Last updated in
1. Introduction
IPARLEX ESTUDIO JURÍDICO A.I.E. (hereinafter “IPARLEX”) is committed to protecting your privacy and ensuring the proper use of the personal data we process and that you provide to us, both online on this website and, where applicable, any of its subdomains or microsites, and offline.
Please read this policy carefully and make sure you understand and agree to it before providing us with your personal data. If you do not agree with it, please do not use this website or its services, nor provide us with your data.
By accessing this site, using any of its services, or providing us with your data, whether online or offline, we will understand this as a clear affirmative action by which you give us your consent (where necessary) to process your data for the purposes indicated below.
2. Who is responsible for processing your data?
IPARLEX ESTUDIO JURÍDICO A.I.E.
Vicente Goikoetxea Street
6, 7th floor
01008 Vitoria-Gasteiz, Araba, SPAIN
+34 945 25 63 00
3. How did we obtain your data?
a) Obtained directly from the interested party.
If you are a member, supplier, or user of our website, you have provided this information to us, either offline or online, when requesting our services or offering to provide yours, in order to maintain contact and communication with you, as well as our association relationship.
By providing us with your data, you guarantee that you are authorized to do so, and that the information is true, up-to-date, and does not infringe any contractual restrictions or third-party rights. You are responsible for keeping your data and profile correct and up-to-date, and IPARLEX declines all responsibility if you fail to do so. You agree not to impersonate other users by using their registration data for the various services and/or content of the Website.
b) Obtained automatically when visiting our website:
When you visit our website or any of our other platforms (social networks, etc.), we collect information through cookies and other web analytics and tracking technologies. This means that data is sent from your browser to our servers to optimize our services and improve your user experience. This data may be collected and stored automatically by us or by third parties on our behalf. You can consult our cookie policy.
c) Communication of the data subject’s data by a third party.
If the data subject is not the data subject themselves but a third party who provides us with their data, this data may have been communicated to us by one of the partners or legal representative of the associated company, or by the associate themselves if they are self-employed. The categories of data we process may include: identification data, personal characteristics, social, academic and professional circumstances, economic, financial and insurance information, and employment details.
If the data subject is not the data subject themselves but a third party who provides us with their data, the third party expressly guarantees that they have the data subject’s authorization for such provision, thereby releasing us from any liability in the event of any claim by the data subject. This liability rests solely and exclusively with the party who communicated the data to us on behalf of or in the interest of the data subject.
d) Communication of third-party data:
With regard to other people’s data, you must respect their privacy, taking special care when communicating or publishing their personal data. Only the data subject can authorize the processing of their personal data. Publishing third-party data without their consent may infringe not only data protection regulations but also their rights to honor, privacy, and image.
If you provide us with third-party data, it is your responsibility to obtain their prior and express consent to use it, and you are obligated to inform them of the processing we will carry out with their data. By accepting this privacy policy, you expressly guarantee that you have the authorization to provide this data, releasing us from any liability in the event of any claim by an interested party.
4. What categories of data do we process?
The categories of data we process are:
- The categories of data we process are: identification data; personal characteristics data; social circumstances data; academic and professional data; employment details data; economic, financial, and insurance data; and data related to transactions of goods and services.
- We do not process special categories of data.
The categories of data we process are:
The categories of data we process are: identification data; personal characteristics data; social circumstances data; academic and professional data; employment details data; economic, financial, and insurance data; and data related to transactions of goods and services.
We do not process special categories of data.
The data you provide us, as well as all data generated during the development of our relationship with you, may be processed for different purposes and with different legal bases.
| PURPOSE | LEGAL BASIS |
| Maintaining contact and communication, managing the contractual relationship. If you provide us with your curriculum vitae or send us your CV, contacting you and managing the selection processes we carry out. | Contractual relationship or application of pre-contractual measures at the request of the data subject (Art. 6.1. b GDPR) |
| To send potential customers, via electronic communications, information about our activities, products and/or services similar to those requested. Installation of non-technical cookies | Consent |
| To send current customers, via electronic communications, information about our activities, products and/or services similar to those requested. Installation of technical cookies. In the case of users of our website, or sender or recipient of an email: to manage those carried out online, and to contact you. | Legitimate interest |
| Providing the requested data is mandatory as it is essential to formalize and/or maintain the contractual or pre-contractual relationship and comply with the legal obligations arising from it; if you do not provide it, we will not be able to provide the service derived from said relationship. | |
| When the legal basis for processing your data is your consent, you may withdraw that consent at any time by sending an email to info@iparlex.com. This withdrawal will not affect the processing of your data for the other purposes described. If the processing of your data is based on our legitimate interest, we consider it proportionate and to have minimal impact on your privacy. However, your interests, rights, and freedoms will always prevail over our legitimate interest. Therefore, if you do not wish us to process your data for these purposes, please send an email to info@iparlex.com and we will comply. | |
5. How long will we keep your data?
We will keep your personal data until you request its deletion. Even after such a request, we may retain it for the time necessary, limiting its processing solely to comply with our legal/contractual obligations and/or for the statutory periods established for the statute of limitations on any liabilities on our part and/or for the exercise or defense of claims arising from our relationship with you.
In accordance with the above criteria, the deletion of personal data, whether from electronic or paper records, may be carried out at the organization’s discretion, based on logistical and/or storage space needs that make it advisable to delete information or documentation.
6. To whom may we disclose your data?
We inform you that the data you provide may be shared with third parties for purposes directly related to the legitimate functions of the data controller and recipient, such as:
- Banks, for managing collections and payments, and direct debit payments.
- Our payroll advisor: for managing personnel.
- The mutual insurance company and the external occupational health and safety service: in compliance with occupational health surveillance and workplace risk prevention obligations.
- Entities or bodies to which there is a legal obligation to disclose data: for example, the Tax Authorities.
- Notaries, Courts, Registries, Solicitors, Experts, etc.
- Insurance companies: for managing and insuring commercial risks/in the case of credit and surety insurance, to guarantee payment of transactions or civil liability insurance/to insure defective products in case of potential customer claims.
7. International Data Transfers
At IPARLEX, we will ensure that personal data is always processed and stored within the European Economic Area. However, in certain circumstances, we may transfer data internationally, for example, if necessary for the conclusion or performance of a contract, in the interest of the data subject, between IPARLEX and another natural or legal person; or if necessary for the performance of a contract between the data subject and IPARLEX, for example, by using service providers located outside the European Union who may have access to personal data, for the provision of services ancillary to our business (hosting, housing, SaaS, remote backups, IT support or maintenance services, email management, email sending and email marketing, file transfer, etc.) or for the implementation of pre-contractual measures taken at the request of the data subject.
These entities may differ and change over time, but we will strive to select entities that are either located in countries with a level of data protection equivalent to that of the European Union, or that have adequate safeguards to achieve that level, or that operate on the basis of one of the exceptions provided for in the GDPR.
8. SOCIAL NETWORKS AND INSTANT MESSAGING APPLICATIONS
• Use of WhatsApp Instant Messaging
If we provide you with an instant messaging app to facilitate communication with you, please use it responsibly, read its privacy policy, and configure it according to your preferences before sending information containing personal data through this medium.
Although these types of instant messaging applications can be useful in certain circumstances, we remind you that the information you publish online is accessible to many people, both known and unknown, and therefore poses a risk to your privacy and the privacy of others.
We recommend not providing personal, private, and/or intimate information through this channel, or any information you wish to keep confidential, as there are safer ways to do so. We cannot be held responsible for the operation and availability of the service, as it is not provided by us but by third parties unrelated to us.
9. What are your rights when you provide us with your data?
You may, where applicable, exercise your rights of access, rectification, erasure, restriction of processing, and objection to processing, as well as other rights, by contacting us at the postal or email address indicated at the beginning of this privacy policy. In both cases, you must submit a signed written request along with a copy of your national identity document, passport, or other valid identification. If your data changes, you must notify us at the same address. This entity declines all responsibility if you fail to do so.
- Right of access: You can ask us what personal data we are processing and even request a copy of it.
- Right to rectification: You can request that we rectify inaccurate personal data or complete incomplete data, including by providing a supplementary statement.
- Right to erasure (right to be forgotten): You can request that we erase your personal data when: it is no longer necessary for the purposes for which it was collected, you withdraw your consent, it has been unlawfully processed, or we require its erasure to comply with a legal obligation. Right to restriction of processing: You can request that we restrict the processing of your data, in which case we will only retain it for the exercise or defense of legal claims.
Right to object: You can object to the processing of your data if such processing is based on the legitimate interest of the data controller or is for advertising purposes.
Once we receive any of the above requests, we will respond within the legally established timeframes. You can file a complaint with the Spanish Data Protection Agency. For more information about the rights you can exercise and to request sample forms for exercising your rights, please visit the Spanish Data Protection Agency’s website, www.aepd.es
