Cookies are sent back from the user's device to the site on each subsequent visit.
Own and third party cookies
Depending on who is the entity that manages the equipment or domain from which the cookies are sent and treats the data obtained, we can distinguish:
- owncookies: these are those for which the publisher itself is responsible and which are generally sent to the user's terminal equipment from a computer or domain managed by the publisher itself and from which the service requested by the user is provided;
- Third-party cookies: are those for which an entity other than the publisher is responsible and which are generally sent to the user's terminal equipment from a computer or domain that is not managed by the publisher, but by another entity that processes the data obtained through the cookies.
In the event that the cookies are served from a computer or domain managed by the editor itself, but the information collected through these is managed by a third party, they cannot be considered as own cookies if the third party uses them for its own purposes (for example, the improvement of the services it provides or the provision of advertising services in favor of other entities).
Technical cookies, analytical cookies and behavioral advertising cookies.
Depending on their purpose, cookies are divided into technical cookies, analytical cookies and behavioral advertising cookies.
Technical cookies are those that allow the user to navigate through a website, platform or application and the use of the different options or services that exist in it, including those that the publisher uses to enable the management and operation of the website and enable its functions and services, such as, for example, control traffic and data communication, identify the session, access parts of restricted access, remember the elements that make up an order, make the purchase process of an order, manage the payment, control fraud linked to the security of the service, make the request for registration or participation in an event, count visits for the purpose of billing licenses of the software with which the service works (website, platform or application), use security features during navigation, store content for broadcasting videos or sound, enable dynamic content (for example, animation of loading a text or image) or share content through social networks.
Also belonging to this category, due to their technical nature, are those cookies that allow the management, in the most efficient way possible, of the advertising spaces that, as another element of design or "layout" of the service offered to the user, the editor has included in a web page, application or platform based on criteria such as the edited content, without collecting information from users for other purposes, such as personalizing that advertising content or other content.
Technical cookies are considered strictly necessary, since the storage of information is essential to provide a service requested by the user. Therefore, technical cookies cannot be disabled and the prior consent of users is not required for their installation.
Preference or personalization cookies are those that allow information to be remembered so that the user can access the service with certain characteristics that may differentiate their experience from that of other users, such as, for example, the language, the number of results to be displayed when the user performs a search, the appearance or content of the service depending on the type of browser through which the user accesses the service or the region from which the user accesses the service, etc.
These cookies are considered a service expressly requested by the user. Therefore, like technical cookies, they cannot be disabled and do not require the prior consent of users for their installation.
Analysis or measurement cookies are those that allow the party responsible for them to monitor and analyze the behavior of users of the websites to which they are linked, including the quantification of the impacts of advertisements. The information collected through this type of cookies is used in the measurement of the activity of the websites, application or platform, in order to make improvements based on the analysis of the usage data made by users of the service.
These cookies could be exempted from consent under certain conditions: to be limited to what is strictly necessary for the provision of the service and therefore must have a purpose strictly limited to the exclusive measurement of the audience of the site or application and this processing must be carried out on behalf of the publisher only and be used to produce anonymous statistical data only.
Behavioral advertising cookies are those that store information on user behavior obtained through the continuous observation of their browsing habits, allowing the development of a specific profile to display advertising based on the same.
These cookies can only be installed on the user's terminal if the user has given his consent.
Session and persistent cookies
Depending on the length of time they remain activated in the terminal equipment, we can distinguish:
- Session cookies: are those designed to collect and store data while the user accesses a web page. They are usually used to store information that only needs to be kept for the provision of the service requested by the user on a single occasion (for example, a list of products purchased) and disappear at the end of the session.
- persistent cookies: are those in which the data remain stored in the terminal and can be accessed and processed for a period defined by the person responsible for the cookie, which can range from a few minutes to several years.
Cookies used by the Company
|
Cookie name |
Type |
Duration |
First part/third parties |
Link |
Purpose |
|
__hs_opt_out |
Technique |
6 months |
Part One (HubSpot) |
- |
Records that the user has opted not to accept cookies. |
|
__hs_do_not_track |
Technique |
6 months |
Part One (HubSpot) |
- |
Prevents visitor tracking if this option is enabled. |
|
__hs_initial_opt_in |
Technique |
7 days |
Part One (HubSpot) |
- |
Indicates whether the user has interacted with the cookie banner. |
|
__hs_cookie_cat_pref |
Technique |
6 months |
Part One (HubSpot) |
- |
Saves the user's preferences on cookie categories. |
|
__hstc |
Analytics |
6 months |
Part One (HubSpot) |
- |
Main tracking cookie: domain, visits, session, time of last visit. |
|
hubspotutk |
Analytics |
6 months |
Part One (HubSpot) |
- |
Identifies the user in forms; transmitted to the CRM. |
|
__hssc |
Analytics |
30 minutes |
Part One (HubSpot) |
- |
Controls the number of sessions per user. |
|
__hssrc |
Technique |
Session |
Part One (HubSpot) |
- |
Determines if the browser has been restarted. |
|
messagesUtk |
Technique |
6 months |
Part One (HubSpot) |
- |
Identifies the user for HubSpot live chat. |
|
ASPSESSIONID |
Technique |
Session |
Part One |
- |
Session ID for consistent browsing and spam prevention |
|
_ _utma |
Analytics |
24 months |
Third parties (Google Analytics) |
Identifies how many times a user has visited the site |
|
|
_ _utmb |
Analytics |
30 minutes |
Third parties (Google Analytics) |
Calculates the end of a statistical session |
|
|
_ _utmc |
Analytics |
Session |
Third parties (Google Analytics) |
Identifies unique users in the session |
|
|
_ _utmz |
Analytics |
6 months |
Third parties (Google Analytics) |
Identifies the user's origin |
|
|
__hs_opt_out |
Technique |
6 months |
Part One (HubSpot) |
- |
Records that the user has opted not to accept cookies. |
|
__hs_do_not_track |
Technique |
6 months |
Part One (HubSpot) |
- |
Prevents visitor tracking if this option is enabled. |
|
__hs_initial_opt_in |
Technique |
7 days |
Part One (HubSpot) |
- |
Indicates whether the user has interacted with the cookie banner. |
|
__hs_cookie_cat_pref |
Technique |
6 months |
Part One (HubSpot) |
- |
Saves the user's preferences on cookie categories. |
|
__hstc |
Analytics |
6 months |
Part One (HubSpot) |
- |
Main tracking cookie: domain, visits, session, time of last visit. |
|
hubspotutk |
Analytics |
6 months |
Part One (HubSpot) |
- |
Identifies the user in forms; transmitted to the CRM. |
|
__hssc |
Analytics |
30 minutes |
Part One (HubSpot) |
- |
Controls the number of sessions per user. |
4 - Method of granting and revoking consent and browser settings
Analytical and profiling cookies will be installed on your devices only after you have given your consent, expressed by selecting the "Accept all" button within the banner containing the brief information. Consent to the use of cookies is recorded with a "technical cookie."
Users may intervene at any time to modify or revoke any consent given via the "Cookies center" link on each page of the Site.
Selecting this link will reopen the cookie notice board, where users can express their updated preferences.
However, users can also express their preferences about cookies through the settings of the browser used. By default, almost all web browsers are configured to automatically accept cookies, but users can change the default settings through the settings of the browser used, allowing them to delete/delete all or some cookies or block the sending of cookies or limit them to certain sites.
Disabling/blocking cookies or deleting them may affect the optimal use of certain areas of the Site or prevent certain functionalities, as well as affect the operation of third-party services.
Cookie management settings depend on the browser used. Below you will find instructions and links to guides to manage cookies for the main desktop browsers:
- Microsoft Edge: Click on the three dots icon in the upper right corner, then click on "Settings." In the menu on the left, select "Cookies and site permissions" and adjust your cookie settings. Below is a link for more information: https://support.microsoft.com/
- Google Chrome: Click on the three dots icon in the top right corner, then click on "Settings." Select "Advanced" and under "Privacy and security," click on "Site settings." Next, adjust your cookie settings by selecting "Cookies and site data." You can find more information at the following link: https://support.google.com/
- Mozilla Firefox: Click on the icon with three horizontal bars in the upper right corner and select "Options." In the window, select "Privacy and Security" to adjust your cookie settings. Below is a link for more information: https://support.mozilla.org/
- Apple Safari: Select "Preferences" and then "Privacy," where you can adjust your cookie settings. Below is a link for more information: https://support.apple.com/
- Opera: Select the icon with the three horizontal bars in the upper right corner, then "Advanced." Select "Privacy and security," then "Site settings." Under "Cookies and site data," adjust the cookie settings. Below is a link for more information: https://help.opera.com/
In the case of browsers other than those mentioned above, it is necessary to consult the corresponding guide to learn how to manage cookies.
5 - Recipients of the data
The data will be processed by employees of the Company's functions and by the Company's collaborators assigned to the achievement of the purposes specified above, who have been expressly authorized to process the data and have received specific operational instructions.
The data may also be processed, on behalf of the Company, by third parties, designated as data processors in accordance with Article 28 of the GDPR, such as natural and/or legal persons carrying out functional activities for the achievement of the above purposes (e.g. service providers for the management of the Site, such as system subcontractors, companies providing Internet network connectivity services, companies providing CRM management and maintenance services and companies providing management services for the marketing automation platform).
In addition, the data may be communicated to autonomous data controllers, such as authorities and supervisory and control bodies empowered to request/receive the data, as well as to any suppliers (or third parties or vendors) listed in the tables above containing the list of cookies.
6 - Transfer outside the EU
Data may be transferred to entities established outside the European Union (EU) or the European Economic Area (EEA), in particular to the United States, a country considered appropriate by the European Commission under the EU-US Data Protection Framework of July 10, 2023.
When the entities to which the data are transferred are located in a "third country" without an adequacy decision, the standard contractual clauses (SCCs) referred to in Article 46(2)(c) of the GDPR will be stipulated, a copy of which can be obtained by contacting the Company at the contact points indicated in section 1 above.
For more information, if third parties are indicated in the table above, please refer to the links to the relevant disclosures.
7 - Rights of data subjects
Data subjects may exercise their rights under Articles 15 to 22 of the GDPR by contacting the Company at the contact points indicated in paragraph 1, and in particular:
- obtain confirmation as to whether or not personal data concerning them are being processed and, if so, request access to such data and to the information referred to in Article 15 of the GDPR (the purposes of the processing, categories of personal data, etc.);
- obtain the rectification of inaccurate data or the integration of incomplete data in accordance with Article 16 of the GDPR;
- request the deletion of personal data in the cases provided for in Article 17 of the GDPR, if the Company is no longer entitled to process them (1*);
- obtain the limitation of processing (i.e. the temporary storage of data), in the cases provided for in Article 18 of the GDPR (2*);
- to object at any time to the processing of personal data concerning him/her for reasons of legitimate interest;
- object at any time to receiving promotional communications from the Company, (also by clicking on the "unsubscribe" link at the bottom of each e-mail);
- if the processing is based on consent or a contract and is carried out by automated means, request to receive the data in a structured, commonly used, and machine-readable format, as well as, if technically possible, to transmit it to another controller without hindrance, in accordance with Article 20 of the GDPR ("right to portability").
In any case, they have the right to lodge a complaint with the competent supervisory authority of the Member State in which they habitually reside or work or of the State in which the alleged infringement occurred.
1* The data subject has the right to obtain the deletion of his or her data, in particular in the following cases
a. the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
b. the data subject withdraws the consent on which the processing is based pursuant to Article 6(1)(a) or Article 9(2)(a), and if there is no other legal basis for the processing
c. the data subject objects to the processing pursuant to Article 21(1) and there are no other legitimate grounds for the processing, or objects to the processing pursuant to Article 21(2);
d. the personal data have been unlawfully processed;
e. the personal data must be deleted in order to comply with a legal obligation under Union or Member State law that applies to the controller
f. the personal data have been obtained in connection with the provision of information society services referred to in Article 8.1.
2* The hypotheses in which it is possible to obtain the limitation of treatment are as follows
a. the data subject contests the accuracy of the personal data, during a period of time that allows the controller to verify the accuracy of the data;
b. the processing is unlawful and the data subject objects to the deletion of the data and requests instead the restriction of their use;
c. the controller no longer needs the data for the purposes of the processing, but the data subject needs the data for the formulation, exercise or defense of claims;
d. the data subject has objected to the processing in accordance with Article 21.1 of the GDPR, while verifying whether the legitimate grounds of the controller outweigh those of the data subject.