Privacy Policy - Inbounds

Importance of privacy

The protection of personal data of users and customers is paramount, and therefore, we wish to explain and facilitate in a transparent manner how we collect, protect, use and share this data in the development of our activity.

Personal data should be understood as information about an identified or identifiable natural person, which we collect through some of the established channels, such as,

Data collection forms inserted in our website, app, electronic office, by telephone or in-person when filling in any of our forms, among others.

Regardless of the channel chosen, we recommend that you carefully read the information provided on privacy, and if you have any doubts about any of the sections included, please contact us by sending a request to the following email address: dpo@nunsys.com.

It is very important that you understand:

Who collects your personal data?
What personal data do we collect?
How do we collect your personal data?
Information on the applicable legal bases and obligation to provide data.
How do we share information with third parties?
How long do we process your data?
Profiling and automated decision-making.
What are your privacy rights and how can you exercise them?

1.- WHO COLLECTS YOUR PERSONAL DATA AND WHO IS THE CONTROLLER?

Controller’s data:

CoachInBounds by Nunsys is the Controller of the processing of your data.

Registry information: NUNSYS, S.A.
VAT: A97929566
Registered office: C/ Gustave Eiffel, 3. Parque Tecnológico 46980 Paterna (Valencia)
Email: info@nunsys.com

What data do we process?

Depending on the type of web form or application used, we will collect certain personal or technical information.

Device information
Cookies and similar technologies
Date, time and duration connection

How do we collect your personal data?

From the information you provide directly through the channels set up such as:

Web pages forms.

Information provided by third parties:

Legal representative or authorised person, in the case of minors, incapacitated persons or legal representatives or joint accounts.
From third parties whose cookies are applied on the website.

Why do we process personal data?

Identification of purposes and applicable legal bases.

We inform you that all data processed by CoachInBounds by Nunsys are necessary for the purposes described in this Privacy Policy and failure to provide them would make it impossible to properly manage the existing relationship with you.

Below is a description of the different purposes for which your personal data is processed and the bases that legitimise the processing:

INFORMATION ON THE APPLICABLE LEGAL BASIS AND OBLIGATION TO PROVIDE DATA.

Information on the applicable legal basis.

In the event that the applicable legal basis turns out to be legitimate interest, you may object to any of the processing, based on the same, by contacting the Data Protection Officer at: dpo@nunsys.com and explaining the reason for such opposition. In such a case, the Data Controller will weigh up whether the aforementioned interest prevails over the rights of the data subjects.

With respect to those processing operations based on the consent provided, the lack of authorisation shall not affect the maintenance or fulfilment of the contractual relationship with NUNSYS, S.A. Furthermore, once you have given your consent, you may withdraw it at any time without affecting the processing previously carried out. In any case, your consent will remain in force as long as you do not withdraw it.

Obligation to provide data.

In some cases, it is mandatory to collect certain personal information before processing your request or providing one of our services, either because such information is the minimum necessary to fulfil your request or because we are legally obliged to collect it.

However, CoachInBounds by Nunsys undertakes to collect only the data necessary for the purpose intended.

You should be aware that, in these cases, failure to provide the required information may result in delays in the provision of the services requested or even the impossibility of providing them. Mandatory changes will normally be marked with an asterisk (*).

HOW DO WE SHARE DATA WITH THIRD PARTIES?

In order to comply with the applicable legal obligations, your data may be transferred to the following recipients:

Spanish Data Protection Agency.
Computer Security Incident Response Teams (CSIRT) and Computer Emergency Response Teams (CERT).
State Security Forces and Corps.
Public Prosecutor’s Office, Judges and Courts.

Finally, in certain cases, some of our suppliers may process your personal data on behalf of and for the account of the Data Controller insofar as this is necessary for the performance of the specific activity. In particular, some of these suppliers are:

Providers of IT services such as servers, and cloud platforms.
Events or marketing activities, research.
Investors and managers.
Design, and maintenance of tools and applications.
Specialised mailing services.
Destruction of information.

As a general rule, no data transfers are made to third parties located or whose servers are located outside the European Economic Area. However, in those instances where you consent to the use of third-party cookies, your information may be shared with third parties located outside the European Economic Area. For more information, please see our cookie policy.

FOR HOW LONG WILL WE STORE YOUR DATA?

As a general rule, your data will be deleted when they are no longer required for the purpose for which they were collected.

In the event that the processing is only based on your consent, your data will be processed until your consent is withdrawn.

Notwithstanding the foregoing, the privacy regulations provide for the possibility of retaining certain data for longer than is necessary to achieve the original purpose in the following cases:

Compliance with a legal obligation in accordance with article 17.3.b of the GDPR.
Archiving purposes in the public interest, scientific and historical research, statistical purposes in accordance with Article 17.3.c and 89 of the GDPR.
Enforcement or defence of claims in accordance with Article 17.3.e of the GDPR.

In accordance with the provisions of the LOPDGDD, when the rectification or deletion of the data is required, based on the principle of proactive responsibility, we may continue to keep your data blocked (i.e. with restricted access) prior to the final physical or digital erasure, during the limitation periods established in the applicable regulations and for the sole purpose of addressing or enforcing possible liabilities arising from the processing.

Access to the data and, consequently, their availability, is limited solely to judges and courts, the Public Prosecutor’s Office or Public Administrations.

PERMANENT ERASURE OF YOUR DATA.

Your data will be definitively destroyed once the retention periods imposed by the regulations governing our activity and the statute of limitations for administrative or legal actions arising from the relations established between you and us have elapsed.

In the case of the use of cookies, your data will be retained in accordance with the provisions of this policy.

AUTOMATED INDIVIDUAL DECISION-MAKING AND PROFILING.

By means of the data collected through the website, the data controller does not make automated decisions nor does it create profiles.

WHAT ARE YOUR RIGHTS?

Access: You will be able to consult your data included in the databases of the Data Controller.
Rectification: You will be able to modify your personal data if they are inaccurate.
Erasure: You may request the deletion of your personal data.
Object:You can object to the processing of your personal data by the entity when the legal basis for the processing is legitimate interest.
You can also object to receiving commercial information by sending an email to the address: [email] with subject «UNSUBSCRIBE».
If you object to communications for commercial purposes, you should be aware that the entity may send information related to the products or services contracted such as: information on the blocking of cards; requests for transactions carried out from an unusual location; informative communication that may affect current contracts, etc.
Opposition to automated decision: If we make a decision in an automated way, you can object and ask for the decision to be reviewed by a person; and you can express your views or challenge the decision, where appropriate.
Portability: You have the right to ask us to transfer your data to you directly or to another third party. This right only applies where we carry out automated processing on the basis of your consent or because you have a contract with us.You consider that they are inaccurate, they have been processed unlawfully, they are not necessary for the purposes pursued, but you wish them to be stored for use in the event of a complaint and/or You have objected to one of the processing operations based on legitimate interest.
You may withdraw your consent at any time without affecting the processing operations previously carried out. In any case, your consent will remain in force as long as you do not withdraw it.

How can you exercise your rights?

Requests can be submitted:

In writing to the following e-mail address: dpo@nunsys.com
By post or in person: C/ Gustave Eiffel, 3. Parque Tecnológico 46980 Paterna (Valencia)

In the case of requests for rights, the data controller will make the appropriate and necessary enquiries to verify and ensure the identity of the applicant. Without prejudice to the foregoing, proof of identity may be provided by one of the following methods:

Providing a copy of a document proving identity (ID, Passport or equivalent document).
Signing the document electronically with a valid digital certificate.

Complaints to the supervisory authority.

In the event that you consider that your data protection rights have been infringed, or your request has not been correctly dealt with, you can lodge a complaint with the Supervisory Authority (Spanish Data Protection Agency)

Address: C/ Jorge Juan, 6. 28001 – Madrid.
91.266.35.17

Electronic site: https://sedeagpd.gob.es/sede-electronica-web/

MOBILE APP.

Permissions – Access to Data and Resources

Prior to installation, as well as once installed, the application will inform the User about the access and use of certain resources of the device (for example, camera, GPS-geolocation receiver), and must expressly accept or reject it in the time to use them. This access is considered a collection of personal data through, for example, the association of the user’s geolocation with their identifying data. The application can use the functions of the applications available on the device itself and therefore access the stored data. To install the application and use it, access and use of applications available on the device itself will be required.

DEVICE PERMISSIONS

All APP permissions work in the foreground of the device. In any case, access to these resources will only be made when the User is using/running the application, so the identified functions will not be activated continuously.

Revocation of permits.

The user may determine at any time whether he or she decides to grant or revoke the permissions. The user is reminded that denying the use of the applications available on the device itself (camera…) will not allow the use of the application in its most complete form. Denial or revocation of consent will not prevent access to the remaining features.

The User may configure or revoke the permissions provided by accessing:

MY PROFILE -> SETTINGS

It is recommended that you refrain from installing the application if you do not want it to use these functions.

AMENDMENTS TO THE PRIVACY POLICY.

We will review this Privacy Policy from time to time as necessary to keep you informed, for example, in connection with the publication of new rules or criteria or the implementation of new processing. We will notify you through the usual communication channels whenever there are material or important changes to this Privacy Policy. However, we recommend that you visit and read our policy whenever you access the website/app/website.

FURTHER INFORMATION.

For further information about our Privacy Policy and how we process your personal data, you may email or visit our office.

Cookie	Duración	Descripción
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.