Here you can find all the details of our privacy policy regarding the data you provide us through the services available on this website.
1. Our main premises regarding user privacy and data protection
2. Data controller
3. Purpose
3.1 What purpose do we process your personal data for?
At Enginyeria de Software S.A. (Engisoft), we process the information provided by interested individuals for the purpose of:
3.1.1 Site visitation Tracking (Google Analytics)
Like most websites, we use Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site and to understand how they find and use our site’s sections.
Although GA records data such as geographical location, device, internet browser, and operating system, this information is not used by Enginyeria de Software S.A. for profiling or any other processing. We are not able to use this data to personally identify the user. GA also saves the user’s IP address, which could be used to personally identify them, but Google does not give us access to this.
At Enginyeria de Software S.A., we consider GA as a third-party data processor (see Section 5).
GA uses cookies, which are specified in Google’s developer guidelines. Disabling the use of these cookies in the user’s browser will stop tracking of any part of their visit to the pages of this website.
3.1.2 Managing the sending of requested information
The request for information or resolution of doubts must be made through the forms provided for this purpose: contact form.
The data will be received in an email account of Enginyeria de Software S.A. and will be stored, being able to be used to facilitate a response to the inquiries made, information about services, quotes, and/or commercial actions. These emails and the contained data will not be transferred to third parties.
NOTE: As a user, avoid entering personal or sensitive data in the text field, as it is not intended for that purpose and Enginyeria de Software S.A. does not have the means to verify them in that regard.
3.1.3 Engisoft Status – SorryTM
We use the automated communications service —Engisoft Status— through which it is possible to be informed at all times of incidents, actions, updates, and other notices. As a user, there is the possibility of subscribing to the notification tool by providing only the email address. Engisoft will store these emails on a list of the MailChimp service, as well as on the SorryTM service itself, which will act in this regard as data processors. These emails will not be used for any purpose other than the communications published in the Engisoft Status tool.
3.1.4 Facebook Pixel
Facebook pixels are small programs that appear as virtually invisible “dots” the size of a pixel on our website, creating a link between your visit to our site and Facebook. When the pixel loads, Facebook places a cookie called “fr” on your computer, allowing for more personalized ads, as well as evaluating and improving ads based on your browsing pattern. This is important to us because it enables us to identify which options on our website are of interest to our visitors and which are not as much. This cookie has a duration of 90 days. You can find more information about Facebook cookies at: https://www.facebook.com/policies/cookies/. Please note that once the “fr” cookie is placed, Facebook may track your browsing pattern on other websites that have implemented a Facebook pixel or social plugin. You can opt out of tracking by not being logged into Facebook, browsing in a private session, or adjusting your ad settings on Facebook.
3.1.5 Tawk.to
We use the Tawk.to service to facilitate visitor support on our website through a live chat tool. This service allows users to engage in direct conversation with one of our sales representatives to clarify any doubts they may have during their website visit.
This registration does not require any personal data from the user to initiate the conversation, but it does require certain third-party cookies to enable tracking of the inquiry, which will be installed in the browser of the interested party if accepted. In the event that during the conversation either party requires more specific information, the representative may request contact details that the user may or may not voluntarily provide through the chat.
Tawk.to states in its privacy policy compliance with the GDPR regulations on the processing of personal data, as well as equivalent international regulations.
3.1.6 Mautic
Through the Mautic service, we can collect personal data for the purpose of segmenting the potential interests of website visitors and subsequently customizing possible future commercial or marketing actions. These personal data will only be recorded if the visitor to the page accepts the cookies of this service, which would be stored in their web browser.
Mautic commits, according to its privacy policy and compliance with GDPR regulations on the processing of personal data, to take special care in the treatment and storage of such data.
3.2 How long will we keep your data?
The provided personal data will be kept until their suspension is requested by the interested party, exercising their rights over the data.
3.3 If you are under 18 years old
The use of forms on our website is not permitted for individuals under 18 years old, as our services are specifically aimed at companies and businesses.
4. Legitimation
In accordance with our business and our computer systems, this website is designed to comply with the following national and international laws regarding data protection and user privacy:
EU General Data Protection Regulation 2018 (GDPR) EU 2016/679
Compliance of this website with the aforementioned legislation implies that it is likely also compatible with data protection laws and user privacy legislation established by many other countries and territories. If you are unsure whether this site complies with the specific data protection and user privacy legislation of your country of residence, you should contact our data protection and privacy officer (details in section 2) for relevant clarifications.
5. Recipients
We use a third-party service (Amazon Web Services, Inc. through its subsidiaries and branches in the European Union) for data processing or storage on our behalf. This third-party service acts as a data processor in these cases.
The service has been carefully chosen by Enginyeria de Software S.A. based on its level of maturity in complying with the standards specified in section 4. The service used is located in the USA and currently complies with the EU-US Privacy Shield agreement.
Others:
Google Analytics – Privacy policy – : See details in section 3, subsection 3.1.1 and in our cookie policies.
SorryTM – Privacy Policy – : See details in section 3, subsection 3.1.3
Mailchimp – Privacy Policy – : See details in section 3, subsection 3.1.3
Tawk.to – Privacy Policy
Mautic – Privacy Policy and GDPR Compliance for Mautic Inc.
6. Rights
6.1 What are your rights when you provice us with your data?
Any individual has the right to obtain confirmation as to whether Enginyeria de Software S.A. is processing personal data concerning them or not.
Interested parties have the right to access their personal data, as well as to request the rectification of inaccurate data or, where appropriate, request their deletion when, among other reasons, the data are no longer necessary for the purposes for which they were collected.
Under certain circumstances, data subjects may request the restriction of the processing of their data, in which case we will only retain them for the exercise or defense of claims.
Under certain circumstances and for reasons related to their particular situation, data subjects may object to the processing of their data. Enginyeria de Software S.A. will cease processing the data, except for compelling legitimate reasons, or the exercise or defense of potential claims.
6.2 How can you contact us to exercise your rights?
There are several contact methods for a user to exercise their rights regarding the processing of their personal data by Enginyeria de Software S.A. A request can be made in writing, in person, or via email to incidenciascloud@engisoft.com, attaching the corresponding form:
AEPD (Spanish Data Protection Agency) APDCAT (Catalan Data Protection Authority) Rights Request
Access to personal data request PDF PDF
Rectification of personal data request PDF PDF
Cancellation of personal data request PDF PDF
Exercise of the right to object to the processing of personal data request PDF PDF
A request for the exercise of Access, Rectification, Cancellation, or Objection (ARCO) rights can also be made through the contact form provided by Enginyeria de Software S.A. for interested parties: form. In order to exercise Access, Rectification, Cancellation, or Objection (ARCO) rights, the interested party contacting Enginyeria de Software S.A. must be able to prove their identity so that the data controller can verify it according to the stored data. As data controllers for the data provided in forms on this website, Enginyeria de Software S.A. will inform the interested party about the actions resulting from their request within a maximum period of one month (which may be extended by two more months in case of particularly complex requests, with notification of this extension within the first month).
7. Origin
All data is collected directly from the website and always after the individual provides it through the forms enabled for such use. They are not acquired by any other means.
The cookie policy used by the site is detailed at the following link and will only be stored in the browser after explicit consent has been received from the user (never by default or browsing). The cookie logging level can be adjusted at any time by the user through the tool provided by the website itself.
8. Security breaches
9. Security measures
In accordance with the provisions of the current regulations on personal data protection, the CONTROLLER is complying with all the provisions of the regulations for the processing of personal data under its responsibility, and notably with the principles set out in Article 5 of the GDPR, by which they are processed lawfully, fairly, and transparently in relation to the data subject and are adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.
The CONTROLLER ensures that appropriate technical and organizational policies have been implemented to apply the security measures established by the GDPR in order to protect the rights and freedoms of the Users and has provided them with the necessary information to enable them to exercise those rights.
10. Change log
V. 1.0.1 – Adaptation to GDPR of the information regarding our privacy policy.
V. 1.0.2 – [10-10-2018] – Inclusion of information about Facebook Pixel.
Your technological partner
