Personal Data Protection Policy

1. According to the provisions of Organic Law 15/1999 of 13 December on Personal Data Protection (hereinafter LOPD) and of Royal Decree 1720/2007 of 21 December approving the implementation decree of the LOPD (hereinafter RDLOPD), arsys.es expressly declares its policy regarding the treatment and protection of personal data, which will be applicable to any person voluntarily communicating by email with arsys.es, filling in forms that collect data, formalising a contractual relationship with arsys.es, or using any other service available on the website that entails communication of data to arsys.es or access to data by arsys.es for the provision of services.

The use of arsys.es services implies express acceptance of this policy on privacy and treatment of personal data.

Furthermore, these terms will be of subsidiary application regarding others set forth on the same subject specifically and communicated (without limitation) in the following ways: registration forms, contracts and/or terms of use of specific services, with this policy as complementary to the previous policies in any matters not expressly provided for therein and not contradicting them.

2. arsys.es notifies the user of the website of the existence of several treatments and files of personal data under the responsibility of Arsys Internet, S.L. (arsys.es), registered office C/ Chile n. 54, 26007 Logroño (La Rioja), Spain, where the personal data communicated to arsys.es are collected and stored.

3. Sending an email to arsys.es, or communicating any other personal data to arsys.es by any means, entails or implies free, unequivocal, specific, informed and express consent for the treatment of personal data by arsys.es, which is carried out with the purpose of attending to the communications received.

When purchasing services offered by arsys.es, the data will be treated with the purpose of maintaining any contractual relationship that may arise, adhering to the nature and features of the service purchased through the website. Furthermore, the data will be treated to send documentation and information related to the services, commercial/advertising communications about the services, and similar, by post, telephone, email, SMS or other means indicated by the client, as well as to maintain records of commercial relations during the legally established timeframes.

In cases in which arsys.es must access and/or treat personal data which are the responsibility and property of the clients for the appropriate delivery of the services purchased, arsys.es will treat the corresponding data as the responsible for the treatment in accordance with the provisions of section 8 of this Privacy Policy which regulates the obligations of the parties in the terms established in article 12 of the LOPD and concordant RDLOPD.

4. The user may at any time exercise his/her rights of access, rectification, cancellation and opposition, where possible, by using the tool “Client Area,” available at http://www.arsys.es/, if he/she is a client. In addition, these rights may be exercised, by sending a notification by email to info@arsys.es, or by sending a written request indicating the petition or right exercised together with a copy of their ID or legally valid identity document to arsys.es to the following postal address: C/ Chile n. 54, Logroño (La Rioja), 26007, Spain, for the attention of the Department of Sales Information.

5. arsys.es has provided for transfers or communication of data required under article 11 of the LOPD to fulfil its responsibility towards the Public Administrations and, likewise towards other authorities when required by law.

In this sense and in accordance with the provisions of Law 25/2007 of 18 October on the conservation of data relating to electronic communications and public networks, the user is hereby notified that arsys.es must proceed to retain and conserve certain traffic data generated during the course of communications, and when appropriate, communicate them to the legitimate authorities, provided that the legal circumstances set forth in the above Law apply.

Furthermore, in cases where applicable due to the provision of the services, and as a requirement established by the ICANN or the competent registration organisation, the owner of a domain name gives authorisation for the publication of data relating to the ownership of the domain name in question, and of administrative, technical and payment contacts which, in accordance with regulations, must be public and accessible from the whois of competent registration organisations. If the client is not the owner, it is his/her responsibility to collect from the owner the authorisation for the publication and transmission of the data.

Please note that arsys.es may transfer personal data to: (i) any of the member companies of the Business Group, which is understood to mean companies in which arsys.es or its partners have over 50% shareholding and share the human and organisational structure of Arsys as well as other resources; or (ii) in general, any other company that directly or indirectly is the parent of, is the subsidiary of, or has the same parent company as arsys.es, and to which the CLIENT gives his/her anticipated consent.

6. arsys.es advises that, except for the existence of a legally constituted representation, no user and/or client may use the identity of another person and communicate his/her personal data, therefore, please note at all times that he/she may only communicate to arsys.es personal data corresponding to his/her own identity and that are appropriate, pertinent, up to date, precise and true. To such effect, the user and/or client shall be the sole responsible in case of any damage, whether direct and/or indirect, caused to third parties or to arsys.es due to the use of personal data of another person or of his/her own personal data when they are false, erroneous, not up to date, inappropriate or impertinent. Likewise, the user and/or client communicating the personal data of a third party shall be responsible towards him/her for the obligation of information set forth in article 5.4 of the LOPD if the personal data has not been collected from the interested party him/herself, and/or for the consequences of not informing him/her.

7. arsys.es hereby provides notification that, in accordance with the provisions of the LOPD and the RDLOPD, it has adopted the technical and organisational measures required to guarantee the security of the personal data in view of the state of technology, the nature of the data stored and the risk they are exposed to, and that it shall only record personal data on files that meet the conditions set forth in the current legislation regarding their integrity and security and that of treatment centres, premises, equipment, systems and programs. Furthermore, arsys.es guarantees compliance with the duty of professional secrecy regarding the personal data being treated and the duty to store them.

8. In accordance with article 12 of the LOPD and concordant RDLOPD, access and/or treatment of personal data that are the responsibility and property of arsys.es clients shall not be deemed as communication or transfer of data, when this is necessary for the appropriate provision of services purchased in each case. In these cases, arsys.es will act as the subject responsible for the treatment and will carry out the access and/or treatment of the data according with the terms indicated below: