Privacy Policy

1. – SCOPE OF APPLICATION AND RESPONSIBILITY

The Company is responsible for the processing of your personal data (e.g., information that identifies an individual, such as your full name or email address) collected through our services, in accordance with this Privacy Policy.

This Privacy Policy, like our https://ghughu.com/es/politica-de-cookies/, applies to all users, both those who use our services without having registered or subscribed to any of them, and those who have registered or subscribed to any of our services.

For clarification, this Privacy Policy does not apply to data collected by third parties through their websites, even if any such websites contain links to the Company’s Website.

The Company is not responsible for any content within the privacy policy of third parties, and makes no warranties, express or implied, in relation to the accuracy, legality, accuracy, or validity of any website.

2. – COMPANY SERVICES

The Website offers you the possibility to manage your user area, set up alerts, receive newsletters, information and advertising about the products and services of the Company and/or third parties. The newsletters, information and advertising mentioned above will be based on the areas of interest you have indicated to us, in accordance with the criteria of the website and your profile. If you wish, you can also participate in different promotions, contests, and raffles.

To use the Company’s services, you must register on the Website through the registration form provided, and freely and expressly consent to the processing of your data, this Privacy Policy and our Cookie Policy.

In this regard, you may select, by ticking certain boxes, at least three (3) fields of interest from among the options provided by the Website. In addition, if you wish, you can agree to the transfer of your anonymised data (anonymised by encryption and the use of electronic pseudonyms), so that we can combine it with other information and enrich the data. This procedure would be carried out through technical means in a completely anonymous and non-identifiable way.

The purpose of data transfer is to combine information from different sources to increase information relating to centres of interest, which may have been defined directly, through browsing or other subscriptions, and to refine our advertising campaigns. All this without prejudice to your privacy, which is guaranteed by the encryption and compartmentalization of your data.

3. – PERSONAL DATA COLLECTED BY THE COMPANY

The Company collects information to provide services to you, either directly, through personal data provided directly to the Company, or indirectly through the use of the Website and the services it provides (device-related information, registration data, and physical location). In particular, the Company collects the following data from and about you:

a) Data provided by the user for the purpose of registering for a service of the Company, through subscription forms. Subscription forms request personal data through mandatory or optional fields that must be completed by the user, such as their name, telephone number and email address, so that we can manage our mailing lists and send them personalized online advertising. Subscription to mailing lists is done through the Hermes and Perseus tools. The sending of emails is managed by the Company, which previously verifies your email. To verify this, you will receive an email from the Company with the subject “Successfully registered for our newsletter of exclusive offers” or similar in your inbox. We will use the data provided to send you advertising from our customers. Registration information may include, but is not limited to, first name, last name, email address, gender, country, zip code and birthday, areas of interest, and academic/professional aspects. You can revoke your consent or inform us that you have not subscribed to any of our services at any time by following the instructions in Section 13 of this Privacy Policy.

b) Social Media Information. If you access or register for a Company service through a social network or connect a Company service to a social network, the data we obtain may include your user identity and/or the username you have associated with such social network, any information you allow the social network to share with us (such as, your profile picture, email address or friend lists), and any other personal data that you have made public through said social network. These social networks may collect a lot of personal data and information, such as the websites you have visited and your IP address, and may install cookies on your device to enable the social network’s services to function properly. The Company is not responsible for the security or privacy of any information collected by these third parties. You should read and understand the policies applicable to the third-party services that you use, or access, before giving your consent to such third parties. You must also configure these services according to your interests. When you access our services through a social network or when you connect a Company service to a social network, you are authorizing the Company to obtain, store and use such personal data and content, in accordance with this Privacy Policy.

c) Information submitted to the Company via a contact form. There is a contact form on the Website for inquiries, suggestions and/or professional matters. If you contact us through this online form, we will use your email address to respond to you and send you the information requested by you, if applicable.

d) Activity data. When you access and interact with our Services, we may obtain certain information about those actions. For example, in order to enable your connection to the Company’s services, our servers receive and store information about your terminal and your browser, including potentially your IP address, browser type, and other information about the software or hardware used. We may also install cookies and other tracking technologies (such as browser cookies, pixels, and beacons). These technologies may be used to obtain and store information about your use of our services, such as the pages you visit, the videos and other content you view, the searches you make, and the advertisements you are shown. For more information, please visit our Cookie Policy.

e) Information from other sources. We may supplement the information we collect with information from other sources, such as publicly accessible information on social media services and commercially available sources.

Your personal data will be retained for an initial period of two (2) years from the date you provided it to the Company. During this time, we will use the data only to fulfill the purposes for which it was collected. However, this period may be renewed or extended if the user continues to interact with our services, for example, by accessing our portal, opening communications sent, or performing any other activity involving the use of our services.

If the user has not been active on our platform for a period of between 12 and 24 months, we will evaluate whether to delete, anonymize, or aggregate the data. However, if the user interacts with our services again within this period, the retention period for your data will be automatically renewed.

On the other hand, in cases where it is required to comply with legal obligations or the Company’s legitimate interest, personal data may be retained for a period longer than two (2) years.

Once the applicable retention period has ended, or upon your express request and exercise of your rights under the GDPR, your personal data will be deleted, anonymized, or aggregated, as appropriate.

4.- USE OF DATA COLLECTED BY THE COMPANY

We use the personal data we collect from and about you to:

a) To provide the Company’s services to him;

b) Measure, analyze and improve our services and their features;

c) To provide you with our customer support and respond to your queries;

d) Protect the rights of the Company and others, such as entities belonging to the Group or its employees, agents, contractors, licensors and suppliers; users of the Company’s services or third parties; and suppliers of the Company;

e) To allow you to manage your browsing and alert settings;

f) To allow you to participate and subscribe, when possible, to promotions, contests and/or sweepstakes;

g) Comply with applicable laws or legal procedures and/or respond to requests from authorities or government;

h) Execute corporate transactions (e.g. merger, sale, joint venture, assignment, transfer or other disposition of all or part of the Company’s business, assets or shares, including those carried out in the framework of an insolvency proceeding or other similar proceedings). For example, if the Company is in the process of merging or transferring all or a substantial part of its business, the Company may communicate or transfer your personal data to the party or parties involved in such operation, as part of such transaction;

i) Allow you to log in to the Company’s services via a social network;

j) Send you (via email, SMS, telephone, multimedia messaging services, calls, chat and social networks or other means of communication) offers, promotions or other commercial communications related to services and/or products of the Company, Group entities and/or third parties operating in the sectors indicated by you, if applicable, as well as other sectors in which you may be interested (in accordance with the criteria of the Website and/or your user profile and depending on your cookie settings in your browser). You can read our Cookie Policy here;

k) With your prior consent, transmit or transfer the data to third parties for the purpose of carrying out commercial and telemarketing practices in different sectors of activity in which you may be interested. Personal data may be used for the purpose of segmentation and analysis. Advertising may be sent by third party companies. This processing is optional and applies only if you expressly agree to your data being transmitted to third parties.

The sectors mentioned above are the following:

For clarification purposes, the Company will carry out permission e-mail marketing and direct marketing, telemarketing; develop profiles and segmentations in your data; and/or combine files containing your data. Sometimes, we carry out a profiling to evaluate certain personal aspects of a natural person, in particular to analyze or predict aspects related to performance, personal preferences, interests, reliability, behavior, location or movements in order to segment advertising campaigns in order to achieve their effectiveness, and in this way offer advertising that can be adjusted to the interests of the user. The Company collects adequate, pertinent, and non-excessive data in relation to the scope and purposes stated in this Privacy Policy.

5.- PURPOSE OF DATA PROCESSING AND LEGITIMIZING BASIS

Your data is collected and processed by the Company for the following purposes:

• The data processing described in letters a) to f) of Section 4 of this Privacy Policy is necessary for the provision of the Company’s services. The personal data requested are mandatory, so that refusal to provide them will make it impossible to carry out the provision of the contracted services.
• The data processing described in letter g) of Section 4 of this Privacy Policy is mandatory and is requested in accordance with the requirements of applicable laws.
• Section 4(h) of this Privacy Policy is made based on the legitimate interest of the Company and its counterparties to carry out the aforementioned economic activities. This data processing is not mandatory and you can object at any time, following the indications contained in Section 14 of this Privacy Policy.
• Section 4(i) of this Privacy Policy is discretionary, although without your consent, it is impossible to connect a social media account with the Company’s services. For these purposes, without your consent, when logging into the Company’s services, you must use a different mechanism.
• Section 4, letters j) and k), is discretionary, although without your consent, it is impossible for the Company and/or third parties to provide you with generic commercial communications of services and/or products of the Company and/or third parties, or communications based on your interests and needs. Sometimes, we proceed to segment advertising campaigns in order to achieve their effectiveness, through the preparation of a profile. This type of profiling is only carried out with the data that the interested party has provided and consented to directly with the company or through its website in the registration form (such as their name, telephone number and email address…), so that we can manage our mailing lists and send them personalized online advertising, Under no circumstances will people be tracked through different websites, applications, and/or services.
• With your prior “consent”, transmit or transfer the data to third parties for the purpose of carrying out commercial and telemarketing practices in different sectors of activity in which you may be interested.

If you are interested in withdrawing your consent to the processing of your personal data or exercising your right to object to receiving marketing communications, please contact us at the addresses listed in Section 14 of this Privacy Policy or, for the purposes of Section 4(i),  Click on the unsubscribe link available in any commercial communication. Please remember that, by selecting the corresponding box, you are giving your free and express consent to receive advertising, the transfer of your data to third parties, as well as our Terms and Conditions, Privacy Policy and Cookies Policy. The Company, in order to carry out direct marketing actions, will enter into agreements with third parties. These third parties are suitable service providers, operating in the sectors listed in Section 4 of this Privacy Policy. These service providers will process the data following the precise instructions of the Company and in strict compliance with legal regulations on personal data protection, information security and other applicable regulations. In general, they will perform tasks of the Company with respect to your interests in certain products or advertising campaigns, as well as for the conversion of such campaigns into product purchases or service subscriptions. This will require providing your data to such third parties, so that they can carry out direct marketing actions. This data processing is based on the contractual relationship between the Company and you, upon registration and consent to the data processing.

6.- TYPES OF DATA PROCESSING

Your personal data is processed through automated and non-automated means, and is protected by appropriate security measures, taking into account the state of the art, the costs of implementation, the nature, scope, context and purposes of the processing, In this regard, the Company uses appropriate administrative, technical, personnel and physical measures to protect the personal data in its possession against loss,  theft and unauthorized use, disclosure, or modification. Our information security policies and procedures are closely related to international standards, which are widely accepted and regularly reviewed and updated when necessary to meet our business needs, technological changes and regulatory requirements. The Company has designed a business continuity plan aimed at dealing with any type of adverse and unexpected event, in order to safeguard the continuity of our service for our customers and protect our assets and our personnel. We appropriately restrict access to personal information and implement necessary measures and controls, including physical and supervisory measures, to store and transfer data securely. In addition, we require our employees and contractors to receive ongoing training in the area of information security. However, keep in mind that internet security measures are not impregnable.

7.- ACCESS TO YOUR PERSONAL DATA AND INTERNATIONAL DATA TRANSFERS

The Company may share your personal data to the following categories of recipients, in compliance with and within the limits set forth in applicable law:

• Third-party service providers, to whom the Company entrusts data processing activities, duly designated as processors when required by applicable laws. For example, cloud service providers, other Group entities, IT service providers, experts, consultants and lawyers, among others. You can request a list of our processors at the addresses listed in Section 14 of this Privacy Policy.
• Companies resulting from corporate transactions, such as possible mergers, spin-offs or other transformations.
• Collaborating companies. With your prior consent, the Company may share your personal data with collaborating companies in the media sectors indicated by you – in accordance with Sections 2 and 4 of this Policy, mainly – for the purpose of sending you marketing communications.
• Competent authorities, for the purposes of complying with applicable laws. Your personal data may be transferred to countries within and outside the European Economic Area (“EEA”). Certain non-EEA countries have been recognised by the European Commission as providing an adequate level of data protection, in accordance with EEA standards. The full list of these countries is available on http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm. For transfers from the EEA to countries that are not considered appropriate by the European Commission, we have put in place sufficient measures and appropriate safeguards, designed to protect your personal data and the transfer of your data, all in accordance with applicable data protection regulations, such as the standard contractual clauses adopted by the European Commission, in accordance with the provisions of Articles 45 and 46 of the EU General Data Protection Regulation 679/2016 (“GDPR”). You have the right to request additional information about your personal data by contacting the Company at the addresses indicated in Section 14 of this Privacy Policy.

8.- AGE TO REGISTER ON THE WEBSITE AND ACCOUNT SECURITY

Registration on the Website is limited to users over the age of eighteen (18). An authentication mechanism does not allow the registration of (a) those who do not enter their year of birth with valid characters, who must prove that you are of legal age, and (b) those who do not expressly accept your age of majority. By registering on the Website, you warrant that you are of legal age. All registration information you submit to create an account must be true, accurate, complete, and current. You acknowledge that you will be liable for any damages, direct or indirect, that may arise from any breach of such obligation. If the data provided belongs to a third party, you warrant that you have informed such third party of the aspects contained herein and have obtained their consent to provide the data to the Company for the purposes specified in this Privacy Policy. You are responsible for maintaining the confidentiality of your password and are responsible for the use of your account. Therefore, it is critical that you do not share your password with anyone. You agree not to use the account, username, email address, or password of another member or subscriber at any time. You agree to notify the Company immediately if you suspect unauthorized use of or access to your account or password.

9.- RIGHTS OF DATA SUBJECTS REGARDING THEIR DATA

Through this Privacy Policy, we inform you that you have the right to exercise your rights, free of charge and when you deem it appropriate, as established in current regulations, in relation to:

• Access to your own personal data;• Rectification of inaccurate or incomplete data;• Deletion of your personal data;• Opposition to the processing of your data;• Obtain the restriction of the processing of your data when any of the conditions provided for in the data protection regulations are met; and• Portability of your data.

To exercise the rights mentioned above, you can send your request by email to dpd@arkeero.com or by written communication addressed to Rock Internet, S.L., Calle Barquillo, 8, 2ª izq., 28004 Madrid. 

If you believe that the Company has infringed, or may have infringed, your rights under applicable data protection regulations, you may lodge a complaint with the relevant Supervisory Authority. In Spain, the Supervisory Authority is the Spanish Data Protection Agency (www.aepd.es).

10.- COMMERCIAL COMMUNICATIONS

The content of communications sent by electronic means of communication complies with the regulations established in the GDPR, Organic Law 3/2018, of 5 December, on the Protection of Personal Data and Guarantee of Digital Rights (“LOPDGDD”), and Law 34/2002, of 11 July, on information society services and electronic commerce (“LSSI”). These emails include a link to unsubscribe from our marketing communications, as well as the instructions you should follow, in case you are interested in exercising your data protection rights, in accordance with Section 9 of this Privacy Policy.

11.- DATA SECURITY AND CONFIDENTIALITY

At Ghughu, the security and confidentiality of our users’ data is a priority. We are committed to implementing appropriate technical and organizational measures to ensure the protection of personal information from unauthorized access, alteration, loss, or improper disclosure.

Likewise, the information provided by users will be treated with strict confidentiality and used only for the specific purposes for which it was collected, in accordance with the provisions of our Privacy Policy and the applicable data protection regulations.

For inquiries regarding the products or services offered by Third Party Providers once contracted, users should contact the relevant provider directly, as Ghughu is not responsible for the management or support of such services or products.

On the contrary, any claim, complaint or incident related to the services provided directly by Arkeero must be sent to the company through the contact details indicated in previous sections.

Ghughu urges users to maintain the confidentiality of their login credentials and to report any potential security breaches detected, in order to jointly strengthen the protection of personal data.

12.- DECLARATION OF GOOD PRACTICES

The Company complies with current legislation, in particular with the provisions of the GDPR, the LOPDGDD, the Codes of Good Practice in Data Protection and the LSSI. The Company does not send commercial communications electronically that have not been previously requested or authorized by the User in accordance with current legislation. The Company will terminate agreements with advertising companies or members of the affiliate network that engage in practices contrary to current legislation.

13.- VALIDITY OF THE PRIVACY POLICY

The Company may modify or update this Privacy Policy for any reason, (including, but not limited to, changes in applicable laws and interpretations, decisions, opinions, and instructions related to such applicable law. Please refer to the Effective Date at the top of this Privacy Policy to check when it was last revised. Any change to the Privacy Policy will be notified, sufficiently in advance, by posting the updated Privacy Policy on the Website. Material changes to this Privacy Policy, which alter the nature of the processing or extend our rights to use your personal data collected by us, will be notified in advance and we will give you a choice regarding our future use of such personal data, in accordance with applicable law.

14.- APPOINTMENT OF DPO. CONTACT US

The company has appointed a data protection officer (DPO). If you have any questions regarding this Privacy Policy, please contact us at the following addresses:

• Email address: dpd@arkeero.com
• Postal address: Rock Internet, S.L., Calle Barquillo, 8 planta 2ª izq., 28004 Madrid, Spain.