The purpose of this Privacy Policy (hereinafter, the "Policy") is to inform of the processing activities of your personal data that VLN SERVICIOS PUBLICITARIOS INTEGRALES, S.L.U. (hereinafter, "EXTE") requires to carry out when you access and browse the www.exte.com.
This Policy will explain how EXTE collects, processes and protects your personal data, so that you can freely and voluntarily determine whether you wish to provide your personal data to EXTE for the purposes set out.
Access to and use of www.exte.com (the "Website") implies that you fully accept and are obliged to comply with the terms and conditions set out in this Policy, as well as in the provisions contained in the Legal Notice, both documents, together with the Cookies Policy -which acceptance process is independent-, as a whole as the applicable legal texts (the "Legal Texts").
You must read these Legal Texts carefully each time you use the Website, as they may be modified according to new developments, legislative and jurisprudential requirements, or business needs.
1.- IDENTITY AND CONTACT DETAILS OF THE PERSON IN CHARGE
The person responsible for the processing of the User's personal data is VLN SERVICIOS PUBLICITARIOS INTEGRALES, S.L.U. (the "Responsible" or "EXTE"), with NIF B-87495628 and registered office at Paseo de la Castellana, nº 130, 4ª Planta, (28046) Madrid, Spain.
To contact the Data Controller and make any queries regarding the processing of personal data carried out by the Data Controller or to exercise any of the rights set out below, the Data Controller offers you the possibility of sending an email to its data protection officer at gdpr@exte.com or a letter by ordinary mail to the following postal address: Paseo de la Castellana, nº 130, 4ª Planta, (28046) Madrid, Spain.
2.- PURPOSES AND LEGAL BASES OF THE PROCESSING OF PERSONAL DATA COLLECTED ON THE WEBSITE
EXTE will process your personal data, in its capacity as Data Controller, based on your activity and the services you request from us on the Website.
In this sense, EXTE undertakes to process only the personal data strictly necessary to comply with the purposes indicated below and to guarantee the confidentiality of these.
The personal data that EXTE may process obtained directly are the following:
Data Controller |
Processing Activity |
Purposes of processing |
Categories of personal data we process |
Legal Basis for Processing |
EXTE |
Respond to your requests for information |
The Website offers you the possibility of contacting EXTE to resolve your doubts. When you write an email, EXTE will collect your personal data in order to respond to your contact request. |
Identification data
Contact Details |
Request for pre-contractual measures by the data subject (Article 6(1)(b) GDPR) |
EXTE |
Implementation of our own and third-party cookies. |
Use cookies and similar tools on our website to remember certain information that allows you to automatically alter certain aspects of your browsing experience and personalize your experience; and to track and analyze your behavior on the website. |
Browsing data |
Prior consent of the data subject (Article 6.1.a) GDPR) except for the use of technical cookies, which are considered strictly necessary for the operation of the website |
The categories of data described above may include the following personal data:
- Identification data: Name and surname, National Identity Document (DNI), Foreigners' Identification Number (NIE) or passport.
- Contact details: Postal address, postal code, email address and telephone number.
- Browsing data: those included in the Cookies Policy
In relation to the data that you may provide to us, by clicking on "accept", "send" or equivalent, you declare that the information and data you have provided are accurate and truthful.
Finally, EXTE informs you that your personal data may also be processed for the following purposes:
Data Controller |
Processing Activity |
Purposes of the processing |
Categories of personal data we process |
Legal Basis for Processing |
EXTE |
Communicate the information required in each case by authorities and public administrations |
In the event that EXTE is required by authorities and public administrations based on a regulation with the force of a specific law that justifies their access to your personal data, EXTE will assign or allow access to your personal data in order to comply with the applicable legal obligations. |
Identification data/ Interests data |
Compliance with a legal obligation (Article 6(1)(c) GDPR) |
EXTE |
Responding to your enquiries and responding to the exercise of rights |
In the event that you contact EXTE, it will try to respond to any doubts, complaints, comments or concerns you may have regarding the information included on the Website. Likewise, it will manage incidents related to the processing of your personal data, including the exercise of your rights. |
Identification data |
Compliance with a legal obligation (Article 6(1)(c) GDPR) |
Remember that, with respect to processing based on your consent, you have the right to revoke it at any time by sending an email to gdpr@exte.com. In that case, EXTE will stop processing your personal data for those purposes that are based solely on your consent.
You may also revoke your consent to the processing of your data for certain specific purposes. In this way, EXTE will be able to continue processing your personal data for the purposes that are of interest to it.
3.- COMMERCIAL COMMUNICATIONS
EXTE informs that the personal data collected through the enquiry form will not be used under any circumstances to send commercial communications.
4.- RECIPIENTS OF PERSONAL DATA AND INTERNATIONAL DATA TRANSFERS
Your personal data that EXTE has obtained will not be communicated to third parties for purposes other than those for which the legal basis has been obtained.
In the event that access to your data by third parties is necessary for the provision of a service subcontracted by EXTE to a 3rd party, the necessary documents will be signed to guarantee the security of your personal data and the correct exercise of your rights.
In the event that EXTE transfers your personal data to third parties residing outside the European Economic Area for the provision of the services you have requested, it will sign the appropriate SCCs in accordance with current regulations.
6.- RETENTION PERIODS
Your personal data will only be kept for the duration of the purposes for which they were collected. In any case, the maximum period for which EXTE will keep your personal data will be 120 days.
We provide you with more information on their retention periods in the Cookies Policy, broken down according to the different purposes. For data obtained directly from you through a form, once the consultation or the object of the form has been concluded, your data will no longer be processed.
At the end of the indicated retention period, EXTE will keep your data duly blocked during the limitation period of possible legal actions, with the sole purpose of meeting the liabilities of any kind that may arise. Once these responsibilities have expired, your personal data will be definitively deleted.
7.- USER RIGHTS
You may exercise your rights of access, rectification, opposition, deletion, limitation and portability at any time by means of a written communication addressed to EXTE via email to gdpr@exte.com and accompanied by your ID card. In the same way, you can revoke the consent granted for the processing of your personal data.
You can also file a complaint with the Spanish Data Protection Agency in the event that you consider that EXTE has processed your personal data in breach of the applicable regulations.
8.- SECURITY MEASURES
EXTE will treat your personal data confidentially. EXTE has also implemented appropriate technical and organisational measures to ensure the security of your personal data, and to prevent their destruction, loss, unlawful access or unlawful alteration. Criteria such as the scope, context and purposes of the processing have been considered when determining these measures; the state of the art and the risks involved. EXTE guarantees the following security measures:
- Pseudonymization and encryption of personal data.
- The ability to ensure the ongoing confidentiality, integrity, availability, and resilience of treatment systems and services.
- The ability to restore availability and access to personal data quickly, in the event of a physical or technical incident.
- The process of regular verification, evaluation and assessment of the effectiveness of technical and organisational measures to ensure the security of processing.
9.- MINORS
Minors may not make use any of the services offered by the Website without the prior authorisation of their parents, guardians or legal representatives, who will be solely responsible for all acts carried out through the Website by the minors in their care, including the completion of forms with such minors’ personal data or the marking the checkboxes that may accompany them.
In this sense, to the extent that EXTE does not have the capacity to control if users of its Website are minors, it is warned that they must be the parents and guardians who enable the necessary mechanisms to prevent minors from accessing the Website and/or providing personal data without their supervision. EXTE shall not admit any responsibility in this regard.
10.- UPDATE
This Policy may be updated from time to time. Therefore, each time you access the Website, you should review this Policy in order to ensure that you are adequately informed about the type of information collected and how it is processed.
Finally, this Policy is a free translation of the original Spanish Policy. In the event of any discrepancy between such original text and this translated version, the Spanish version shall prevail.
This Privacy Policy was last updated on December 20, 2023.