The data subject is responsible for the accuracy of the information provided to EJA, as well for updating it.
It is also responsible for any damage or harm that may arise as a result of the data provided being false, inaccurate or not updated.
1. Responsibility for the processing of personal data
Estudio Jurídico Almagro, S.L.P. (CIF B-80232473), with registered office in Paseo de la Castellana, 151 bis, 28046 Madrid, Spain (e-mail: firstname.lastname@example.org) is the entity responsible for the collection, gathering and processing of personal data for the purposes set forth below.
2. Purpose of processing of personal data
EJA will only request the essential information at each moment to fulfil the following purposes (as the case may be):
- The monitoring, execution and fulfilment of contractual relationships with clients and/or suppliers and/or contractors, whether potential or current.
- Fee quote/estimate proposals or any other information or offer about EJA’s services.
- The selection or hiring of candidates for jobs as associate, partner or employee.
- If you expressly consent, to send newsletters or EJA service offers that may be of interest to your customers or contacts, such as the launching of any new services.
- Compliance with legal obligations that correspond to EJA by legal mandate, such as those related to the prevention of money laundering or tax regulations.
3. Conservation of personal data
The time during which personal data are stored and maintained will vary according to the purpose applicable in each case (of those mentioned), provided that there is mutual interest in it.
4. Legitimacy and lawful basis
In some cases, it will arise from the need to comply with a legal obligation, such as information related to the prevention of money laundering and terrorism or compliance with tax obligations.
In other cases, it will originate from a legitimate interest of EJA, such as being able to contact the counterparties in a lawsuit, in a contractual negotiation, their lawyers, etc.
In all other cases the legitimacy will arise from the consent of the owner of the data, (to be) issued through the different means through which their data is collected, according to the legislation in force (verbally or in writing).
Actions such as requesting EJA services, receiving them, completing contact forms or offering or providing the products or services of the data subject, as well as sending CVs in the course of selection processes (in progress or potential), will be considered by themselves as an expression of prior and express acceptance of the processing of the corresponding data.
Failure by the data subject to provide personal data when so requested, in the corresponding forms or verbally, will prevent EJA from taking it into consideration for any of the mentioned purposes.
5. Right of access, rectification, erasure, objection and restriction of the processing and portability of personal data
The owner is guaranteed, at any time, the right to access his personal data, as well as his rights of rectification, erasure, portability, restriction and / or objection to processing – in which case, the data subject may exercise any of these rights in writing at the registered office or through e-mail address: email@example.com
In addition, the owner can submit any claims that he may deem fit with the competent supervisory authority, in this case the Spanish Agency for Data Protection (“Agencia Española de Protección de Datos”), which admits complaints from those persons who consider that their rights in terms of data protection have been breached.
However, EJA recommends that, prior to any claim, any such persons contact our office directly, communicating the content of their complaint, so that it can be immediately resolved, through the following email address: firstname.lastname@example.org
6. Recipients and data transfers
In principle EJA will not communicate subjects’ data to any third parties except in the following cases:
- In the fulfilment of its legal obligations relating to the provision of its services, administrative, fiscal, judicial, etc. obligations may require the communication of some data, recipients being those public administrations, courts and government agencies to which wit must communicate your information in compliance with the aforementioned obligations.
- For the reception of certain services related to EJA’s sector of activity (for example court agents, translators, notaries, computer services, etc.) it is possible that EJA has to communicate certain personal data to other providers of external legal, consulting, technical or computer, etc. services, in which case the access will be limited in time and restricted to the necessary contents.
- The data can also be transmitted to other companies owned by EJA or its partners carrying out activities complementary or similar to those of EJA, for the purpose of offering you services provided by those companies which can be of interest to the data subject.
In the legally contemplated cases, the transfer will be reflected in the corresponding data processing contract with the processor or controller, with the legally established content. In such cases of transfer or external processing, EJA will continue to be the controller of the personal data.
When necessary, and in the context of third-party subcontracting by EJA, personal data may have be transferred to other countries (within or outside the European Union) under the terms and conditions allowed by applicable law, in particular as regards appropriate safeguards.
7. Security in the processing of personal data
Personal data will be processed and stored in digital form and/or on paper.
EJA applies the necessary security measures (in accordance with applicable legislation) to avoid any alteration, loss, or unauthorized processing of or access to personal data, taking into consideration at all times the state-of-the-art.
In any case, the data subject must be aware that IT security measures are not infallible or inviolable.
EJA’s emails and attachments contain confidential information and are intended only for their addressees. If they are received by anyone who is not their named addressee, the latter should not disseminate, distribute, disclose, publish or copy such emails or their contents, and then proceed to notify the sender immediately by email that they have received the email by mistake and delete such email from their system as well.
Computer viruses can be transmitted via emails. Although EJA has taken reasonable precautions recipient should check by their own means all emails and any attachments for the presence of viruses.
8. Right to be forgotten
The holder of the personal data has the right to demand the erasure of data from the data controller (in this case EJA), in which case EJA will be obliged to delete it, when one of the following reasons occurs: ( i) the data is no longer necessary for the purpose for which it was obtained or processed; (ii) the owner revokes his consent (i.e. where consent was the lawful basis for processing) or (iii) the data subject objects to the processing and other legitimate interests that justify their preservation do not predominate.
The version published on EJA’s website from time to time will be the then valid version.