content equivalent to EUROPE
Privacy policy
Introduction
This Privacy Policy has been developed in accordance with the provisions of Organic Law 3/2018 of December 5, on the Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD), as well as Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter, the GDPR).
The purpose of this Privacy Policy is to inform data subjects, whose personal information is being collected, about specific aspects related to the processing of their data, including but not limited to: the purposes of the processing, the contact details for exercising their rights, the data retention periods, and the security measures applied.
Data controller
For the purposes of data protection, OPEN INTELLIGENCE LLC shall be considered the Data Controller with respect to the data processing activities identified in this policy, specifically in the section titled Data Processing.
Below are the identification details of the owner of this website:
Data Controller: OPEN INTELLIGENCE LLC
Postal Address: United States 13019 Mar Street, Coral Gables, FL 33156.
Email Address: [email protected]
Data Processing
The personal data requested, where applicable, will consist only of the information strictly necessary to identify and respond to the request made by the data subject (hereinafter, the “data subject”). Furthermore, personal data will be collected for specific, explicit, and legitimate purposes, and will not be further processed in a manner incompatible with those purposes.
The data collected from each data subject will be adequate, relevant, and not excessive in relation to the purposes for which they are processed in each case, and will be kept up to date whenever necessary.
Before their data is collected, data subjects will be informed of the general terms set out in this policy so that they may give their express, specific, and unequivocal consent to the processing of their data, in accordance with the following aspects.
Purpose of Processing
The specific purposes for which each data processing activity is carried out are detailed in the information clauses provided in each data collection channel (web forms, paper forms, voice recordings, posters, and information notices).
Nevertheless, the personal data of the data subject will be processed solely for the purpose of providing an effective response and addressing the requests made by the user, as specified in relation to the option, service, form, or data collection system used by the data subject.
Legal Basis
As a general rule, prior to processing personal data, the Data Controller obtains the data subject’s express and unequivocal consent through the inclusion of informed consent clauses in the various data collection systems.
However, in cases where the data subject’s consent is not required, the legal basis for the processing relied upon by the Data Controller will be the existence of a specific law or regulation that authorizes or requires the processing of the data subject’s personal information.
Recipients
The Data Controller may disclose personal data to third parties when there is a legal obligation to do so or when it is necessary for the performance of the contracted service, provided that such disclosure is required for the delivery of the service and is limited strictly to that purpose. Nevertheless, if such disclosures or transfers of data are necessary, they will be communicated to the data subject through informed consent clauses included in the various channels used to collect personal data.
Subcontracting
In order to fulfill certain services, the Data Controller may subcontract part or all of the activities involved in the service contracted by the data subject. However, if any processing activities need to be subcontracted, the data subject will be informed in advance and in writing, specifying the processing activities to be subcontracted and clearly and unequivocally identifying the subcontracted companies along with their contact details. During this process, the data subject may object to such subcontracting within the legally established timeframes.
Additionally, the subcontracted companies will be equally bound to comply with the obligations and instructions set forth in the service provision and confidentiality agreements related to the processing of the data subject’s personal information.
Furthermore, the Data Controller shall provide the data subject, upon request, with a list of the third parties contracted. Based on this information, the data subject may raise objections to the involvement of any such third party if there is a valid reason. In such cases, both parties must engage in negotiations to reach a viable solution. However, this may result in the Data Controller being unable to provide the requested service.
International Data Transfers
The Data Controller, in order to provide its services, uses hosting servers located outside the European Union, specifically Amazon Web Services (AWS) servers located in the United States. For the transfer, processing, and storage of data, data processing protocols compliant with the General Data Protection Regulation (GDPR) are followed, and the Controller subscribes to the European Commission’s standard contractual clauses, providing sufficient guarantees to implement appropriate technical and organizational measures. The Data Controller only discloses the data strictly necessary to manage the data subject’s request and provide the contracted services.
By contracting the Data Controller’s services and accepting the terms of use, the data subject authorizes and consents that such data, for technical and operational reasons, may be transferred, processed, and stored by this third party, expressly consenting to the transfer or disclosure of the data. If the data subject withdraws their consent, the Data Controller may be unable to continue providing the contracted services.
Source of Data
As a general rule, personal data is collected directly from the data subject. However, in certain exceptions, data may be collected through third parties, entities, or services other than the data subject. In such cases, this will be communicated to the data subject through informed consent clauses included in the various data collection channels, within a reasonable timeframe after the data is obtained, and no later than one month.
Retention Periods
The information collected from the data subject will be retained only as long as necessary to fulfill the purpose for which the personal data was collected. Once this purpose has been fulfilled, the data will be deleted. Such deletion will result in the data being blocked, and it will be kept solely available to public authorities, judges, and courts to address any potential liabilities arising from the processing, during the applicable statute of limitations period. After this period has expired, the information will be destroyed.
For informational purposes, the following are the legal retention periods related to various matters:
| Document | Term | Legal |
|---|---|---|
|
Employment-related or social security documentation |
4 years |
Article 21 of Royal Legislative Decree 5/2000, of August 4, approving the revised text of the Law on Offences and Sanctions in the Social Order |
|
Accounting and tax documentation for commercial purposes |
6 years |
Article 30 of the Commercial Code |
|
Accounting and tax documentation for tax purposes |
4 years |
Articles 66 to 70 of the General Tax Law |
Browsing Data
Regarding browsing data that may be processed through the website, if any data subject to regulations is collected, it is recommended to consult the Cookie Policy published on our website.
Data Subject Rights
Data protection regulations grant a series of rights to data subjects or data owners, such as website users or users of the social media profiles managed by the Data Controller.
These rights granted to the data subjects are as follows:
- Right of Access: the right to obtain information about whether your personal data is being processed, the purpose of such processing, the categories of data involved, the recipients or categories of recipients, the retention period, and the origin of the data.
- Right to Rectification: the right to obtain the correction of inaccurate or incomplete personal data.
- Right to Erasure: the right to have your data deleted in the following cases:
- When the data is no longer necessary for the purposes for which it was collected.
- When the data subject withdraws consent.
- When the data subject objects to the processing.
- When the data must be deleted in order to comply with a legal obligation.
- When the data has been obtained in connection with the offer of information society services as per Article 8(1) of the European General Data Protection Regulation (GDPR).
- Right to Object: the right to object to certain processing based on the data subject’s consent.
- Right to Restriction of Processing: the right to obtain the restriction of data processing under the following circumstances:
- When the data subject contests the accuracy of the personal data, for a period enabling the entity to verify its accuracy.
- When the processing is unlawful and the data subject opposes the erasure of the data.
- When the controller no longer needs the data for the original purposes, but the data subject requires it for the establishment, exercise, or defense of legal claims.
- When the data subject has objected to processing pending verification of whether the controller’s legitimate grounds override those of the data subject.
- Right to Data Portability: the right to receive the data in a structured, commonly used, and machine-readable format, and to transmit it to another data controller when:
- The processing is based on consent.
- The processing is carried out by automated means.
- Right to Lodge a Complaint with the Relevant Supervisory Authority.
Data subjects may exercise the aforementioned rights by contacting the Data Controller via written communication sent to the following address: [email protected] with the subject line indicating the specific right being exercised.
The Data Controller will respond to your request as promptly as possible, taking into account the deadlines established by data protection regulations.
Security
The security measures implemented by the Data Controller are those required in accordance with Article 32 of the GDPR. In this regard, the Data Controller has established appropriate technical and organizational measures, considering the state of the art, the implementation costs, and the nature, scope, context, and purposes of the processing, as well as the varying likelihood and severity of risks to the rights and freedoms of natural persons, to ensure an appropriate level of security.
In any case, the Data Controller has implemented adequate mechanisms to:
- Ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and services.
- Restore the availability and access to personal data promptly in the event of a physical or technical incident.
- Regularly test, assess, and evaluate the effectiveness of technical and organizational measures to ensure processing security.
Where appropriate, pseudonymize and encrypt personal data.
previous to GDPR
Privacy Policy
Introduction
At Open Intelligence, we respect your privacy and are committed to protecting your personal data. This Privacy Policy applies to www.openintl.com and describes how we collect, use, and store your personal information and other information you provide on our website and related sites on social media. It also describes the choices available to you regarding our use of your personal information and how you can access and update this information.
If you have questions or concerns regarding this statement, please contact [email protected]. If contacting us does not resolve your complaint, you may raise your complaint to [email protected].
Information We Collect
Through your interaction with and use of the site, Open may collect personal information, which is information that identifies or relates to an identifiable individual. This may include your name, physical address, telephone number, and email information. We also collect Other Information that does not reveal your specific identity, such as browser and device information, company information, and interaction data. You can opt out of providing Additional Information by not entering it when asked. Statistical or aggregated information does not directly identify a specific person but may be derived from personal information.
How We Use Your Information
Open does not distribute or share any customer personal information unless required by applicable law or necessary to protect our rights and comply with judicial proceedings. We use the information to contact customers and prospects, improve our services, and send information about promotions and events regarding Open or our partners. You can opt out of these communications by following the instructions at the bottom of each communication or by emailing [email protected].
Legal Basis for Processing
We process your data based on your explicit consent, which can be withdrawn at any time. Our processing also relies on legitimate interests for service improvement and marketing.
Data Sharing and Transfers
Open has referral relationships with third-party companies and individuals (“referral partners”) who refer their customers to Open. Open and a referral partner may share customer contact information and other information. Other third parties, such as content providers, may provide information on our website but are not permitted to collect any information, nor does Open share personally identifiable user information with these parties. We use a third-party platform host for forms on our site; they do not have access to the personal information submitted on our site. We reserve the right to disclose your information as required by law and when necessary to protect our rights or comply with legal processes. If Open is involved in a merger, acquisition, or sale of assets, you will be notified via email and/or a prominent notice on our website.
Your personal data may be transferred outside the European Economic Area (EEA). In such cases, we implement appropriate security measures, such as standard contractual clauses, to protect your data during these transfers.
Data Retention
We retain your personal data for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required by law.
Your Rights
You have the right to access, rectify, delete, and restrict the processing of your personal data. To exercise these rights, please contact us at [email protected]. You may ask Open to correct, update, discontinue the use of, or delete your information by emailing our customer support department at [email protected]. We will respond to your request within 30 labor days. We retain your information as long as your account is active or as needed to provide services, comply with legal obligations, resolve disputes, and enforce agreements.
Security Measures
The security of your Personal Information is very important to Open. We use physical, electronic, and administrative safeguards to protect your personal information from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Open uses standard security protocols and mechanisms to protect the information we collect. If your personal information is acquired or reasonably believed to have been acquired by an unauthorized person, and applicable law requires notification, Open will notify you promptly.
Tracking Technologies and Cookies
Technologies such as cookies, beacons, tags, and scripts are used by Open and our providers (e.g., Google, LinkedIn, Twitter, Facebook), affiliates, or analytics/service providers (e.g., Google Analytics). These technologies are used to analyze trends, administer the site, track users’ movements, and gather demographic information. We may receive reports from these companies on an individual and aggregated basis.
Behavioral Advertising
We partner with a third party to display advertising on our site or manage our advertising on other sites. Our third-party partner may use cookies to gather information about your activities on this site and other sites to provide you advertising based on your interests. To opt-out, email [email protected].
Third-Party Links
Our website and online applications may contain links to other sites. Open is not responsible for the privacy practices or content of these sites. Customers and visitors must check the privacy policies of these other sites.
Customer Testimonials
We post customer testimonials/comments/reviews on our site, which may contain personal information. We obtain the customer’s consent before posting their name with their testimonial. To update or delete your testimonial, contact us at [email protected].
Changes to This Privacy Policy
If we change our privacy policy, we will post those changes to this statement, the home page, and other places we deem appropriate. We reserve the right to modify this privacy statement at any time. If we make material changes, we will notify you by email or by means of a notice on our home page.
Contact Information
For questions, concerns, or suggestions related to our Privacy Policy or practices:
Open Intelligence, USA:
13019 Mar Street, Coral Gables, FL 33156
Telephone: +1 305 265 0310
[email protected]
