If you tick the corresponding boxes and submit forms across our website, you also consent to receiving commercial communications from us regarding our and other services (see below). If later you do not wish to receive commercial Information about IriusRisk and other services (defined below), you can expressly opt out by sending a notification to email@example.com or by clicking the unsubscribe link in our email communications.
1. DATA CONTROLLER
The entity responsible for processing personal data (Data Controller) on www.iriusrisk.com and in communications with us is IriusRisk SL, with address at Parque Tecnológico Walga, Ctra. Zaragoza N-330A, Km. 566, 22197 Cuarte (Huesca), Spain. All communications regarding the processing of personal data by IriusRisk shall be directed to our Privacy Manager, on firstname.lastname@example.org.
2. PERSONAL INFORMATION WE COLLECT ABOUT YOU AND HOW WE USE IT
2.1 Data collected
Through our website and other communications with you, we collect and process the following data:
- Demo Registration. On registering to our website for use of our Demo Services, we will collect the following personal data: first name, last name, email, company name, password. These data are mandatory and if they are not provided, an account cannot be created.
- Contact us. If you fill the form to contact us, we will collect the following data: First name, last name, company name, email, number of applications built per year (optional).
- Newsletter. If you wish to receive our newsletter, IriusRisk gives you the option to subscribe to receive the latest news by providing us with your email address.
- Use of our products and services. On using our products and services, we may collect the following data that may be associated with your client account: internet protocol (“IP”), connection times, activity, communications, and other data associated with your account during the course of service provision.
- IriusRisk Community Edition Registration. On registering to IriusRisk Community Edition, we will collect the following personal data: first name, last name, email, password. These data are mandatory and if they are not provided, an account cannot be created.
It is important that the personal data we hold about you is accurate and current. You are responsible for the accuracy of the information you provide to us and you are expected to update any information you provide us with.
2.2 Data useWe use your personal data to:
- Management of your relationship with us.
- Contact you and manage all the request you are asking us.
- Provide our Services, as described in our Terms.
- Creating and managing your demo account.
- Measure and improve our services and features.
- Provide you with customer contact and support.
- Send any newsletters, notification emails or commercial communications in general about our products and services and any new features, offers or promotions offered by us, when applicable.
2.3 Legal basisThe legal basis of this processing is the provision of our services and our legitimate interest to contact you and respond to your requests. If you opt-in to our newsletter, or submit a form that explicitly states that it requires your email address to deliver the information you have requested from us, the legal basis is your consent.
4. COMMERCIAL COMMUNICATIONSIf you request our newsletter, you consent to receiving commercial communications including our newsletters, notification emails or other communications in general about us and our products and any new features, offers or promotions offered by us. If later you no longer wish to receive commercial Information about IriusRisk and our services, you can expressly opt out by sending a notification to email@example.com or by clicking the unsubscribe link in our email communications.
5. INTERNATIONAL TRANSFER (THIRD PARTY SERVICE PROVIDERS)
We use third party technological services for the provision of Services, whose providers may process your Data collected in the course of providing us their services indicated below, as sub-processors. These entities may be in jurisdictions that may not provide adequate safeguards in relation to the processing of personal data. However, we have entered into contracts with such entities that do include such safeguards, including the EC model clauses. For more information, please contact firstname.lastname@example.org. You specifically authorize us to subcontract the following services and the corresponding transfer of User Data to Google, Hubspot, Salesforce, Leadfeeder, Pipedrive, Atlassian, Slack, and AWS which are within the EU-US Privacy Shield.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
6. DATA RETENTIONWe will retain the personal data submitted through registration and collected during the course of the Demo and Community Services until termination of the Demo and Community Agreement and deactivation of your Account either by you or us. Once such personal data is no longer used for the purpose mentioned above, it will be deleted.
Also, we may retain personal data beyond the aforementioned periods for legal or administrative reasons, such as defending our responsibility and complying with mandatory legal obligations, subject to applicable law.
7. SECURITY MEASURESWe have adopted technical and organizational measures in accordance with applicable law to preserve and protect your personal information from unauthorized use or access and from being altered, lost or misused, taking into account the technological state of art, the features of the information stored and the risks to which information is exposed. However, due to the nature of the information and related technology, we cannot ensure or guarantee the security of your personal information and expressly disclaims any such obligation. If we learn of a security breach, then we will attempt to notify you electronically so that you can take appropriate steps.
8. YOUR RIGHTSYou have the following rights under the data protection laws in relation to your personal data:
- Request access to your personal data (commonly known as a “data subject access request”).
- Request correction of the personal data that we hold about you.
- Request erasure of your personal data.
- Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party).
- Request restriction of processing of your personal data.
- Request the transfer of your personal data to you or to a third party (right to data portability).
- Withdraw consent at any time where we are relying on consent to process your personal data.
- The aforementioned rights may be effective by contacting us at email@example.com or at IriusRisk S.L., Parque Tecnológico Walga, Ctra. Zaragoza N-330A, Km. 566, 22197 Cuarte (Huesca), Spain, provided that you include a digital copy of your identification document such as your ID card or passport.