We are a company established under the laws of Wyoming (USA) and we strictly comply with all the requirements of the European GDPR and the EU-U.S. Privacy Protection Framework. (EU-U.S. Privacy Shield Framework).

GPRD - EU-U.S. Privacy Shield Framework Compliance badge

Below we offer you all the information on the General Data Protection Regulation, its application and detailed requirements.

1.1. What is it?. Who does it apply to?

The EU General Data Protection Regulation is enforced for European companies but also requires companies outside the European Union to protect personal data.

GDPR is a European Union data privacy law that requires organizations to keep data secure, while giving people more control over how their data is used.

1.2. What are the requirements that need to be fulfilled?

This is the compliance checklist that applies to all businesses and US businesses:

Legal basis and transparency

Data safety

Responsibility and governance

Privacy rights

We are a global business. We may transfer your data to countries other than your own country. As Controller or person in charge of the treatment, we promise to respect and comply with the obligations that arise from the Data Protection Laws.

The User or Client authorizes and accepts that we can enter a directory or computer file, for internal use and to facilitate the provision of services.

The User consents to the processing of their data in the terms indicated in this document by accepting this Privacy Policy when registering as a User or Client, when contacting us by any of the means of contact provided (including the portal, chat, blog, social networks, contact forms, request for access to the demo, support form and customer support center among others.

The User must refrain from providing personal data of other interested parties, unless they have the relevant authorization, according to which said interested parties will have been previously and duly informed about the content of this Privacy Policy and, specifically, that they consent to your data is provided to us to be treated according to the corresponding purposes, as well as that you can exercise the rights of access, rectification, cancellation and opposition (hereinafter, jointly called ARCO) in the terms described in this same Policy.

2.1. What data do we collect? How do we collect your data?

Information that you provide us with. It is the information that you provide us by filling in forms on our website and within the Gespet platform, sending us an email or a support ticket, writing or speaking to us by email, blog, chat, telephone, social networks or any other.

We do NOT handle sensitive information about you (banking, economic, health, loans, etc.), the only User information that we collect and store is the basic data that identifies you in order to contact you:

• Contact person's name

• Contact person's email

• Contact person's secondary email

And the data for the configuration of your account:

• Business name

• Business Country

Additionally, in the case of support, we may need additional information such as the type of device, browser version or similar information.

The data is provided by the user himself and it is the User who expressly authorizes receiving communications from us.

We are absolutely against the practice of spamming. We will only use these contact details to send the user, by email, information related to the contracted service, improvements that are being implemented in the software, keep them informed about the news that they consider may be of interest to them or send them any important notification (next renewal/ expiration of the service, changes in the legal conditions, or similar).

Information we collect. Through the Website and Platform, we collect information that your web browser makes available to us. This includes technical information, such as your IP address, browser type, Internet service provider, referring/exit pages, and date/time. As you navigate our site, we collect information about the individual web pages or services you visit and information about how you interact with our site. You can consult the Cookies section to obtain all the information in detail.

2.2. How will we use your data?

The reasons for processing your personal information depend on your relationship with us:

For visitors of the website/platform: We process your information using cookies for analytics purposes on the basis of your consent.

We process all customer information for marketing purposes on the basis of your consent, which we collect when you register with us. You can opt out of receiving future marketing emails from us by following the opt-out link in the marketing emails we send you, or by contacting us at any time.

For suppliers: We process your information to perform the contract between us, including when we take pre-contractual steps. We process your information because we have a legitimate interest in using it to run our business efficiently and we also keep certain supplier records because we are legally required to do so.

For employees: We process your information because we have a legitimate interest in processing your information to administer the relationship between them and us. We also keep certain records because we are required by law to do so.

For all other third parties, we have a legitimate interest in processing your information to run our business. We may also send you marketing communications if you have opted-in, in which case we process your information on the basis of your consent.

2.3. How do we store your data?

Your personal information is not shared with anyone, unless a Law or a community norm provides otherwise, or if it is necessary for the provision of the contracted service.

In this case, we will only communicate those essential data to manage the request of the Users and provide the contracted services, so that the assignment responds to the free and legitimate acceptance of a legal relationship existing between the interested parties and us, whose development, compliance and control necessarily imply the connection of the data and that includes the necessary transmission of the same.

In the event that a User leaves a comment or interacts socially with social networks, they must bear in mind that their data will be published in the environment in which they act, that is, they will be expressly authorizing the communication of their data -associated with the action they carry out. - to other Users who access the website or social network.

If necessary, we may share certain of your information with the following people or groups of people:

• Subcontracted service providers. Our service providers (including IT providers) may have access to your information as part of their service to us. Our service providers are subject to strict contractual obligations to treat your personal information confidentially and to comply with data protection law at all times.

We may transfer personal information outside of the European Economic Area (EEA) to the following service providers. For each recipient, we have identified the legal protections in place to ensure that your information is protected:

• Freshworks (USA). EU-US Privacy Shield Framework. USA

• Linode LLC. (USES). EU-US Privacy Shield Framework. USA

• Google LLC. (USES). EU-US Privacy Shield Framework. USA

• Sentry RT of FUNCTIONAL SOFTWARE, INC. (USES). EU-US Privacy Shield Framework. USA

• Mailgun (USA). EU-US Privacy Shield Framework. USA

• Stripe (Ireland, EU). EU-US Privacy Shield Framework. USA and European Data Protection Authorities.

• PayPal (USA - EU) EU-US Privacy Shield Framework. USA and European Data Protection Authorities.

• Government bodies and courts. If we have a legal obligation to do so, we will share your information with government agencies, regulators and/or courts.

• Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. If a change occurs to our business, the new owners may use your personal data in the same way as set out in this privacy policy.

2.4. Safety

Gespet, in its capacity as Processor, has adopted the necessary technical and organizational measures to guarantee the security of personal data and prevent its alteration, loss, treatment or unauthorized access, in accordance with current regulations on privacy. Personal data protection. Gespet only provides the technical infrastructure, circumscribing its responsibility to the security measures provided in relation to these functions.

Therefore, its responsibility will be limited to those tasks that, by their very nature, must be carried out by Gespet directly in the platform and/or the servers. Gespet declines any responsibility for the violation of the security systems of the Contractor or the inviolability of the information when it is transported through any communications network. Gespet will not be responsible for those security incidents that occur as a result of an attack or unauthorized access to the software, communication networks, devices and/or servers, in such a way that it is impossible to detect or prevent it even after adopting the necessary measures. according to the current state of technology, or due to a lack of diligence by the User or Contracting person in relation to the guard and custody of your access codes, devices, communication networks and/or personal data.

The Contracting person acknowledges that said measures are adjusted to the level of security applicable to the type of information processed as a result of the provision of the service that Gespet performs on behalf of the Contracting person, in accordance with the provisions of current regulations on data protection. It corresponds, exclusively, to the Contracting person to assess whether the conditions of this agreement are appropriate to your needs and comply with the legal requirements to which they are bound as File/Treatment Manager.

2.5. Legitimation

The User who uses or contracts the service (User, Client or Contracting person), or, where appropriate, the third entity that decides on the purpose, content, use and treatment of personal data, are the solely responsible for the data that is collected and stored in the platform and/or on the servers. We treat the information hosted on its account and/or servers exclusively on behalf of the Contracting person under the terms and conditions stipulated herein.
The Contracting person, or the third party to which it is providing a service processing data for which it is responsible, state that they are the owners of files that contain legally collected personal data and that, by virtue of the services contracted to Gespet, authorizes their treatment and processing to the extent necessary for their provision.

Gespet only provides the technical infrastructure, circumscribing its responsibility to the security measures provided in relation to these functions.

The User assumes all responsibilities for the data collected and hosted in the platform and/or servers, and Gespet is expressly exonerated from all types of civil, criminal or any other type of liability that may arise from claims in relation to the contents that the User store or use.

The User or Contracting person of Gespet as Data Controller is responsible to Gespet as Processor, and undertakes to indemnify him, for all damages, interests and claims in which Gespet could be affected by a lawsuit or claim from a third party. , filed as a consequence of a breach by the User or Gespet Client of the obligations arising from this contract and in general, given the condition of Gespet's intermediary or processor, of any other that is not a direct consequence of a breach by Gespet of its legal or contractual commitments.

The User is responsible for the data and must carry out the actions required by law for the processing and registration of data files in the relevant bodies. If the User fails to comply with the regulations, he will be responsible and will assume any sanction that is imposed as a consequence of this lack of legitimacy.

Gespet will be exclusively the Processor or person in charge of the treatment and will limit itself to processing the data on behalf of the person responsible for the file in compliance with the provisions of this agreement and will take care of its destruction once the contracted service has finished as stipulated in the conditions expressed in the present agreement.

2.6. Obligations and subcontracting

In those cases in which Gespet could have access to the data, it undertakes not to apply, use, or disclose the data processed for purposes other than those detailed in these legal conditions. Gespet, in its capacity as Processor, will only process the data contained in its platform and/or servers to execute the contracted services on behalf of the User or Contracting person in accordance with the instructions indicated and, in no case, will it use them for purposes other than those agreed.
Gespet will not communicate or allow access to the processed data to any third party, not even for its conservation, unless the contrary has been established, or the communication is necessary for the provision of the contracted services or the assignment is imposed by a regulation. with force of Law. In this sense, the contracting person expressly authorizes Gespet, when contracting any of its services, to subcontract in its name and on its behalf as many entities as necessary for the correct provision of the services.

The subcontracted entities will have the status of data processor, will be subject to the same data protection and confidentiality rules as Gespet and will regulate their relationship with Gespet in accordance with data protection regulations.

Complying with current legislation, we guarantee the integrity, conservation, accessibility, legibility, traceability and inalterability of the records.

In the event that the Contracting person acts as the person in charge of the treatment of a third entity responsible for the data, he must guarantee, before contracting any service that involves the treatment of said data, that he has the express authorization of this to proceed with the subcontracting of the services entrusted to it, it also ensures that the relationship with the third party entity responsible for the data is legally regulated in accordance with the requirements of current regulations on data protection prior to the service contracting. Otherwise, you must refrain from subcontracting with Gespet and if you breach this prohibition you will be responsible and will assume any sanction that is imposed on it as a result of this lack of legitimacy.

If you have expressly requested it, we will occasionally send you information about our services, updates or service-related content that we think you may be interested in. You have the right at any time to stop us from contacting you for marketing purposes. If you no longer want us to contact you for marketing purposes, you can click on the option enabled for this purpose in all emails or by clicking here

We want to make sure you know all your data protection rights:

• The right of access: you have the right to request copies of the personal data we store about you from our company.

• The right to rectification: you have the right, in certain circumstances, to have your information rectified, blocked, deleted or destroyed if it is inaccurate.

• The right to erasure: You have the right to request that our company erase your personal data, under certain conditions.

• The right to restrict processing: You have the right to request that our company restrict the processing of your personal data, under certain conditions.

• The right to object to processing: You have the right to object to the processing of your personal data by our Company, under certain conditions.

• The right to data portability: You have the right to request that our company transfer the data we have collected about you to you, under certain conditions.

• If you make a request, we have a month to respond. If you wish to exercise any of these rights, please contact us via email.

5.1. What are cookies?

We use cookies to provide a better service and provide you with a better browsing experience.

5.1. What is a Cookie and what is it for?

A Cookie is a small file that is stored on the User's device (computer, tablet, smartphone or any other) with information about browsing.

The set of cookies helps to improve the quality of websites, providing information of interest and are essential for the operation of the Internet, providing innumerable advantages in the provision of interactive services, facilitating navigation and usability of the websites.

In no case can cookies damage a device. On the contrary, if they are active, it is possible to identify and resolve errors more efficiently.

For more information, visit allaboutcookies.org.

5.2. What types of cookies are there?

5.3. How do we use cookies? What types of cookies do we use?

The following tables explain how we use cookies on the Portal and in the software.

By using this Portal and the software, you expressly consent and agree that we store these cookies on your computer or device for the stated purposes.

5.4. How can you configure or disable your cookies?

You can allow, block or eliminate the cookies installed on your computer by configuring the options of your web browser (or Browser). If you do not allow the installation of cookies in your browser, you may not be able to access some of the services and your experience on our website may be less satisfactory.

In the following links you have at your disposal all the information to configure or disable cookies in each browser:

• Google Chrome
• Mozilla Firefox
• Internet Explorer
• Safari
• Safari for IOS (iPhone and iPad)
• Chrome for Android

By browsing and continuing to access/use the portal, the demo and the software, you confirm your consent to the use of cookies.

Our company website contains links to other websites. Our privacy policy applies only to our website, so if you click on a link to another website, you should read their privacy policy.

We keep our privacy policy under regular review and we will make the necessary updates on this web page. This privacy policy was last updated on January 28, 2023.

In the case of significant changes, we will send you a notification through the platform or by email.

8.1. Cómo contactarnos

Si tienes alguna pregunta sobre la política de privacidad de nuestra empresa, los datos que tenemos sobre ti o si deseas ejercer uno de tus derechos de protección de datos, no dudes en ponerse en contacto con nosotros por email o haciendo clic aquí.

ONEDA Group, LLC is a company established under the laws of Wyoming with its registered office at 30 N. Gould Street, Suite N, Sheridan, WY 82801. U.S.

gespetsoftware[at]gmail.com   |   Gespet Facebook   |   @gespet_software   |   @Gespet   |   Gespet help and support center

8.2. How to contact the proper authorities

If you wish to file a complaint or if you believe that Our Company has not addressed your concern to your satisfaction, you may contact the Information Commissioner's Office.