1. – What is the company controller for processing your data?
The company controller of your data is HANSCAN SPAIN S.A. (hereinafter, “B-FY”), holder of Tax. I.D. number: A-84902436 with corporate domicile in Calle Casas de Miravete, 24ª, 2ª planta, 28031, Madrid, Spain.
We inform you that the ownership of this Website and the App “Biocryptology” (hereinafter, the “Platform“), belongs to B-FY.
The User may contact B-FY at the following email address: [email protected]
2. – Why is B-FY legitimized to process your data?
B-FY is entitled to process your data in order t+o carry out the provision of its services through its Platform and the integration of its services on third-party websites and applications.
B-FY takes the protection of your privacy and personal data very seriously. Therefore, your personal information is kept securely and treated with the utmost care.
In this respect, the legal basis used by B-FY for the processing of User data are:
(i) Contractual performance.
(ii) Users’ consent to the processing of their personal data for the purposes specified in each case.
(iii) Legitimate interest, where applicable.
The prospective offer of products and services to customers is based on the satisfaction of a legitimate business interest in being able to offer our customers the opportunity to purchase other products or services and thus gain their loyalty. This legitimate interest is recognised by the applicable legal regulations (GDPR), which expressly permits the processing of personal data on this legal basis for direct marketing purposes.
The legal basis for sending commercial communications to non-customer users is the consent that has been requested, which may be revoked at any time. The withdrawal of such consent shall in no case affect the execution of the contract, but the processing of data for this purpose carried out previously shall not lose its lawfulness due to the fact that the consent has been revoked.
In those cases in which it is planned to process personal data for a purpose other than that to which the User initially consented, the User will be provided with sufficient information on the new purpose to obtain his or her consent once again.
3. – What are the purposes of the processing of your personal data from B-FY?
Your personal data collected by B-FY may be used for the following purposes, according to the consent given in the corresponding registration form:
- The provision of B-FY services.
In order to provide the service requested by the User, B-FY will need to process personal data obtained from the information provided by the User to B-FY.
- The provision of B-FY services through the integration of our Services on the Website and/or APP of Member Companies.
- The sending of commercial communications and/or newsletters by B-FY:
If the User has so consented, their personal data may be used to send them commercial communications or information from B-FY by letter, telephone, e-mail, SMS/MMS, or other equivalent means of electronic communication.
By not accepting this purpose, we will not be able to inform you about our news and events.
4. – Truthfulness of the data provided by the Users and minor’s data
The User guarantees the Truthfulness of the personal data supplied and undertakes to communicate to B-FY any changes in said data. The User shall be responsible, in any event, for the veracity of the data supplied, and B-FY reserves the right to exclude from the services any Users who has provided false data, without prejudice to any other legal action that may be taken.
B-FY may process data of minors. In such cases, a distinction is made:
1. If you are a minor under 14 years of age: the processing of your data will only be lawful in cases where the consent of the parents or guardian of the minor is on record.
2. If you are over 14 years of age: the processing of your data will be based on the consent you may have given yourself.
In either case, B-FY will obtain the corresponding consent in a timely manner.
If we detect that personal data of children under the age of 14 has been collected without the consent of the parents or guardian of the child, we will take appropriate measures in accordance with the applicable regulations to delete and/or block access to such data.
At B-FY we strive to create a safe and trustworthy space for our Users and we are committed to complying with the following privacy principles in the processing of their data:
- We do not request personal information unless it is necessary to provide you with our Services.
- We do not share personal information about our Users with any third party, except in strict compliance with the law, for the strict provision of B-FY Services or if we have the express authorisation of the User.
5. – Data preservation
The personal data provided will be kept by B-FY as long as the User does not express their wish to unsubscribe from the Services, for the purpose of receiving information about B-FY products.
Subsequently, if necessary, B-FY will keep the information blocked for the legally established periods.
6. – Recipients.
Users’ personal data may, where appropriate, be communicated to the following entities:
- To the financial entities through which the management of collections and payments is articulated.
- To the competent public administrations, in the cases provided for in the Law and for the purposes defined therein.
The list of service providers currently available to B-FY and relevant to this section is set out below:
1. Email and mobile text messaging (SMS) providers.
A. MAILJET EMAILING, S.L.
C/ SERRANO, 90 6ª PLANTA – 28006 MADRID
Messente Communications OÜ
Reg. code: 12418041
VAT code: EE101613370
Address: Akadeemia 3
51003 Tartu, Estonia
2. Cloud Service Providers
C. AMAZON WEB SERVICES
AMAZON WEB SERVICES EMEA SARL
38 AVENUE JOHN F. KENNEDY, L-1855 LUXEMBOURG
R.C.S. LUXEMBURGO: B186284
D. AMAZON WEB SERVICES EMEA SARL, SUCURSAL EN ESPAÑA
CALLE RAMIREZ DE PRADO, 5, 28045 MADRID, SPAIN
REGISTRO MERCANTIL DE MADRID • TOMO 36.807, FOLIO 1, HOJA M659089 • CIF ES W0185696B
Apart from the aforementioned cases, B-FY will only transfer your data in the event of legal obligation and in no case will your personal data be shared with third parties without obtaining your prior consent, unless the transfer of your data is necessary for the maintenance of the Service with the User, as well as in the cases provided for in the data protection regulations in force at any given time.
7. – International data transfers.
Not carried out.
8. – Automated decisions.
We will not create a “marketing profile” based on the information provided. No automated decisions will be made on the basis of such a profile.
9. – Data source:
We inform you that we only collect data from you and do not obtain it from other sources.
10 .- Job applicant data
B-FY does not accept applications from the contact form on the website. Any CV that arrives via this medium will be immediately deleted, and the user will be informed of this in an e-mail reply.
In order to assess the suitability of the candidate in a selection process, the personal data that may be collected from applicants who send a job application to a published offer will be, or may be, the following: name, age and date of birth, gender, photograph, marital status, email, telephone number, training, professional background, nationality, place of birth, start date or date of availability, social network profile.
There will be no transfer of this data, B-FY is solely responsible for it.
There will be no international transfer of this data.
This data will always be provided voluntarily by the candidate in question through the medium in which the job offer has been published, thus showing their consent to the processing of their data.
We inform you that, once the selection process has been completed, unsuccessful candidates’ CVs will be deleted from our system.
Candidates may exercise their rights, as specified in clause 11 of this document.
11. – User’s rights in relation to their data.
Any person has the right to obtain confirmation as to whether B-FY is processing personal data concerning him/her, and to the following information: the purposes of the processing; the categories of data being processed; the recipients or categories of recipients to whom the data have been or will be disclosed; if possible, the intended period of storage of the personal data or, if this is not possible, the criteria used to determine this period.
Consequently, the User has the right to:
(i) Access to personal data.
(ii) Request the rectification of inaccurate data.
(iii) Request its deletion.
(iv) Request the limitation of the processing of their data.
(v) Oppose the processing of their data.
(vi) Request their portability.
(vii) Not to be subject to automated individual decisions.
Users may exercise all these rights at the following email address: [email protected], indicating the reason for their request and providing a copy of their National Identity Card.
HANSCAN SPAIN S.A.
Calle Casas de Miravete, 24ª, 2ª planta, 28031, Madrid, Spain.
Exercise of rights: The exercise of rights must be made in writing, indicating the reason for your request and enclosing a photocopy of your identification document, by sending it to the e-mail address [email protected].
Right of complaint before the Control Authority: In the event that your rights have not been respected, you may submit a complaint in writing to the Spanish Data Protection Agency at Calle Jorge Juan, 6, 28001-Madrid or use the electronic site: https://sedeagpd.gob.es. In both cases, you must attach the relevant documentation.
You can also find information in the Citizen’s Guide published by the Spanish Data Protection Agency through the following link:
12. – Data security
The protection of the privacy and personal data of Users is very important to B-FY. Therefore, B-FY does everything in its power to prevent your data from being used inappropriately, allowing access to it only to authorised personnel.
B-FY maintains security levels of personal data protection in accordance with applicable regulations and has established all the technical means at its disposal to prevent the loss, misuse, alteration, unauthorised access and theft of the data provided by the User through the Website and the App, without prejudice to informing you that security measures on the Internet are not impregnable.
B-FY undertakes to comply with the duty of secrecy and confidentiality with respect to personal data in accordance with applicable legislation, as well as to treat them securely in international data transfers and assignments that, where appropriate, may occur.
In those services of the Website and the App that require registration as a User, a password must be chosen. The User is responsible for maintaining the confidentiality of this password, as well as for all activities that occur in the session initiated with their name and password.
The User undertakes to notify B-FY as soon as possible of any unauthorised use of his/her User name and/or password or any other breach of security. B-FY shall not be liable for any damage or loss that may arise due to the User’s failure to comply with this obligation
14.- Links to websites
The conditions offered by these websites may not be the same as those offered by B-FY.
16.- Acceptance and Consent.
B-FY reserves the right to translate this document or any other policy that may be published on the Platform into other languages. The spanish version shall prevail in case of conflict with other translations.