The data may be communicated to the following third party recipients: Public Administrations for the fulfillment of legal obligations and banking entities for the management of collections and payments. They may also communicate to the following categories of managers: providers of electronic communications, office, hosting, housing, computer maintenance, management, accounting, auditing, advice and legal representation. These managers may be located in the USA, having signed with them standard data protection clauses adopted by the European Commission or by a control authority.
Likewise, in the processing of the User's data whose legitimacy is based on the consent given by the User, the User has the right to withdraw such consent at any time, without affecting the legality of the processing based on the consent prior to its withdrawal.
For the exercise of such rights, the user can send their request to Parque Tecnológico y Logístico de Valladares, Calle C Nave C4, 36315, Vigo (Spain), or to the email address firstname.lastname@example.org SYNTELIX has appointed a Data protection officer who can be relied on through email@example.com, or by directing your request to Parque Tecnológico y Logístico de Valladares, Calle C Nave C4, 36315, Vigo (Spain),, to their attention.
In any case, the User has the right to file a claim with the relevant supervisory authority if they consider it appropriate.
All CUSTOMERS are informed that SYNTELIX will be considered responsible for the treatment of those whose personal data is uploaded to SYNTELIX’s software and to which SYNTELIX will have access to during the provision of the services offered.
In this sense, it is mandatory for SYNTELIX to:
a) Treat personal data only following instructions from the CLIENT for the achievement of the service, including with respect to transfers of personal data, unless it is obliged to do so under Union or Member State law; in such case, SYNTELIX will inform Users of this legal requirement prior to treatment, unless such Law prohibits it for important reasons of public interest;
b) Guarantee that the persons authorised to process personal data have committed to respect confidentiality or are subject to a statutory obligation of confidentiality;
c) Take all necessary measures in accordance with article 32 of the General Data Protection Regulation;
d) Do not subcontract the data processing to other managers, without the prior authorisation of the CLIENT. When SYNTELIX resorts to another manager to carry out certain treatment activities on behalf of the CLIENT, it will impose on this other manager, by contract, the same data protection obligations as those stipulated in this clause. If that other manager fails to comply with his data protection obligations, SYNTELIX will remain fully responsible to the CLIENT for compliance with the obligations of the other manager. In any case, the data may be communicated to the following third-party recipients: Public Administrations for the fulfillment of legal obligations.They may also communicate to the following categories of managers: Providers of electronic communications and online office automation, hosting, SaaS services such as CRM / ERP, management, accounting, auditing and lawyers.
e) Assist Users, taking into account the nature of the treatment, through appropriate technical and organisational measures, whenever possible, so that it can fulfill its obligation to respond to requests that are intended to exercise the rights of the interested. In this case, SYNTELIX must communicate it by email to the contact address of the Users. The communication must be made immediately and in no case beyond the working day following the reception of the request, together, where appropriate, with the information that may be relevant to meet the request.
f) Help Users to guarantee compliance with the obligations established in articles 32 to 36 of the Regulation, taking into account the nature of the treatment and the information available to the person in charge;
g) Unless Users indicate otherwise, delete all personal data once the provision of the Services ends, as well as delete existing copies, unless the preservation of personal data is required under the law;
h) Make available to Users all the information necessary to demonstrate compliance with the obligations established in Article 28 of the General Data Protection Regulation, as well as to allow and contribute to the conduct of audits, including inspections, by the Users or another auditor authorised by him;
i) Immediately inform Users if, in the opinion of SYNTELIX, an instruction violates the General Data Protection Regulation or other provisions on data protection of the Union or the Member States;
j) Comply with any other obligation that corresponds to it in accordance with current data protection regulations.
k) Notify Users, without undue delay and, in any case, before the maximum period of 48 hours, through the same email, of any violation of the security of personal data of which they are aware, together with all relevant information for the documentation, resolution and communication of the incident.
The Users undertake to respect all the legislation and regulations that may be applicable to them, facing the responsibility that derives from their breach of said legislation and regulations, and must leave SYNTELIX harmless from any damages that may derive from said breach. Specifically, Users must deliver or allow SYNTELIX access to data in order to provide services; Carry out an evaluation of the impact on the protection of personal data of the treatment activities to be carried out by SYNTELIX, when appropriate; Make the appropriate prior consultations; Ensure, prior to and throughout the treatment, compliance with the Regulation by SYNTELIX; Supervise the treatment, including carrying out inspections and audits.
The processing of personal data will be carried out solely and exclusively for the purposes of providing the services. The relationship will be governed by Spanish law and if there is any controversy it will be resolved in the courts of Vigo.