Cyberclick Privacy Policy

1. Data controller

The data controller of the data collected through this Website is CYBERCLICK AGENT, S.L. (hereinafter, "CYBERCLICK") with address at Moll de Barcelona, s/n, World Trade Center Edificio Norte 2nd floor, 08039 - Barcelona and e-mail dpo@cyberclick.net.

 

2. Purposes

The personal data of the User of this Website will be processed for the following purposes, as appropriate:

  • Access to contents available on this Website, either for downloading materials or for the registration and management of webinars/courses. The data processed for this purpose will be stored until the revocation of the consent given and, after that, for the periods of conservation and prescription of responsibilities legally provided for. The legal basis for the processing is the consent of the user expressed through the means made available to him/her on this Website.

  • To keep the user informed, including by electronic means, about CYBERCLICK’s products, services, and news. The data processed for this purpose will be stored until the revocation of the consent given for the receipt of such communications and, thereafter, during the periods of conservation and prescription of responsibilities provided by law. The legal basis for the processing is the user's consent expressed during registration for a course/webinar or downloading of content. 

The data subject knows and accepts that his/her registration for a webinar/course or the downloading of materials from this Website is conditional upon acceptance of the above purposes, i.e. registration or downloading and receipt of information from Cyberclick. In case of not accepting such conditions, the user must refrain from registering for courses/webinars or downloading materials. 

 

  • To attend to requests for information and/or queries made by the user. The data processed for this purpose will be stored until the request for information and/or query has been answered and, after that, for the legally stipulated periods of conservation and prescription of responsibilities. The legal basis for the processing is: a) the consent of the User in the event that he/she uses the contact form on this Website; or b) the legitimate interest of CYBERCLICK in responding to the User in the event that he/she does not use the said form (sending spontaneous e-mails, telephone calls, sending written requests by postal mail).

  • Management of applications for job offers published on the website. The data processed for this purpose will be stored until the end of the selection process, after which, if the candidate is not selected, the data will be deleted. The legal basis for the processing is the application of pre-contractual measures.

  • Management of spontaneous applications received through the website. The data processed for this purpose will be stored for a maximum period of two years from their receipt and, after that, for the legally stipulated periods of conservation and prescription of responsibilities. The legal basis for the processing is the consent of the data subject expressed through the Website.

  • To keep the resumes of candidates after the end of the selection processes. The data processed for this purpose will be kept for a maximum period of two years from receipt and, after that, for the legally stipulated periods of conservation and prescription of responsibilities. The legal basis for the processing is the consent of the data subject expressed through the Website.

  • Subscription to the newsletter through the form provided for this purpose. The data processed for this purpose will be stored until the revocation of the consent given for the receipt of such communications and, thereafter, during the periods of conservation and prescription of responsibilities provided by law. The legal basis for the processing is the consent of the User expressed through the channels made available to him/her on this Website.

  • To enable the publication of comments by users in the different entries of the blog. The data processed for this purpose will be retained until such time as the user withdraws his consent given for the publication of such comments and, thereafter, for the periods of conservation and prescription of responsibilities provided by law. The legal basis for the processing is the user's consent.

  • Management of the whistleblower channel. The personal data received will be processed exclusively to analyze and investigate the facts reported and, where necessary, to take the appropriate disciplinary measures.

The data will be stored in the whistleblower channel only for the time necessary to decide whether to initiate an investigation into the reported facts; in any case, if three months have elapsed since the receipt of the communication without any investigation having been initiated, the data must be deleted, unless the purpose of storage is to leave evidence of the functioning of the whistleblower channel. Communications that have not been followed up may only be recorded in anonymized form, without the obligation to block them being applicable. If, after the three-month period has expired, it is necessary to keep the data in order to continue the investigation, they may continue to be processed in a different environment by the CYBERCLICK body responsible for the investigation.

The legal basis for carrying out such processing is the fulfillment of a mission carried out in the public interest under the provisions of Article 30.2 of Law 2/2023, of February 20, regulating the protection of persons who report regulatory violations and the fight against corruption.

In addition, in the event that you provide us with any data considered special category, its processing will be covered by Article 9.2.g) of the GDPR, as the processing is necessary for reasons of essential public interest.

We inform of the existence of the external whistleblowing channel of the Independent Authority for the Protection of the Informant, which may be aware of information affecting the General State Administration and entities that make up the state public sector; the rest of the public sector entities, constitutional bodies and bodies of constitutional relevance; entities that make up the private sector, when the infringement or breach on which the report affects or produces its effects in the territorial scope of more than one Autonomous Community. Each Autonomous Community may designate an independent authority to know about information affecting the autonomous and local public sector in its respective territory; autonomous institutions and entities forming part of the private sector, when the non-compliance reported is limited to the territorial scope of the corresponding autonomous community.

In addition, the informant may also address the institutions, bodies or agencies of the European Union.

 

3. Recipients

CYBERCLICK may communicate the data to Public Administrations for the fulfillment of legal obligations; to State Security Forces and Corps and/or the Courts and Tribunals that require them in the framework of an investigation, instruction or procedure. It may also communicate the data to the following categories of data processors: Providers of electronic communications, office automation, hosting, housing, computer maintenance, management, accounting, auditing, consulting and legal representation. Some of these data processors may be located outside the European Economic Area, in which case CYBERCLICK will have adopted the appropriate data protection safeguards in advance.

 

4. Rights

The data subjects may exercise their rights of access, rectification, erasure, restriction of processing, data portability, right to object and the right not to be subject to a decision based solely on automated processing, as well as withdraw their consent at any time without affecting the lawfulness of the processing prior to its withdrawal, by sending their request to CYBERCLICK (ATTN: DPO), Moll de Barcelona, s/n, World Trade Center Edificio Norte 2nd floor, 08039 - Barcelona; or to the e-mail address dpo@cyberclick.net. In any case, the data subjects have the right to lodge a complaint with the corresponding supervisory authority if they deem it appropriate.
 
CYBERCLICK has appointed a Data Protection Officer who can be contacted through the aforementioned means.