Privacy Policy

USER INFORMATION

ZABALA group formed by ZABALA INNOVATION CONSULTING, S.A., located at Paseo Santxiki, 3 bis – E-31192 Mutilva (Navarre), ZABALA BRUSSELS SPRL, located at rue Belliard, 20 -4ème – B-1040 Bruxelles, and GBA ZABALA conseil en innovation SAS, located at 35 rue d’Artois – F-75008 Paris- hereinafter JOINT CONTROLLERS, are, as stated in article 26 of Regulation (EU) 2016/679 of April 27, 2016 (GDPR) on the protection of natural persons with regard to the processing of personal data and the free circulation of this data, jointly responsible for the personnel data processing of the User and informs that this data will be treated in accordance with the provisions of GDPR, for which the following treatment information is provided:

Contact details of the joint controllers: ZABALA INNOVATION CONSULTING, S.A., paseo Santxiki, 3 bis – E-31192 Mutilva (Navarra). NIF : A31419773. Phone: +34 948 198 000 Email: gdpr@zabala.es. ZABALA BRUSSELS SPRL, rue Belliard, 20 -4ème B-1040 Bruxelles. NIF: BE0692797754 Phone: +32 2 5138122 Email: info@zabala.eu. GBA ZABALA conseil en innovation SAS, 35 rue d’Artois F-75008 Paris. NIF: SIRET 818 995 649 00022 – Nº TVA FR45818995649. Phone: +33 01 53 53 09 27 Email: info@zabala.fr

Purpose of the treatment: sending newsletters/mail, digital or on paper, informing about offers or facts related to firms of ZABALA group, Sending communications regarding initiatives, conferences, events (national and international) and ZABALA group services as well as publications, R&D&i activities, R&D&i calls and other news from the sector. Processing requests or any type of request that is made by the user through any of the contact forms that are available. Offer the services of the ZABALA group companies. The legal basis is based on the consent to the processing of your personal data for one or several specific purposes and based on the legitimate interest between the parties.

Data preservation criteria: the legal provision that obliges to keep them for tax and accounting requirements and the necessary time for the described purposes, unless there is opposition to the treatment or data cancellation.

International transfer of data: No transfers or international transfer of data are planned, except for legal provisions.

Processor: although it is not foreseen, the providers will be able to access to the data, with whom the obligations and responsibilities assumed in the treatment of the data will be formalised, in the capacity of Processor.

Legitimation: The interested party gives the consent for the processing of his/her personal data for one or several specific purposes and based on the legitimate interest between the parties.

User rights: you have the right to withdraw the consent at any time, as well as exercise the rights of access, rectification, portability and deletion of their data and the limitation or opposition to their treatment.

Claim possibility: Right to file a claim with the control authority (agpd.es) if you consider that the treatment does not comply with current regulations. AGPD – http://www.agpd.es/ Phone. +34 901 100 099 | +34 91.266.35.17 C/Jorge Juan,6 28001-Madrid.

Contact information to exercise your rights: to exercise the rights send an email to any of the above-mentioned joint controllers. You must specify which of these rights you wish to be addressed and, in turn, it must be accompanied by a ID card photocopy or equivalent identification document. If you act by proxy, legal or voluntary, you must also provide a document proving the representation and identification document thereof. If you want to have a model for which you can: Use an official model of the Agency: See AGPD.

COMPULSORY OR OPTIONAL CHARACTER OF THE INFORMATION PROVIDED BY THE USER

The users, by marking the corresponding boxes and entering data in the fields, in the different forms of the website, freely and unequivocally accept that their data are necessary to meet their request by the provider, being voluntary the inclusion of data in the remaining fields. The user guarantees that the personal data provided to the JOINT CONTROLLERS are true and is responsible for communicating any modification thereof.

The JOINT CONTROLLERS expressly inform and warrant users that their personal data will not be transferred in any case to third parties, and that whenever they will make any kind of transfer of personal data, the prior consent of the users will be unequivocally requested.

We use DRIP, entity certified under the Privacy Shield, as a marketing automation platform. By clicking to submit a form, you understand that the information you provide will be transferred to DRIP for processing in accordance with its Privacy and Terms of Policy.

SECURITY MEASURES

In accordance with the provisions of current regulations on personal data protection, the JOINT CONTROLLERS are complying with all the provisions of the GDPR for the treatment of personal data of their responsibility, and manifestly with the principles described

in article 5 of the GDPR, for which they are treated in a lawful, loyal and transparent manner in relation to the interested party and adequate, relevant and limited to what is necessary in relation to the purposes for which they are treated.

The JOINT CONTROLLERS guarantee they have implemented appropriate technical and organizational policies to apply the security measures established by the GDPR in order to protect the rights and freedoms of the Users and have communicated the appropriate information so that they can exercise them.

For more information: gdpr@zabala.es

Communication and Legal Departments | Update: April 2019