Privacy Policy

In compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, EXE ARQUITECTURA BARCELONA SLP (hereinafter, the “Controller”) with NIF B63630776 informs the User that their personal data will be processed for the purpose of providing the requested services and sending information about our company that may be of interest.

Data Controller
The company responsible for processing your data under this Privacy Policy is:

EXE ARQUITECTURA BARCELONA SLP
NIF: B63630776
Address: C/ CLAVELLS 12 08348 CABRILS – BARCELONA
Email address: adm@exearquitectura.com
Website: www.exearquitectura.com
Phone: 932008035

Legal Basis for Processing
The CONTROLLER will process the user’s personal data based on the explicit consent that the user grants after reading the Privacy Policy, in accordance with Article 6.1(a) of the EU Regulation 2016/679 on the protection of personal data.

Sending and Recording of Personal Data
The sending of personal data is mandatory to contact and receive information about the services provided by the Controller. Likewise, not providing the requested personal data or not accepting this data protection policy implies the impossibility of subscribing, registering, or receiving information about these services.

When personal data is obtained from the data subject through electronic communications networks or in the context of the provision of an information society service, as well as in those cases expressly established by law or authorized by the Spanish Data Protection Agency, the data controller may fulfill the information duty established in Article 13 of Regulation (EU) 2016/679 by providing the data subject with at least the following basic information:

a) The identity of the data controller and their representative, if applicable.
b) The purpose of the processing.
c) How the data subject can exercise the rights established in Articles 15 to 22 of Regulation (EU) 2016/679.

However, data controllers and processors or, where applicable, their representatives, must maintain a record of processing activities as referred to in Article 30 of Regulation (EU) 2016/679, unless the company or organization employs fewer than 250 people, with the exception that the processing carried out may pose a risk to the rights and freedoms of data subjects, is not occasional, or includes special categories of personal data referred to in Article 9(1) or personal data relating to criminal convictions and offenses as referred to in Article 10 of Regulation (EU) 2016/679.

Finally, Article 5.1(f) of Regulation (EU) 2016/679 establishes the need to establish appropriate security measures against unauthorized or unlawful processing, against accidental loss of personal data, destruction, or damage. This implies the establishment of technical and organizational measures aimed at ensuring the integrity and confidentiality of personal data and the possibility (Article 5.2) of demonstrating that these measures have been put into practice (proactive responsibility).

Transfer or Disclosure of Personal Data and International Transfers
The Controller will not disclose personal data to third parties. However, if personal data were to be transferred to a third party, the data subject would be provided with prior information and asked for their explicit consent in accordance with Article 4.11 of Regulation (EU) 2016/679 of April 27, 2016.

No data transfers to third countries are foreseen.

Accuracy and Truthfulness of the Data Provided
The User who sends information to the Controller is solely responsible for the accuracy and correctness of the data included, and the Controller is exempt from any responsibility in this regard.

Users guarantee and are responsible, in any case, for the accuracy, validity, and authenticity of the personal data provided and undertake to keep them duly updated. The User agrees to provide complete and correct information in the registration or subscription form.

The Controller is not responsible for the veracity of information that is not of its own making and for which another source is indicated, and therefore assumes no responsibility for any hypothetical damages that may arise from the use of such information. The Controller is exempt from liability for any damage or harm that the User may suffer as a result of errors, defects, or omissions in the information provided by the Controller, provided that it comes from sources external to the Controller.

Data Retention
In any case, the retention period will be the minimum necessary, and data will be kept as follows:

• 4 years: Law on Infractions and Penalties in the Social Order (obligations regarding affiliation, registration, contribution, payment of salaries, etc.); Arts. 66 and following of the General Tax Law (accounting books, etc.)
• 5 years: Art. 1964 of the Civil Code (personal actions without a special term)
• 6 years: Art. 30 of the Commercial Code (accounting books, invoices, etc.)
• 10 years: Art. 25 of the Law on the Prevention of Money Laundering and Financing of Terrorism.

Exercise of Rights of Access, Rectification, Erasure, Restriction, Portability, and Objection
You can send your communications and exercise your rights of access, rectification, erasure, restriction, portability, and objection through postal mail to the Controller at C/ CLAVELLS 12 08348 CABRILS – BARCELONA or by email to adm@exearquitectura.com, along with valid proof in law, such as a photocopy of your ID, and indicating “DATA PROTECTION” in the subject line.

You can also contact the relevant Data Protection Authority for further information or to file a complaint.

Acceptance and Consent
The User declares to have been informed of the conditions regarding the protection of personal data, accepting and consenting to the processing of their data by the Controller, in the manner and for the purposes indicated in this Personal Data Protection Policy.

Changes to this Privacy Policy
The Controller reserves the right to amend this policy to adapt it to new legal or jurisprudential developments, as well as to industry practices. In such cases, the Controller will announce changes on this page with reasonable notice before they are implemented.

*reCAPTCHA
We use Google Inc.’s reCAPTCHA service (Google, hereinafter) to protect data submitted through our users’ website forms. This service allows the distinction between data sent by individuals and automated messages and involves the transmission of the IP address and other data required by Google for the use of the reCAPTCHA service. For this purpose, the data will be transmitted to Google for use. The IP address will be encrypted by Google in the European Union member states as well as in countries associated with the European Economic Area. Only in exceptional cases will IP addresses be transmitted to Google’s server in the United States for encryption. On behalf of the owner of this website, Google will use this information to evaluate the use of the service by users. The IP address transmitted by reCAPTCHA will be kept separate from other Google data. Google’s privacy policy applies to this data. You can read all the details about Google’s privacy policy on the following page: https://www.google.com/intl/es/policies/privacy/

By using the reCAPTCHA service, the user consents to the processing of their data by Google as described above.

SOCIAL MEDIA PRIVACY POLICY
In compliance with Regulation (EU) 2016/679 of April 27, 2016 (GDPR) and Law 34/2002 of July 11, 2002, on Information Society Services and Electronic Commerce (LSSI-CE), EXE ARQUITECTURA BARCELONA SLP (hereinafter, the “Controller”) informs users that it has created a profile on the LinkedIn Social Network for the main purpose of advertising its products and services.

Data for EXE ARQUITECTURA BARCELONA SLP
NIF: B63630776
Address: C/ CLAVELLS 12 08348 CABRILS – BARCELONA
Phone: 932008035
Email: adm@exearquitectura.com
Website: www.exearquitectura.com

The user has a profile on the same Social Network and has decided to join the page created by the Controller, thus showing interest in the information that is published on the Network. By joining our page, the user gives their consent for the processing of personal data published in their profile.

The Controller has access to and processes public information from the user, especially their contact name. This data is only used within the Social Network and is not incorporated into any file.

The user can access the privacy policies of the Social Network itself at any time and configure their profile to ensure their privacy. The Controller has access to and processes public information from the user, especially their contact name. This data is only used within the Social Network and is not incorporated into any file.

Regarding the rights of access, rectification, erasure, restriction, portability, and objection that you have and that can be exercised before the Controller, in accordance with Regulation (EU) 2016/679, you should take into account the following nuances:

*Access: It will be determined by the functionality of the Social Network and the user’s ability to access information from user profiles.
*Rectification: It can only be satisfied with respect to information under the control of the Controller, for example, deleting comments published on the Controller’s page. Normally, this right should be exercised before the Social Network. Normally, this right should be exercised before the Social Network.
*Cancellation and/or Opposition: As in the previous case, it can only be satisfied with respect to information under the control of the Controller, for example, ceasing to be connected to the profile.
*Portability: The right to portability involves the possibility of having personal data transmitted directly from one data controller to another when technically feasible.
*Restriction: It is a measure that restricts the processing of personal data.

The cases in which the data subject will have the right to obtain from the data controller the restriction of data processing are set by law and include the following:

-When the data subject contests the accuracy of the personal data, for a period enabling the controller to verify the accuracy of the data.
-When the processing is unlawful, and the data subject opposes the erasure of the personal data and requests the restriction of their use instead.
-When the data controller no longer needs the personal data for the purposes of the processing, but the data subject requires them for the establishment, exercise, or defense of legal claims.
-When the data subject has objected to processing, pending the verification of whether the legitimate grounds of the controller override those of the data subject.

The Controller will carry out the following actions:

• Access to the user’s public profile information.
• Publication on the user’s profile of all information already published on the Controller’s page.
• Sending personal and individual messages through the Social Network channels.
• Status updates of the page that will be published on the user’s profile.

The user can always control their connections, remove content that is no longer of interest, and restrict who they share their connections with; for this, they must access their privacy settings.

Publications
Once the user has joined the Controller’s page, they may publish comments, links, images, or photographs or any other type of multimedia content supported by the Social Network. The user, in all cases, must be the owner of them, enjoy the copyright and intellectual property rights, or have the consent of the affected third parties. The posting of texts, graphics, photographs, videos, etc. that infringe or may infringe upon morals, ethics, good taste, or decorum, and/or that infringe, violate, or breach intellectual or industrial property rights, the right to an image, or the law is expressly prohibited. In these cases, the Controller reserves the right to immediately withdraw the content, and may request the permanent blocking of the user.

The Controller will not be responsible for the contents that a user has freely published.

The user should be aware that their publications will be known to other users, so they themselves are primarily responsible for their privacy.

The images that may be published on the page will not be stored in any file by the Controller, but they will remain on the Social Network.

Contests and Promotions
The Controller reserves the right to hold contests and promotions in which the user can participate on its page. The rules for each of them, when using the Social Network platform for this purpose, will be published on it. Always in compliance with the LSSI-CE and with any other applicable regulations.

The Social Network does not sponsor, endorse, or administer any of our promotions, nor is it associated with any of them.

Advertising
The Controller will use the Social Network to advertise its products and services, in any case, if it decides to process your contact data to conduct direct commercial prospecting actions, it will always comply with the legal requirements of Regulation (EU) 2016/679 and the LSSI-CE.

Recommending the Controller’s page to others so that they can also benefit from the promotions or be informed about its activity will not be considered advertising.

Here is the link to the privacy policy of the Social Network:
Linkedin, http://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv