Original language: English. | Leer versión en Español or translate to another language using Google Translate
We are a company established under the laws of Wyoming (USA) and we strictly comply with all the requirements of the European GDPR and the EU-U.S. Privacy Protection Framework. (EU-U.S. Privacy Shield Framework).
GPRD - EU-U.S. Privacy Shield Framework Compliance badge
Below we offer you all the information on the General Data Protection Regulation, its application and detailed requirements.
The EU General Data Protection Regulation is enforced for European companies but also requires companies outside the European Union to protect personal data.
GDPR is a European Union data privacy law that requires organizations to keep data secure, while giving people more control over how their data is used.
This is the compliance checklist that applies to all businesses and US businesses:
Legal basis and transparency
Audit
We conduct an information audit to determine what information we process and who has access to it.
Justification
We have a legal justification for data processing activities.
Information
We provide clear information about the processing of your data and the legal justification in the privacy policy.
Transfer
We comply with cross-border transfer laws
Data safety
Data protection/p>
We consider data protection at all times, from the development phase to every time we process data.
Encryption
We encrypt, pseudonymize, or anonymize personal data whenever possible.
Internal security
We have created an internal security policy for team members and have raised awareness about data protection.
Evaluation
We have defined when to conduct a data protection impact assessment and have a process in place for conducting it.
Procesos
We have a process for notifying you in the event of a data breach.
Responsibility and governance
Responsible
We designate one person to be responsible for ensuring GDPR compliance across the organization and with EU member states.
Agreements
We enter into a data processing agreement between our organization and any third party that processes personal data on our behalf.
Privacy rights
Correct
It's easy for our users to correct or update inaccurate or incomplete information.
Delete
It's easy for our users to request that their personal data be deleted.
Cancel
It's easy for our users to ask you to stop processing their data.
Copy
It is easy for our users to receive a copy of their personal data.
Opposition
It's easy for our users to object to their data being processed.
Procedures
If we make decisions about people based on automated processes, we have a procedure in place to protect your rights.
We are a global business. We may transfer your data to countries other than your own country. As Controller or person in charge of the treatment, we promise to respect and comply with the obligations that arise from the Data Protection Laws.
The User or Client authorizes and accepts that we can enter a directory or computer file, for internal use and to facilitate the provision of services.
The User consents to the processing of their data in the terms indicated in this document by accepting this Privacy Policy when registering as a User or Client, when contacting us by any of the means of contact provided (including the portal, chat, blog, social networks, contact forms, request for access to the demo, support form and customer support center among others.
The User must refrain from providing personal data of other interested parties, unless they have the relevant authorization, according to which said interested parties will have been previously and duly informed about the content of this Privacy Policy and, specifically, that they consent to your data is provided to us to be treated according to the corresponding purposes, as well as that you can exercise the rights of access, rectification, cancellation and opposition (hereinafter, jointly called ARCO) in the terms described in this same Policy.
Information that you provide us with. It is the information that you provide us by filling in forms on our website and within the Gespet platform, sending us an email or a support ticket, writing or speaking to us by email, blog, chat, telephone, social networks or any other.
We do NOT handle sensitive information about you (banking, economic, health, loans, etc.), the only User information that we collect and store is the basic data that identifies you in order to contact you: p>
Contact person's name
Contact person's email
Contact person's secondary email
And the data for the configuration of your account:
Business name
Business Country
Additionally, in the case of support, we may need additional information such as the type of device, browser version or similar information.
The data is provided by the user himself and it is the User who expressly authorizes receiving communications from us.
We are absolutely against the practice of spamming. We will only use these contact details to send the user, by email, information related to the contracted service, improvements that are being implemented in the software, keep them informed about the news that they consider may be of interest to them or send them any important notification (next renewal/ expiration of the service, changes in the legal conditions, or similar).
Information we collect. Through the Website and Platform, we collect information that your web browser makes available to us. This includes technical information, such as your IP address, browser type, Internet service provider, referring/exit pages, and date/time. As you navigate our site, we collect information about the individual web pages or services you visit and information about how you interact with our site. You can consult the Cookies section to obtain all the information in detail.
The reasons for processing your personal information depend on your relationship with us:
For visitors of the website/platform: We process your information using cookies for analytics purposes on the basis of your consent.
We process all customer information for marketing purposes on the basis of your consent, which we collect when you register with us. You can opt out of receiving future marketing emails from us by following the opt-out link in the marketing emails we send you, or by contacting us at any time.
For suppliers: We process your information to perform the contract between us, including when we take pre-contractual steps. We process your information because we have a legitimate interest in using it to run our business efficiently and we also keep certain supplier records because we are legally required to do so.
For employees: We process your information because we have a legitimate interest in processing your information to administer the relationship between them and us. We also keep certain records because we are required by law to do so.
For all other third parties, we have a legitimate interest in processing your information to run our business. We may also send you marketing communications if you have opted-in, in which case we process your information on the basis of your consent.
Your personal information is not shared with anyone, unless a Law or a community norm provides otherwise, or if it is necessary for the provision of the contracted service.
In this case, we will only communicate those essential data to manage the request of the Users and provide the contracted services, so that the assignment responds to the free and legitimate acceptance of a legal relationship existing between the interested parties and us, whose development, compliance and control necessarily imply the connection of the data and that includes the necessary transmission of the same.
In the event that a User leaves a comment or interacts socially with social networks, they must bear in mind that their data will be published in the environment in which they act, that is, they will be expressly authorizing the communication of their data -associated with the action they carry out. - to other Users who access the website or social network.
If necessary, we may share certain of your information with the following people or groups of people:
Subcontracted service providers. Our service providers (including IT providers) may have access to your information as part of their service to us. Our service providers are subject to strict contractual obligations to treat your personal information confidentially and to comply with data protection law at all times.
We may transfer personal information outside of the European Economic Area (EEA) to the following service providers. For each recipient, we have identified the legal protections in place to ensure that your information is protected:
Freshworks (USA). EU-US Privacy Shield Framework. USA
Linode LLC. (USES). EU-US Privacy Shield Framework. USA
Google LLC. (USES). EU-US Privacy Shield Framework. USA
Sentry RT of FUNCTIONAL SOFTWARE, INC. (USES). EU-US Privacy Shield Framework. USA
Mailgun (USA). EU-US Privacy Shield Framework. USA
Stripe (Ireland, EU). EU-US Privacy Shield Framework. USA and European Data Protection Authorities.
PayPal (USA - EU) EU-US Privacy Shield Framework. USA and European Data Protection Authorities.
Government bodies and courts. If we have a legal obligation to do so, we will share your information with government agencies, regulators and/or courts.
Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. If a change occurs to our business, the new owners may use your personal data in the same way as set out in this privacy policy.
The User who uses or contracts the service (User, Client or Contracting person), or, where appropriate, the third entity that decides on the purpose, content, use and treatment of personal data, are the solely responsible for the data that is collected and stored in the platform and/or on the servers. We treat the information hosted on its account and/or servers exclusively on behalf of the Contracting person under the terms and conditions stipulated herein.
The Contracting person, or the third party to which it is providing a service processing data for which it is responsible, state that they are the owners of files that contain legally collected personal data and that, by virtue of the services contracted to Gespet, authorizes their treatment and processing to the extent necessary for their provision.
Gespet only provides the technical infrastructure, circumscribing its responsibility to the security measures provided in relation to these functions.
The User assumes all responsibilities for the data collected and hosted in the platform and/or servers, and Gespet is expressly exonerated from all types of civil, criminal or any other type of liability that may arise from claims in relation to the contents that the User store or use.
The User or Contracting person of Gespet as Data Controller is responsible to Gespet as Processor, and undertakes to indemnify him, for all damages, interests and claims in which Gespet could be affected by a lawsuit or claim from a third party. , filed as a consequence of a breach by the User or Gespet Client of the obligations arising from this contract and in general, given the condition of Gespet's intermediary or processor, of any other that is not a direct consequence of a breach by Gespet of its legal or contractual commitments.
The User is responsible for the data and must carry out the actions required by law for the processing and registration of data files in the relevant bodies. If the User fails to comply with the regulations, he will be responsible and will assume any sanction that is imposed as a consequence of this lack of legitimacy.
Gespet will be exclusively the Processor or person in charge of the treatment and will limit itself to processing the data on behalf of the person responsible for the file in compliance with the provisions of this agreement and will take care of its destruction once the contracted service has finished as stipulated in the conditions expressed in the present agreement.
In those cases in which Gespet could have access to the data, it undertakes not to apply, use, or disclose the data processed for purposes other than those detailed in these legal conditions. Gespet, in its capacity as Processor, will only process the data contained in its platform and/or servers to execute the contracted services on behalf of the User or Contracting person in accordance with the instructions indicated and, in no case, will it use them for purposes other than those agreed.
Gespet will not communicate or allow access to the processed data to any third party, not even for its conservation, unless the contrary has been established, or the communication is necessary for the provision of the contracted services or the assignment is imposed by a regulation. with force of Law. In this sense, the contracting person expressly authorizes Gespet, when contracting any of its services, to subcontract in its name and on its behalf as many entities as necessary for the correct provision of the services.
The subcontracted entities will have the status of data processor, will be subject to the same data protection and confidentiality rules as Gespet and will regulate their relationship with Gespet in accordance with data protection regulations.
Complying with current legislation, we guarantee the integrity, conservation, accessibility, legibility, traceability and inalterability of the records.
In the event that the Contracting person acts as the person in charge of the treatment of a third entity responsible for the data, he must guarantee, before contracting any service that involves the treatment of said data, that he has the express authorization of this to proceed with the subcontracting of the services entrusted to it, it also ensures that the relationship with the third party entity responsible for the data is legally regulated in accordance with the requirements of current regulations on data protection prior to the service contracting. Otherwise, you must refrain from subcontracting with Gespet and if you breach this prohibition you will be responsible and will assume any sanction that is imposed on it as a result of this lack of legitimacy.
If you have expressly requested it, we will occasionally send you information about our services, updates or service-related content that we think you may be interested in. You have the right at any time to stop us from contacting you for marketing purposes. If you no longer want us to contact you for marketing purposes, you can click on the option enabled for this purpose in all emails or by clicking here
We want to make sure you know all your data protection rights:
The right of access: you have the right to request copies of the personal data we store about you from our company.
The right to rectification: you have the right, in certain circumstances, to have your information rectified, blocked, deleted or destroyed if it is inaccurate.
The right to erasure: You have the right to request that our company erase your personal data, under certain conditions.
The right to restrict processing: You have the right to request that our company restrict the processing of your personal data, under certain conditions.
The right to object to processing: You have the right to object to the processing of your personal data by our Company, under certain conditions.
The right to data portability: You have the right to request that our company transfer the data we have collected about you to you, under certain conditions.
If you make a request, we have a month to respond. If you wish to exercise any of these rights, please contact us via email.
We use cookies to provide a better service and provide you with a better browsing experience.
A Cookie is a small file that is stored on the User's device (computer, tablet, smartphone or any other) with information about browsing.
The set of cookies helps to improve the quality of websites, providing information of interest and are essential for the operation of the Internet, providing innumerable advantages in the provision of interactive services, facilitating navigation and usability of the websites.
In no case can cookies damage a device. On the contrary, if they are active, it is possible to identify and resolve errors more efficiently.
For more information, visit allaboutcookies.org.
The following tables explain how we use cookies on the Portal and in the software.
By using this Portal and the software, you expressly consent and agree that we store these cookies on your computer or device for the stated purposes.
Supplier |
Domain |
Name |
Purpose |
Type |
Duration |
Gespet Software |
apps.gespetsoftware.com |
PHPSESSID |
Used to control the session that the user starts in the software. It does not store personal data and is necessary for the operation of the software. |
Own, Session |
At the end of the session |
Google Analytics |
.gespetsoftware.com |
_ga |
|
Third party, persistent and analytical |
2 years (Default value) |
_gid More information |
24 hours (Default value) |
||||
_gat |
Used to limit the percentage of requests.
|
1 minute (Default value) |
|||
.google.com |
1P_JAR |
Google uses this cookie to personalize ads based on your interests.
|
Third party, persistent and analytical |
1 week (Default value) |
|
APISID |
|
Third party, persistent and analytical |
2 years (Default value) |
||
PREF |
|||||
LSID |
|||||
HSID |
|||||
SID |
|||||
SSID |
|||||
SAPISID |
|||||
GAPS |
Third party, session and analysis |
At the end of the session |
|||
NID |
Third party, persistent and analytical |
6 months (Default value) |
|||
SNID |
You can allow, block or eliminate the cookies installed on your computer by configuring the options of your web browser (or Browser). If you do not allow the installation of cookies in your browser, you may not be able to access some of the services and your experience on our website may be less satisfactory.
In the following links you have at your disposal all the information to configure or disable cookies in each browser:
By browsing and continuing to access/use the portal, the demo and the software, you confirm your consent to the use of cookies.
Our company website contains links to other websites. Our privacy policy applies only to our website, so if you click on a link to another website, you should read their privacy policy.
We keep our privacy policy under regular review and we will make the necessary updates on this web page. This privacy policy was last updated on January 28, 2023.
In the case of significant changes, we will send you a notification through the platform or by email.
Si tienes alguna pregunta sobre la política de privacidad de nuestra empresa, los datos que tenemos sobre ti o si deseas ejercer uno de tus derechos de protección de datos, no dudes en ponerse en contacto con nosotros por email o haciendo clic aquí.
ONEDA Group, LLC is a company established under the laws of Wyoming with its registered office at 30 N. Gould Street, Suite N, Sheridan, WY 82801. U.S.
gespetsoftware[at]gmail.com | Gespet Facebook | @gespet_software | @Gespet | Gespet help and support center
If you wish to file a complaint or if you believe that Our Company has not addressed your concern to your satisfaction, you may contact the Information Commissioner's Office.