In compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter “GDPR“); and with Organic Law 3/2018, of 5 December, on the Protection of Personal Data and guarantee of digital rights, LEDA CONSULTING S.L. (hereinafter, “LEDA“) informs users of the website that all personal data collected through it will be treated at all times in accordance with the principles of legality, loyalty, transparency, proportionality, data minimisation, purpose limitation, limitation of the period of conservation, confidentiality, integrity and accuracy established by the RGPD.
Identity of the person in charge/ Owner of the Website: Leda Consulting S.L.
Commercial Name: LedaMC
VAT ID: B- 83453829
Address: C/Basílica 19. 1-A. 28020 Madrid Spain
Contact Information: firstname.lastname@example.org o (+34) 91 7000 373
Activity: Providing technological consultancy services.
Registration Data: Registro Mercantil de Madrid, tomo 18419, folio 81, secciónª, hoja M-319685, and is currently in force.
When browsing our website, you are not obliged to provide any personal data. However, LEDA may process your personal data in two specific situations:
ii) When you provide LEDA with personal data in any of our forms or through any of our e-mail addresses for the fulfilment of one or more of the purposes informed in this policy, as well as in the basic information clauses that you can find at the bottom of our forms.
On the Web you will find contact forms and e-mails through which you will be able to request different services from LEDA or ask us any questions you consider appropriate. In order to be able to provide the service requested or answer the questions raised, LEDA will process the data you provide us with the following purposes and bases of legitimisation:
|Registration Form||Processing purpose(s)||Legal basis for legitimation|
|Contact||Manage and respond to your contact request and any questions you may have.||Consent of the data subject (Art.6.1.a) of the General Data Protection Regulation).|
|Content Subscription||Manage the subscription list, send newsletters, promotions and special offers.||Consent of the data subject (Art.6.1.a) of the General Data Protection Regulation).|
|Software development estimates||Manage your access to the individual estimation and measurement services offered by LEDA (Testware Estimation, Review, Negotiation, Comparison with the market), manage the contractual relationship and contracting of the services (including the sending of information intrinsically related to the service) and the management of incidents, suggestions, queries or complaints.||Application of pre-contractual measures at the request of the data subject (Art.6.1.b) of the General Data Protection Regulation).|
Without prejudice to the foregoing, LEDA may also process your personal data to send you commercial information about products and services similar to those you have contracted. The legitimate basis that enables us to carry out this processing is our legitimate interest, covered by the provisions of Article 21.2 of Law 34/2002, on Information Society Services and Electronic Commerce in the wording given by the second Final Provision of the General Telecommunications Law, i.e. when there is a prior contractual relationship.
On the other hand, when managing its profiles on social networks, LEDA will process the personal data of the users who interact with LEDA in order to correctly manage their presence on the social network, inform you of our activities, as well as for any other purpose that the regulations of the social networks allow. Under no circumstances will LedaMC use the profiles of followers on social networks to send advertising on an individual basis.
The user will be responsible, in any case, for the veracity of the data provided, and LEDA reserves the right to exclude from the registered services any user who has provided false data, without prejudice to any other actions that may be applicable by law. In the event that the user provides LEDA with personal data belonging to third parties, he/she must be duly authorized to do so, and must expressly inform the owners of said data of the rights and/or obligations contained herein, acknowledging the truthfulness, accuracy, validity, updating and authenticity of said data.
The user undertakes to inform LEDA of any modification of his/her data that may be necessary for the correct provision of the contracted service.
In accordance with the principle of limitation of the retention period established by the RGPD, we guarantee that any personal data processed by LEDA will be retained solely and exclusively for the time necessary to fulfil the purpose for which they were collected. After this time, they will be duly blocked for the purposes of determining any possible liabilities that may arise from this purpose and from the processing of the data until your consent is revoked or you exercise any of the rights established in the data protection regulations in force. Personal data will not be further processed in a manner incompatible with these purposes.
In particular, data for requests for software development estimates and files received are only stored in our system for the period of validity stated in the quotation sent. In case of refusal of the quotation or after the expiry date specified in the quotation, we will delete the information from our system.
In case the quotation is accepted, the data of the file(s) will be anonymised and integrated into our database in order to be able to make the requested software development estimates according to the accepted contract.
At any time, you may exercise a number of rights with respect to the processing of your data. These rights are inherent to each person and, therefore, cannot be waived.
The following is a description of each of these rights and an explanation of what each one consists of:
- Access rights: The right of access is your right to know whether or not your personal data is being processed and, if it is being processed, to obtain a copy of your personal data that is the subject of the processing.
- Rectification rights: Exercising this right means that you will be able to obtain the rectification of your personal data that is inaccurate.
In your request you should indicate which data you are referring to and the correction to be made. In addition, where necessary, your request must be accompanied by documentation justifying the inaccuracy or incompleteness of your data.
- Right to object: This right means that you may object to the controller processing your personal data when the legal basis that enables LEDA to process it, as indicated in section 3, is legitimate interest.
LEDA will stop processing the data unless it can demonstrate compelling reasons that override the interests, rights and freedoms of the data subject, or for the formulation, exercise or defence of claims.
- Right to removal (“to be deleted”): You may exercise the right to the deletion or removal of your personal data when, among other reasons provided for in the GDPR, the data are no longer necessary for the purposes for which they were collected.
- Right to restriction of processing: This right consists of obtaining the limitation of the processing of your personal data under the conditions established by law.
The interested parties may request, in certain circumstances, the limitation of the processing of their data, in which case they will only be kept for the exercise or defence of claims.
- Transferability right: Where personal data are processed by automated means and the basis for the processing is the performance of a contract or your consent, the data subject may copy or transfer his or her data from our database to another database.
You will receive them in a structured, commonly used, machine-readable and interoperable format and may transmit them to another controller, provided that the processing is legitimate on the basis of consent or within the framework of the performance of a contract.
- Right not to be subject to automated decisions, including profiling: This right allows you not to be subject to a decision based solely on automated processing, including profiling, which produces (such decisions) legal effects or similarly affects you. Unless such a decision is necessary for the conclusion or performance of a contract, is authorised by law or is based on consent.
You may exercise your rights of access, rectification, removal, portability, limitation and opposition to processing, as well as the right not to be subject to decisions based solely on the automated processing of your data, where appropriate, by sending a written communication to the registered office of Leda Consulting S.L. (Calle de la Basílica 19, 1-A – 28020 Madrid – Spain) or to the e-mail address provided for this purpose, email@example.com.
In both cases you must attach a copy of your ID card, passport or equivalent document that identifies you, indicating the reason for exercising your right.
LEDA will respond to your request within a maximum period of one month from receipt of the request. This period may be extended by two months if necessary, taking into account the complexity and number of requests.
For more information about your rights you can visit the website of the Spanish Data Protection Agency (https://www.aepd.es/reglamento/derechos/index.html ). In the event that you do not agree with the way in which your information is used or with our response to the exercise of any of these rights, you have the right to file a complaint or claim with the Spanish Data Protection Agency (www.agpd.es) located at C/ Jorge Juan, 6 – 28001 Madrid. Telephone numbers: 901 100 099 / 91 266 35 17
The data will not be transferred to third parties unless you have expressly given your consent to do so or it is legally required in compliance with any applicable regulations.
Having established the above, in order to be able to manage its web pages and the personal data of its users, LEDA will have the collaboration of trusted service providers who may have access to your personal data and who will be processed on behalf of LEDA.
LEDA formalises with its service providers the corresponding data processing contract by means of which the obligations and technical and organisational measures necessary to guarantee an adequate level of information security of your personal data will be imposed, as well as the signing of confidentiality clauses for the processing of said data.
EDA will only provide the minimum information necessary to provide the service.
International data transfers involve a flow of personal data from Spanish territory to recipients established in countries outside the European Economic Area (the countries of the European Union plus Liechtenstein, Iceland and Norway).
In general, LEDA does not carry out international data transfers in the course of its processing activities. However, we do use the email marketing services of Mailchimp, a service of the US company The Rocket Science Group LLC, to send subscription content. Further information can be found at: https://mailchimp.com
Children and young people under the age of 18 are advised that they need the permission of their parents or guardians to use and provide personal data on the LedaMC website.
Personal data shall be treated as confidential by LEDA, which shall ensure that the persons authorised to process the data have undertaken to respect the necessary confidentiality obligations.
LEDA undertakes to process your data in accordance with the provisions of the applicable regulations and to apply the appropriate technical and organisational measures to guarantee a level of security appropriate to the risk. In particular, LEDA has adopted the necessary measures to prevent the alteration, loss, processing or unauthorised access to personal data, in accordance with the state of technology, the nature of the data stored and the risks to which they are exposed, whether from human action or the physical or natural environment. Notwithstanding the foregoing, the User must be aware that Internet security measures are not invulnerable.
Pages on this website may include embedded content (e.g. videos, images, articles, etc.) or links to third party sites (e.g. to our social media profiles). Embedded content from other websites behaves in exactly the same way as if you had visited the other website.
Last updated on: [29/09/2020]