- Holder: RISK MANAGEMENT SOLUTIONS, S.L. (hereinafter referred to as “RISKMS”).
- NIF: B-86482361
- Registered office: Calle Ochandiano 8, 28023 (Madrid).
- E-mail: firstname.lastname@example.org.
- Data Protection Officer: The user may contact the Data Protection Officer by writing to the address RISKMS at the attention of the “Data Protection Officer” or to email@example.com.
2. INFORMATION AND CONSENT.
By accepting this Privacy Notice, the user is informed and gives its free, informed, specific and unequivocal consent so that the personal data provided through the website located at the URL www.amlcheck.es (hereinafter, the “Website”) are processed by RISKMS, as well as data derived from navigation and other data that he or she may provide in the future to RISKMS.
The user must carefully read this Privacy Notice, which has been written in a clear and simple language to facilitate its understanding, and freely and voluntarily determine if he or she wants to provide his or her personal data to RISKMS.
3 OBLIGATORY NATURE OF PROVIDING THE DATA.
The data requested in the forms of the Website are, in general, mandatory for the purposes for which the data is collected, unless otherwise specified in the corresponding field of the form.
Therefore, if these data are not provided or are provided incorrectly, the purposes may not be fulfilled, without prejudice to the fact that the user may freely view the content of the Website.
4 FOR WHAT PURPOSE WILL THE USER’S PERSONAL DATA BE PROCESSED BY RISKMS AND FOR HOW LONG?
The personal data collected through the Website will be processed by RISKMS for the following purposes:
- Manage the user’s contact and information requests through the channels provided for this purpose on the RISKMS Website, when the user has consented by checking the corresponding checkbox, or has not expressed his or her opposition to such processing.
- Manage access to the services offered by RISKMS through the Website, as well as manage, process and monitor the contractual relation, including the cancellation of the services. Compliance with the foregoing purpose will include the review and assessment of the information and documents necessary for the verification of the requirements for the formalization of the contract, in particular, thatinformation and documents necessary for the verification of the status of subject bound by the regulations on Anti-Money Laundering.
- Solve any incident related to the use and access to the services offered through the Website.
- Manage access to the demos requested through the Website.
- Carry out quality and satisfaction with the service surveys.
- Analyse the use of the Website and check issues such as the number of views of the products offered, preferences, queries or resolution of incidents in order to improve communication and the services offered on the Website, as described in our Cookies Notice.
- Manage the sending of commercial communications from RISKMS, when the user consents by checking the appropriate checkbox, or has not expressed opposition to such processing.
- Communicate the data to COMPLIOFFICER, S.L. and to WORK 4 DATA, S.L., so that they can send commercial communications of their goods and services, when the user consents by checking the corresponding checkbox, or has not expressed his or her opposition to such processing.
The data will be stored for the time necessary for the fulfilment of the purposes for which the data were collected, unless the user requests its cancellation to RISK MS, opposing or revoking his or her consent.
5 WHAT USER DATA WILL BE PROCESSED BY RISKMS?
RISKMS will process the following data categories from the users:
– Identifying data: name, surname.
– Contact details: e-mail address and telephone number.
– Employment details: company.
– Other data: data provided by the users in the commentary fields of the forms provided on the Website or in the attached documents.
– Navigation data.
In the event that the user provides data from third parties, he or she declares to have their consent and undertakes to pass on the information contained in the Privacy Notice, exempting RISKMS from any liability in this regard. However, RISKMS may carry out periodic verifications in order to check this fact, adopting the appropriate due diligence measures, in accordance with data protection regulations.
6 WHAT IS THE LEGAL BASIS FOR THE PROCESSING OF THE USER’S DATA?
RISKMS will treat the User’s data on the basis of the following legitimations:
1 Execution of the contract:
- Manage access to the services offered by RISKMS through the Website, as well as manage, process and monitor the contract made. Compliance with this purpose will include the review and assessment of the requirements that are necessary for the verification of the requirements for the formalization of the contract.
- Solve any incidence related to the use and access to the services offered through the Website.
- Manage the access to the demos requested through the Website.
- Manage registrations, contact and information requests by the user through the channels provided for this purpose on the RISKMS website.
- Manage the sending of RISKMS commercial communications, when the user consents by checking the corresponding checkbox.
- Manage the sending of commercial communications from COMPLIOFFICER, S.L. and WORK 4 DATA, S.L., so that they send commercial communications about their goods and services, when the user consents by checking the corresponding checkbox.
- To carry out an analysis of the use of the Website and check issues such as the number of views of the products offered, preferences, queries or resolution of incidents in order to improve communication and the services offered on the Website, in accordance with what is described in our Cookies Notice.
3. Legitimate interest:
- Carry out quality and satisfaction surveys.
- Manage the sending of commercial communications RISKMS, when the user has a contractual relationship and has not expressed opposition to receiving them.
The processing of the user’s data by RISKMS based on his or her consent, may be withdrawn at any time. However, if the consent is withdrawn, it will not affect the lawfulness of the processing carried out previously.
The consents obtained for the above-mentioned purposes are independent so the user may revoke only one of them not affecting the others.
To revoke this consent, the user may contact RISKMS via the following email: firstname.lastname@example.org.
7 WITH WHICH RECIPIENTS WILL THE USER’S DATA BE SHARED?
RISKMS may communicate the data in the following cases:
– When the communication is required by law (for example, Tax Agency, Courts and Tribunals or other Public Administrations in the exercise of their functions).
– The communication is necessary to comply with the contract signed between the user and RISKMS (banking entities or other bodies).
– The communication has been expressly consented to by the user, for the sending of commercial communications by the companies of the COMPLIOFFICER, S.L. Group and WORK 4 DATA LAB, S.L..
Likewise, in order to comply with the aforementioned purposes, RISKMS may count on the collaboration of suppliers whose services require access to data owned by RISKMS. By way of example, these providers may be: providers of computer hosting services, payment gateways or technical maintenance. Said third parties shall not process the user data for their own purposes, unless their express consent has been obtained or any of the other legitimate causes established by Law concurs.
8 RESPONSIBILITY OF THE USER.
- Guarantees that he/she is over eighteen (18) years of age and that the data provided to RISKMS are true, exact, complete and up to date. To these effects, the user is responsible for the veracity of all the data that he or she communicates and will keep the information provided conveniently updated, in such a way that it responds to his or her real situation.
- Guarantees that in the event he or she has provided data from third parties, he or she has informed them of the information contained in this document. The user also guarantees that he or she has obtained the third party’s authorisation to provide his or her data to RISKMS for the purposes indicated.
- Shall be liable for any false or inaccurate information provided through the Website and for any direct or indirect damages caused to RISKMS or third parties.
9 COMMERCIAL AND PROMOTIONAL COMMUNICATIONS.
One of the purposes for which RISKMS processes the personal data provided by users is to send them electronic communications with information regarding products, services, promotions, offers, events or news relevant to them. Whenever any communication of this type is made, it will be addressed solely and exclusively to those users who have previously given their consent, or with whom there is a contractual relationship and have not expressed their opposition to receiving them.
In order to carry out the above work, RISKMS may analyse the data obtained by the entities that make up the group of companies to which RISKMS belongs, in order to create user profiles that hep define in greater detail the products that may be of interest to them.
Should the user wish to stop receiving commercial or promotional communications from RISKMS, he or she may request cancellation of the service by sending an email to the email address email@example.com, as well as indicating his or her refusal to receive them, by means of the checkbox thus arranged in the form for collecting his or her data or indicating it by means of the cancellation option provided in each of the commercial communications sent.
10 EXERCISE OF RIGHTS.
The user can send a letter to RISKMS, to the address indicated in the heading of this Policy, or an email to the address firstname.lastname@example.org, attaching a photocopy of his or her identity document, at any time and free of charge, to:
- Revoke the consents granted.
- Access to his or her personal data.
- Rectify inaccurate or incomplete data.
- Request the deletion of his or her data when, among other reasons, the data is no longer necessary for the purposes for which it was collected.
- Obtain from RISKMS the limitation of the processing of the data when any of the conditions foreseen in the regulation of data protection are fulfilled.
- Request the portability of his or her data.
- Contact the DPO of RISK MS at the following address: email@example.com.
- File a complaint regarding the protection of his or her personal data with the Spanish Data Protection Agency at Calle de Jorge Juan, 6, 28001 Madrid, when the user considers that RISKMS has violated the rights recognised by the applicable data protection regulations.
11 SECURITY MEASURES.
RISKMS will process the user’s data at all times in an absolutely confidential manner and keeping the mandatory duty of secrecy, in accordance with the provisions of the applicable regulations. To that effect, RISKMS will adopt the necessary technical and organizational measures to ensure the security of the user’s data and prevent its alteration, loss, unauthorized access or processing, considering the state of technology, the nature of the data stored and the risks to which they are exposed.
Last updated: 7th, November, 2018.