Introduction
At Geko Cloud SL we are fully committed to the security of your personal data. Therefore, we design our products and services taking into account your privacy and we will always treat this data with respect. Our privacy policy will help you understand how we collect, use and protect the data of our customers and collaborators.
For your part, you acknowledge that by accepting this Policy, you consent to us treating them in the manner detailed below. In any case, they will only be treated for the purposes that you have consented to or for which we are legitimately bound or authorized. In addition, if you provide us with other people’s personal data, you confirm that you are authorized to do so.
Who we are
We Geko Cloud SL. (hereinafter, “Geko Cloud”), with registered office at Calle Orient 86 CP 08521 Les Franqueses del Valles (Barcelona) with CIF B67177329. We are responsible for the processing of the data you provide on our website through the contact form or through personal and / or telematic contact.
Protection of personal data according to theLOPD
Geko Cloud, in application of current regulations on the protection of personal data, informs that the personal data collected through the forms of the Website: https: // geko .cloud, are included in the user-specific automated files of customer management services in our CRM platform dedicated to the attention of the cases exposed therein.
The collection and automated processing of personal and commercial data in the case of companies is aimed at maintaining the business relationship and the performance of information, training, advice and other activities related to the activity and services offered. as well as the correct completion of the data in the invoices, contracts and legal texts.
These data will only be transferred to those entities that are necessary for the sole purpose of fulfilling the purpose set forth above.
Geko Cloud takes the necessary measures to guarantee the security, integrity and confidentiality of the data in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016, regarding the protection of data natural persons in regard to the processing of personal data and the free movement of them.
The user may at any time exercise the rights of access, opposition, rectification and cancellation recognized in the aforementioned Regulation (EU).
The exercise of these rights can be done by the user through email to: datos@geko.cloud
Purpose of data processing:
For what purpose will we treat your data?
In Geko Cloud, we will treat your personal data collected through the Website: https://geko.cloud or through personal and / or telematic communications, with the following purposes:
- In order to perform the data collection management necessary to the preparation of commercial proposals
- In the case of contracting the services offered, to maintain the contractual relationship, as well as the management, administration, information, provision and improvement of the service.
- Sending requested information, delivery of follow-up reports, new budgets and any documentation regarding the collaboration relationship.
- Send newsletters, as well as commercial communications of promotions and / or advertising of the sector.
We remind you that you can oppose the sending of commercial communications by any means and at any time, by sending an email to the address indicated above. The fields of these records are mandatory, and it is impossible to carry out the expressed purposes if these data are not provided.
How long are the personal data collected?
The personal data provided will be kept as long as the commercial relationship is maintained or you do not request its deletion and during the period for which legal responsibilities may arise for the services provided.
Legitimation:
The processing of your data is carried out with the following legal bases that legitimize it:
- The request for information and / or the contracting of Geko Cloud services, whose terms and conditions will be made available to you in any case, prior to an eventual hiring.
- Free, specific, informed and unambiguous consent, as long as we inform you by making this privacy policy available to you, that after reading it, if you are satisfied, you can accept by means of a statement or a clear action affirmative, as the marking of a box arranged for that purpose.
In the event that you do not provide us with your data or do it in an erroneous or incomplete way, we will not be able to attend to your request, making it completely impossible to provide you with the requested information or carry out the contracting of the services.
Data collected by users of the services
In cases where the user includes files with personal data on the shared hosting servers, Geko Cloudno is responsible for the breach by the GDPR user.
Data retention in accordance with the LSSI Geko Cloud informs that, as a provider of data hosting service and under the provisions of Law 34/2002 of July 11, Services of the Information Society and Electronic Commerce (LSSI), retains for a maximum period of 12 months the essential information to identify the origin of the hosted data and the moment in which the provision of the service began.
The retention of this data does not affect the secrecy of communications and may only be used in the context of a criminal investigation or for the safeguarding of public safety, being made available to the judges and / or courts or the Ministry that so requires. .
The communication of data to the State Forces and Bodies will be done under the provisions of the regulations on protection of personal data.
Intellectual property rights Geko Cloud
Geko Cloud owns all copyright, intellectual property, industrial, “know how” and how many other rights are related to the contents of the website https://geko.cloud and the services offered on the same, as well as the necessary programs for its implementation and related information.
The reproduction, publication and / or non-strictly private use of the contents, total or partial, of the website https://geko.cloud without prior written consent is not allowed.
Geko Cloud will request in writing to the client the express authorization for the use of its brand in the marketing programs and success stories.
Who treats your data
The treatment of the data can be treated by the following roles of the Geko Cloud company according to the needs:
- Commercial department: Budgeting and integral customer management as well as billing: The type of data processed is basically all those related to fiscal, personal, location, email and potentially confidential information of the client that it makes available to be able to perform the appropriate services.
- Project departments: Development and continuity of projects within active services: Customer data, emails and internal personnel data as well as confidential information.
- Technical department: Customer personal contact information, access to infrastructure and other data necessary for the execution of project and maintenance tasks.
NOTE: All Geko Cloud employees have signed a document in which they are responsible and knowledgeable about the application of the correct data protection policies and their treatment.
What data Wecollect
basicallyinformation related to the execution of the services we offer both in the previous phase in the preparation of proposals and in the operation phase of the contracted service:
- Personnel names
- E-mails
- Fiscal and accounting information (DNI / CIF …)
- Invoices from Geko Cloud to the Client
- Contact telephone numbers
- Information whose intellectual property our client has (in our contracts we always sign a copyright agreement)
- Gender
- Profession and academic level
- Physical addresses and GeoPosition
True and proper data
The client will be the total responsible for the data provided both in the questionnaire of the website and through any personal or telematic communication and will be responsible for the information provided is truthful and rigorous. As well as keeping them updated protecting the interests of employees, customers and exceptional situations that deserve it.
Geko Cloud will not be responsible for the legal consequences of the processing of fraudulent, impersonated or unreal information that can be done maliciously.
Customer rights
- Right to access your personal data: that is, the right to obtain information about whether your data is being processed and what it is about. If your request includes personal information of other people or if you are making a request on behalf of another person, we will need an identification of these people and a signed letter or authorization document confirming that they agree that you act on their behalf and with which you give us your data.
- Right to be informed about the processing of your personal data. We comply with this right through this Policy.
- Right of rectification: that is, to correct your personal data if they are wrong and to complete them if they are incomplete.
- Right to object to the processing of your personal data.
- Right of deletion: that is, to delete your personal data.
- Right to move, copy or transfer your personal data to whomever you request (data portability).
- Rights on automated decision making based on your data, including the right not to create profiles with your data.
How to exercise your rights
To exercise your rights, you can do it electronically to: datos@geko.cloud.
In either case, this is the information you have to provide:
- Name, address and detail on what right you wish to exercise.
- A copy of your ID / CIF or passport, the email address used for our services, an address for notification, date and signature. This is to take the necessary steps to confirm your identity before providing you with details of any personal information we may have about you.
Right to file a claim with the AEPD:
Finally, if you feel that your rights regarding the processing of your data have been violated, you also have the right to file a claim with the corresponding supervisory authority. In Spain it is the Spanish Agency for Data Protection (AEPD) and you can contact them at its headquarters (Spanish Agency for Data Protection / Calle Jorge Juan 6/28001 – Madrid) or on its website: https: // sedeagpd. gob.es/sede-electronica-web.
Data
conservation We will keep your data for as long as we need it to provide you with the products and services agreed and / or requested.
In the case of not accepting a commercial proposal, we save the customer data in our CRM platform through perimeter password protection, the client may request in writing the total deletion in our customer database.
In addition, we will continue to retain your data after we have completed a service, in accordance with our legal and regulatory requirements and for as long as we can legally file claims against us. We will also keep your data, for a period of 6 years from the end of the services we provide, for our analysis and profiling.
Data security
On our websites and in our CRM and internal documentation infrastructures, we protect all data provided by a user and a password. In addition, we use industry standard security to encrypt confidential data in transit to our servers.
All our staff uses double authentication factor and we have a role access policy with access levels according to data sensitivity.
Finally, you should keep in mind that communications over the Internet, as with emails, are not secure unless they have been encrypted. Your communications can go through several countries before being delivered – this is the nature of the Internet. We cannot accept responsibility for any unauthorized access or loss of personal information that is beyond our control.
Changes to this policy
This privacy policy was last updated on October 4, 2019. We reserve the right to make changes to this policy and we will inform you of such changes when you visit our page or in person through the email address that you have provided. Please note that the communication of the update will not have a commercial purpose.
From time to time, we may have to change the way we process personal data. When we believe that this change may not be reasonably expected for you, we will write to confirm your acceptance if necessary. If the change does not require your consent, we will indicate this to you, and you will not have to take any additional action.
Quality Assurance
- Our team use IAM roles and action definition rules for each profile.
- Restricted access documentation.
- Our team always sign copyright and privacy policy contract
- Geko always use MFA , SSO and double check process authentication to ensure secure access to our customers.
- Audit logs for modifications.
- Deployment workflow rules and role based acceptance criteria.
- Encrypted communications with our customers.
- Ticketing and documentation secured platform with process, workflow and actions plans to evaluate business risk.
- Password encrypted with Duo Trusted Zero platforms