privacy policy lucia March 4, 2024
privacy policy

“Smart Point” is deeply committed to compliance with Spanish and European regulations on the protection of personal data, and guarantees full compliance with the obligations set forth, as well as the implementation of the security measures provided for in the General Data Protection Regulation (GDPR) (EU) 2016/679, of April 27, and in the Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights (LOPD and GDD, hereinafter LOPD).

In accordance with these regulations, we inform that the use of our website may require that certain personal data be provided through registration or contact forms, or by sending emails, and that these will be processed by “Smart Point”, Data Controller, whose data are:

  • Company Name: Lava Locker S.L.
  • CIF: B66067216
  • Registered Office: Calle Ramon Turró nº5, 08005, Barcelona, ​​Spain
  • Telephone: 931 126 757
  • eMail: gdpr@smartpoint.com
  • DPD data: ExpertosLOPD S.L., CIF: B70585450, Calle Juan Flórez, 146 – 15005, A Coruña, dpd@expertoslopd.es

Collection and Processing of Personal Data

Personal data is any information related to a person: name, email, address, telephone number, NIF/NIE… Additionally, when a User visits our website, certain information is automatically stored for technical reasons, such as the IP address assigned by its provider. of Internet access.

“Smart Point”, as Data Controller, has the duty to inform the Users of its website about the collection of personal data that may be carried out, either by sending e-mail or by filling in the forms included in the website.

Only the necessary data will be obtained to be able to perform the contracted service, or to be able to adequately respond to the request for information made by the User. The data collected are identifying and correspond to a reasonable minimum to be able to carry out the activity carried out. In particular, no specially protected data is collected at any time. In no case will the data be used for purposes other than those for which they were collected.

Contact forms/email


Purpose
To answer your request for information made through our contact form(s).


Legitimation
The legal basis that legitimizes this treatment is the consent of the User, which may be revoked at any time.


Transfer of data
Personal data will be processed through servers managed by
Micro apps
which will be considered the Data Processor.

Mailing list registration forms (newsletter)

PurposeSending communications, some of them commercial, of interest to users according to the theme of the web. As established by the LSSICE, “Smart Point” undertakes not to send commercial communications without identifying them as such. For these purposes, information sent to customers for the maintenance of the existing contractual relationship, if any, will not be considered as commercial communication.


Legitimation
The legal basis that legitimizes this treatment is the consent of the User, which may be revoked at any time.


Transfer of data
The personal data will be processed through servers managed by
Mautic
which will be considered as Data Processor.

User registration forms

Purposes:

  • Manage your User registration on our website.
  • Comments and content management.
  • Sending commercial communications or surveys related to our services.
  • Sending communications via email and/or telephone, in order to inform the User of possible incidents, errors, etc.


Legitimation
The legal basis that legitimizes this treatment is the User’s consent and legitimate interest in sending communications, which may be revoked at any time.


Transfer of data
Personal data will be processed through servers managed by
Micro apps
which will be considered the Data Processor.

Comments form


Purpose
To make a comment or review for publication on the website.


Legitimation
The legal basis that legitimizes this treatment is the consent of the User, which may be revoked at any time.


Transfer of data
Personal data will be processed through the servers of this website, managed by
Micro apps
which will be considered as the Data Processor.

Minors

Only persons over 14 years of age may provide personal data on this website. As required by the LOPD and GDD, in the case of minors under 14 years of age, the consent of their parents or guardians will be a mandatory condition for us to process their personal data.

On the other hand, only persons over 18 years of age may contract our services. In the case of minors under 18 years of age, the consent of their parents or legal guardians will be a mandatory condition for us to provide the services offered, unless the minor is emancipated.

User Registration

When the User registers through the corresponding form, the information we collect may include:

  • Name and surname
  • Email
  • Telephone no.
  • DNI
  • IP
  • Username/password

The User must also provide a password, which must meet certain security requirements. They do not expire. To recover the password, the User must go to the specific recovery form and enter his/her e-mail address to continue the process and be able to modify it, clicking on the link that will be sent to the e-mail address entered. The User is responsible for keeping his/her password confidential, as well as for all the uses he/she makes of it. You must notify “Smart Point” of any unauthorized use of your account or password as soon as possible.

The User, once registered, has access to a private panel, where he/she can view certain contents, account options (such as password or User data), links to a Smart Point locker, package deposits, shipment status, etc.

The User may receive the following notifications:

  • When registering on the platform (account validation email).
  • In the deposit of packages in the Smart Point locker, such as proof of the same, incidences, etc.
  • The User receives our newsletter, from which he/she can unsubscribe by clicking on the corresponding links at the bottom of the newsletter.
  • For comments made, and responses to them.
  • By password recovery (specified in the previous field).
  • When unsubscribing or deleting the account.

Security Measures

Users of the “Smart Point” website are informed that the technical and organisational security measures available to us have been adopted to prevent the loss, misuse, alteration, unauthorised access and theft of data, and that they guarantee the confidentiality, integrity and quality of the information contained therein, in accordance with the provisions of current legislation on data protection. Translated with DeepL.com (free version) The personal data collected in the forms are processed only by the staff of “Smart Point” or by the designated Data Processors.

The “Smart Point” Web Site also has SSL encryption, which allows the User to securely send their personal data through the contact or registration forms on the website.

Accuracy of data

The User declares that all data provided by him/her are true and correct and undertakes to keep them updated. The User shall be responsible for the veracity of his data and shall be solely liable for any disputes or litigation that may result from the falsity of such data. It is important that, in order for us to keep the personal data updated, the User informs “Smart Point” whenever there has been any change in the data.

Transfer of data

“Smart Point” will not transfer or communicate your data to any third party, except in the cases legally foreseen or when the provision of a service implies the need to transfer them, such as, for example, to parcel delivery companies.

In addition, in those cases in which it is necessary, the User’s data may be transferred to parcel delivery companies, certain organizations, in compliance with a legal obligation: Spanish Tax Agency, banking entities, Labor Inspection, etc.

Exercise of User Rights

The LOPD and GDD and the RGPD grant data subjects the possibility of exercising a series of rights related to the processing of their personal data. To do so, the User must send an e-mail to gdpr@smartpoint.com, or by written communication to the address Calle Ramon Turró nº5, 08005, Barcelona, Spain, with proof of identity (ID card or passport). This communication must include the following information: name and surname of the User, the purpose of the request, the address and supporting data.

The exercise of rights must be made by the User himself. However, they may be executed by a person authorized as legal representative of the User, providing the documentation proving such representation.

The User may request the exercise of the following rights:

  • The right to request access to personal data, which is the right to obtain information on whether their own personal data are being processed, the purpose of the processing, if any, being carried out, as well as the information available on the origin of such data and the communications made or planned for such data.
  • The right to request its rectification, in the event that the personal data is incorrect or inaccurate, or deletion of data that proves to be inadequate or excessive.
  • The right to request the limitation of their processing, in which case only the data strictly necessary for the exercise or defence of claims will be kept by “Smart Point”.
  • Right to object to processing: this refers to the data subject’s right not to have his or her personal data processed or to stop the processing in cases where his or her consent to the processing is not required, where the data is used for commercial prospecting or for the purpose of making decisions regarding the data subject and based solely on the automated processing of his or her data, unless for legitimate reasons or for the exercise or defence of possible claims, the data must continue to be processed.
  • Right to data portability: in case you want your data to be processed by another company, “Smart Point” will provide you with the portability of your data in an exportable format.

In the event that consent has been given for a specific purpose, the User has the right to withdraw the consent at any timewithout affecting the lawfulness of the processing based on the consent prior to its withdrawal.

We undertake to execute all these rights within the maximum legal term (1 month).

If a User considers that there is a problem with the way in which “Smart Point” is handling his data, he can address his complaints to our Data Protection Officer or to the corresponding data protection authority, being the Spanish Data Protection Agency the one indicated in the case of Spain.

Data retention

The personal data of Users who use the contact form or send us an email requesting information will be processed for the time strictly necessary to fulfill the request for information, or until the consent given is revoked.

On the other hand, the data of registered Users who use our services will be treated until the end of the contractual relationship. In the case of commercial communications or surveys received, the user may also express at any time their opposition to the processing of data for these purposes even if the active contractual relationship is maintained.

In the case of data processing of candidates (C.V.), “Smart Point” may keep their curriculum for a maximum of two years in order to incorporate it to future calls, unless the candidate declares otherwise.

Social Networking

“Smart Point” has a profile in some of the main social networks on the Internet (Facebook, Twitter, LinkedIn, YouTube, Instagram), recognizing itself in all cases Responsible for the processing of the data of its followers, fans, subscribers, commentators and other profiles of Users (hereinafter, followers) published by “Smart Point”.

The purpose of data processing by “Smart Point”, when the law does not prohibit it, will be to inform its followers about its activities and offers, by any means that the social network allows, as well as to provide personalized service to the User. The legal basis that legitimizes this treatment will be the consent of the person concerned, which may be revoked at any time.

In no case will “Smart Point” extract data from social networks, unless the User’s consent to do so is specifically and expressly obtained (for example, for the realization of a contest).

International Data Transfers

“Smart Point” uses the company’s electronic communications sending servicesMauticand software providermonday.com Ltd. located in the United States. Standard contractual clauses approved by the European Commission have been signed with these entities, in order to ensure the adequate level of protection in the processing of your personal data, in accordance with the criteria established by the GDPR.

By accepting this privacy policy, the User expressly and unequivocally grants his/her consent to the international transfer of his/her data to this/s the service provider/s.

Personnel Selection

Applicants who send electronic communications to “Smart Point” for the purpose of accessing the personnel selection processes of the responsible party authorise us to analyse the documents sent (e.g. CV), all content that is directly accessible through Internet search engines (e.g. Google), the profiles they maintain on professional social networks (e.g. LinkedIn), the data obtained in the entrance tests and the information they reveal in the job interview, with the aim of assessing their candidacy and being able, if necessary, to offer them a job. In the event that the candidate is not selected, “Smart Point” may keep his/her C.V. for a maximum of two years, in order to incorporate it in future calls for applications, unless the candidate states otherwise. The legal basis that legitimizes this treatment will be the consent of the person concerned, which may be revoked at any time.

Confidentiality

The information provided by the User shall, in any case, be considered confidential, and may not be used for purposes other than those described herein. “Smart Point” undertakes not to disclose or reveal information about the User’s claims, the reasons for the advice requested or the duration of its relationship with the User.

Validity

This privacy and data protection policy has been drafted by
ExpertosLOPD
®, data protection company, as of December 28, 2023, and may vary depending on changes in regulations and jurisprudence that may occur, being the responsibility of the owner of the data to read the updated document, in order to know their rights and obligations in this regard at all times.