Privacy Policy

Effective as of 1st of January 2023

Who is responsible for the processing of your data?

Simur EUROPE S.L. with CIF: B42877605
Address: Street Atarazanas n 10, Office 2.1 y 2.2, CP 29005, Málaga (Spain).
You can contact our Data Protection Officer: [email protected]
Phone: +34 951 91 35 44
Mail: [email protected]

You can contact us in any way to communicate with us.

We reserve the right to modify or adapt this Privacy Policy at any time. We recommend reviewing it.

GENERAL PRIVACY POLICY

If you are one of the following groups, see the information dropdown:

a) WEB OR E-MAIL CONTACTS
What data is compiled by means of the website?

We may treat your IP address, what operating system or browser you use, and even the duration of your visit, anonymously.

If you provide us with data in the contact form, you will identify yourself so that we can contact you, if necessary.

For what purpose will we process your personal data?
  • Answering queries and requests
  • Managing the requested service.
  • Information by electronic means, covering your request.
  • Commercial information by electronic means, subject to express authorization.
  • Perform analysis and improvements on the Web, on our products and services.
What is the legitimacy for the processing of your data?

Acceptance and consent by the data subject: In those cases where to make a request it is necessary to fill in a form and «click» on the send button, the realization of the same necessarily implies that it has been informed and has expressly given its consent to the content of the clause attached to that form or acceptance of the privacy policy.

All our forms have an asterisk (*) to indicate which details are compulsory. If you do not provide these fields, or do not check the privacy policy acceptance checkbox, the sending of information shall not be permitted.

b) CUSTOMERS
For what purposes will we process your personal data?
  • We provide solutions to help verify the identity of your customers who are required by law.
  • Data Processor of your information.
  • Information about your request via electronical means.
  • Commercial information by electronic means, subject to express authorization.
  • Manage administrative, communications and logistics services performed by the Manager.
  • Make transactions.
  • Invoicing and declaration of taxes.
  • Management of control and recovery.
  • Management of claims, complaints, suggestions or exercise of rights.
What is the legitimacy for the processing of your data?

The legal basis is your consent and contractual execution.

Moreover, after obtaining express consent to the processing of the data, such data will be encrypted by Simur Europe S.L. and encrypted by our serveer inside our database and may not be used for Simur Europe S.L. under any circumstances, subject to the exceptions established by law relating to the protection of personal data, by mandatory injunction.

The personal data provided will be kept for as long as necessary to meet any resulting responsibilities. In addition to the periods laid down in the other regulations applicable to the company.

What information do we collect about you?
· Data subjects

Information that you provide to us, or to our Customer such as:

  • Photographic and video images of you, when you provide us with a “selfie” photo, video-clip;
  • Pictures of your passport and national identification card or driving license;
  • Biometric data, when we compare your “selfie” photo against your photographic ID;
  • Details from your passport, such as your name, gender, date of birth, nationality, passport number and MRZ code;
  • Details from your national identification card or driving license, such as your name, address, date of birth and driving license number;
  • Details from your proof of address documentation, such as your name, address and account number, if visible on documentation;
  • Additional information that you provide to us or our Customers such as confirmation of your name, gender, address, date of birth, email address and mobile telephone number; and
  • The details of your device or the device used to make a submission such as manufacturer, model, and operating system version. This information can not be used to identify you as a individual.
· Customers
  • information that you, or someone in your organization, provide to us during registration, including your name and business name, email address, telephone number, username and password;
  • Constitutional documents of the Company, certificate of incorporation, certificate of good standing, register of members, register of directors, memorandum and articles of association etc.
  • financial details including card details, your bank details such as the sort code and account number, to the extent that you supply these to us for the purpose of making payments and
  • information from our logs which indicates activity on the app and the portal.
c) PROVIDERS
What purposes will we process your personal data?
  • Information by electronic means.
  • Commercial information by electronic means, always with express permission.
  • Manage administrative, communications and logistics services performed by the Manager.
  • Make transactions.
  • Invoicing and declaration of taxes.
  • Management of control and recovery.
What is the legitimacy for the processing of your data?

The legal basis is the acceptance of a contractual relationship, or otherwise your consent to contact us and offer your products by any means.

d) JOBSEEKERS
For what purposes will we process your personal data?
  • Organisation of selection processes for the recruitment of employees.
  • Contact you for job interviews and evaluate your candidature
  • If you have given us your consent, we may keep your CV for new job openings
  • kIf you have given us your consent, we may pass it on to collaborating or related companies for the sole purpose of helping you find a job.
What is the legitimacy for the processing of your data?

The legal basis is your unmistakable consent, on providing us with your CV and receive and sign information concerning the use of same.

Do we include third parties to your data information?

No, in general we only use the details provided to us by the interested person. If you provide us with data from third parties, you must inform and request their consent in advance, or else we are exempt from any liability for breach of this requirement.

And data on minors?

In case of processing data of minors, we will always do so with the consent of their parents or guardians.

Will we communicate electronically?

They will only be made to process your request, if it is one of the means of contact you have provided us.

If we send commercial communications, they will have been previously and expressly authorised by you.

What security measures do we implement?

Simur Europe S.L. maintains the security levels of data protection required by the European Regulation, and has provided all appropriate technical and organizational means to ensure a level of security appropriate to the risk, among others:

  • The pseudonymization and encryption of Personal Data.
  • The ability to ensure the permanent confidentiality, integrity, availability and resilience of the processing systems and services.
  • The ability to restore availability and access to Personal Data quickly, in the event of a physical or technical incident.
  • A process of regular verification, evaluation and assessment of the effectiveness of technical and organizational measures to ensure the security of the processing.

  1. Simur Europe S.L. undertakes to inform you of any situation that may have endangered the confidentiality and availability of your data, adopting all measures that are within your reach and as soon as possible to resolve this incident.

    However, the above obligation shall not be required when the communication of the incident to the Users may pose a greater risk for the data or documentation processed. In any case, and when the law so provides, the mandatory protocols of notification to the competent authority shall be followed; or the User/s affected by the possible incident that could have occurred.

  2. Security measures applied:
    • All accesses through Simur Europe S.L. are made with secure connections via https security certificate.
    • Digital documents archived in Simur Europe S.L. will be stored cipher and then encrypted.
    • The password to access Simur Europe S.L. through the web or the application will be stored in encrypted form while it is active
    • For the purpose of ensuring the confidentiality, accessibility and availability of the files guard which shall be stored in distributed and replicated systems on Simur Europe S.L.

  3. The formulas for collection and consent of the user are included in this text, but the user and/ or client must be aware that Simur Europe S.L. uses services in the cloud, that is, it has its servers within the space limited by the client. In this regard, Simur Europe S.L. informs that you have Microsoft Azure servers located in the European Union (Fráncfort, Alemania). We have firewalls on our application servers and databases.

    Personal Data are logically segmented to the extent that we at Simur Europe S.L. we do not have access to the stored information. Only the data subject, who has been authenticated, has access to this information. The Data Controller may provide us with your personal data in order to solve problems or technical support.

  4. Simur Europe S.L. may contract with third parties the provision of certain services that, in order to be able to provide the User with our services, may involve the access or storage of your data or documents by such third parties. In any case, this access will not be considered as a communication of your data by Simur Europe S.L. to third parties, because it acts in this case, and in accordance with the RGPD as "Data Processor".

Third Party Access

Your data will not be transferred to third parties, unless legally required. Specifically will be reported to Agencia Estatal de la Administración Tributaria and to banks and financial institutions of the service provided or product purchased as to the data processors for the execution of the agreement.

However, If at any time in the commercial relationship it is necessary to communicate your data to any other third party not contemplated above, such communication will be made when we have your prior consent to do so and, in the form provided for by law.

For companies that contract the service of Simur Europe S.L. in case of purchase or payment, if you choose any application, website, platform, bank card, or other online service, your data will be transferred to that platform or processed in its environment, always with maximum security.

When we order it, the web development and maintenance company or the hosting company will have access to our website. They will have signed a service contract that obliges them to maintain the same level of privacy as we do.

We use applications that may involve an International Data Transfer to the United States. This will only be done to entities that have demonstrated and that have committed themselves through standard contractual clauses (SCCs) to comply with the level of protection and guarantees in accordance with the parameters and requirements laid down in current European data protection legislation, such as the European Regulation, or where there is a legal authority to carry out the international transfer.

What are your rights?

  1. To know if we are processing your personal data or not.
  2. Access your personal data.
  3. To request the rectification of your data if they are inexact.
  4. Request the deletion of your data if they are no longer necessary for the purposes for which they were collected or if you withdraw the consent granted to us.
  5. Request the limitation of the processing of your data, in some cases, in which case we will only keep them in accordance with current regulations.
  6. To port your data, which will be provided in a structured format, commonly used or machine readable. If you prefer, we can send them to the new manager you designate. It is only valid in certain cases.
  7. To file a complaint with the Agencia Española de Protección de Datos, if you think we have not addressed you correctly.
  8. To revoke consent to any treatment for which you have consented, at any time.
If you edit any data, we will appreciate you to keep them update. Would you like a form so that you can exercise your rights? • We have forms for the exercise of your rights, ask us for them by email or if you prefer, you can use the forms elaborated by Agencia Española de Protección de Datos or third parties. • These forms must be signed electronically or accompanied by a photocopy of the ID card • the event of being represented by another person, you must enclose a copy of his/her National Identity (DNI) document, or sign same with his/her electronic signature. • Forms must be provided in person or sent by post or email to the responsible persons indicated at the start of this document. How long will it take you to get back to you on the exercise of rights? Depending on the right: a maximum of one month since your request, and two months if the topic is will notify you if we need more time. For what purposes are we going to process your personal data? Personal data will be kept as long as you are linked to us. Once you disassociate yourself, the personal data processed in each purpose will be maintained during the legally stipulated deadlines, including the period in which a judge or court may request them, taking into account the limitation period for legal actions. The data processed shall be kept until the expiry of the aforementioned legal periods, if there is a legal obligation to keep them, or, if there is no such legal period, until the data subject requests their deletion or revokes the consent granted. We will keep all information and communications relating to the provision of our service, in order to deal with possible complaints.  PRIVACY POLICY FOR TARGET USERS Intervention of Simur Europe S.L. as Data Processor We inform those users whose data are processed by Simur Europe S.L. in its capacity as Data Processor, that the personal data provided to it will be stored for the purpose of providing the services that the Data Controller has contracted or indicated, in order to send them certain information with respect to a specific document or to accredit the veracity of certain data related to the sending and/or delivery of the same, such as the verification of the user through the identification document obtained through a government body (passport, national identification card details or driving licence). We will not collect details of the device used to send all information, we will only collect the IP address from where you are using our verification system. With regard to Simur Europe S.L. will not use your data for any purpose not covered by this policy, in the contract for the provision of services or the contract of the processor, undertaking to store them and to ensure compliance with the security measures foreseen for providers of electronic trust services and privacy or data protection services, as established by the applicable laws. In the following cases, the data subject or the recipient user must ensure that they read and accept the Data Controller’s Privacy Policy. The collection of data by a Third Party Service Provider. It is possible that a company (Data Controller) that provides services to you or has another link with the recipient User has subcontracted the services offered by Simur Europe S.L. for the execution of any of them. In this case, Simur Europe S.L. will collect your data, as Data Processor, to provide the service contracted by the company, commit yourself to use them for any other purpose tan that for which they are needed. Before sending your response or taking any action, the receiving User will be warned about the Privacy Policy that will be applicable to him. Exercise of rights of the Data Subject Where the data subject (recipient user) wishes to exercise his data protection rigths when Simur Europe S.L. acts as a Provider of a Trusted Service (Data Controller), must address the request for exercise to the Data Controller (natural person or legal entity), that is, the company or natural person that requires you to verify your identity as a customer. Likewise, Simur Europe S.L. in its role as Data Processor will support such exercise.

PRIVACY POLICY UPDATES

Simur Europe S.L. reserves the right to modify this policy to adapt it to future legislative or jurisprudential developments, as well as to future uses that it plans to make of the personal data of the Users of the website or trusted services.

CONTACT US

If you have any questions, comments or requests regarding this our privacy policy, data protection or our processing of your personal data, you may direct us to the information provided in the heading of this privacy policy.