- DATA CONTROLLER
For clients of Kantox European Union S.L: The Data Controller will be Kantox European Union SL, a company incorporated in Spain and identified with CIF number B67369371 and with registered office at Torre Mapfre, Planta 22, Marina, 16-18, 08005 Barcelona, Spain. The company is duly authorised by the Bank of Spain, with registration number 6890.
For customers of Kantox Limited: The Data Controller will be Kantox Limited, a company incorporated in the United Kingdom and identified by registration number 07657495 and having its registered office at 8 Devonshire Square, London, EC2M 4PL, United Kingdom. The company is duly authorised by the UK Financial Conduct Authority (FCA) as a payment institution under number FRN 580343 and is registered with HM Revenue & Customs as a money services business under number 12641987.
Both companies are hereinafter referred to as ‘Kantox’.
At Kantox, we recognise the importance of protecting your personal information and are committed to treating it responsibly and in accordance with the provisions of REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 and the UK GDPR (“GDPR”) on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the UK Data Protection Act 2018.
- PURPOSE OF THE DATA COLLECTED AND BASIS FOR LEGITIMISATION
The data we request from you in the various forms on our website are adequate, relevant and strictly necessary for:
- To deal with the request or request made by the user through the contact form located on the website. We collect and process the user’s personal data in order to process and manage their request, query or any other request made through this form.
- Manage experiences or opinions regarding products and/or services through user testimonials that will be published on the website and thus be able to help other users.
- Manage your request to book a meeting to learn about our products and services.
- Send newsletters and bulletins about Kantox products.
- Send surveys about customer experience related to our products/services
The basis of legitimacy of the data processing is the performance of the contractual relationship between user and Kantox in order to improve the quality of the services.
- Manage the CV sent by the interested party through the form provided for this purpose and include it in the company’s database of candidates.
Any other information or data you choose to share with us.
The mandatory data are specified in the forms themselves, and your refusal to provide them will mean that we will not be able to process your request. You also assure us that all the data provided are true, accurate and relevant to the purpose for which they are requested. It is important that in order for us to keep the personal data updated, the user informs us whenever there has been any modification in them, otherwise, we are not responsible for the veracity of them. Kantox will not be responsible for the non-execution of a payment if the information provided by the user is incorrect. Kantox will not be responsible for errors, mistakes or information that is not properly updated.
The user guarantees that the personal data provided are truthful, guaranteeing that all the information provided corresponds to the real situation, that it is up to date and accurate, being obliged to communicate any modification.
- USE OF THE KANTOX PLATFORM
Users are responsible for the adequate custody and confidentiality of any individual and/or passwords that they have selected in the registration from, and they undertake not to assign their use to third parties, or to allow their access to third parties. You must treat log-in details as confidential and must take all reasonable steps to keep them safe (which includes not sharing them with anyone else or allowing anyone else to use them). The log-in details are personal and cannot be assigned, transferred or used by any individual other than the Authorised Users. You must let us know immediately by telephone or email of any actual or threatened unauthorised use of log-in details or other actual or potential security breach of which you become aware.
- RETENTION OF YOUR PERSONAL DATA
The processing of the data for the purposes described will be maintained for the time necessary to fulfil the purpose of its collection and/or until you revoke your consent, without prejudice to compliance with the legal obligations arising from the processing of the data and when necessary for the formulation, exercise or defence of potential claims, provided that this is permitted by the applicable legislation. For further information, please contact us at firstname.lastname@example.org.
- SHARING OF YOUR DATA WITH THIRD PARTIES
The data processed by Kantox is hosted in the EU and processed within the EU or in the third country that the European Commission deems to offer an adequate level of security, or by service providers that have entered into binding agreements that fully comply with the law on transfers to third countries. In this regard, your data will be stored in the EU-West1 region of Amazon Web Services (AWS), more specifically in Ireland.
Other recipients of your data may include government agencies and administrations, to the extent that we are legally obliged to do so, and service companies, such as tax consultants or lawyers.
Kantox endeavours to ensure the security of personal data when it is sent outside the company and ensures that third party service providers respect confidentiality and have appropriate measures in place to protect personal data. These third parties are obliged to ensure that the information is handled in accordance with data privacy regulations.
- INTERNATIONAL DATA TRANSFER
The personal data that we process in the context of our processing systems and website may be stored in countries outside the European Economic Area (EEA).
Where we transfer your personal data outside the European Economic Area, we will comply with applicable data protection laws. These are some of the mechanisms we may use when transferring your personal data internationally:
-The transfer of your personal data is to a country that is officially recognised by the European Commission as ensuring an adequate level of protection for personal data.
-We reserve the right to use specific contracts approved by the European Commission that give personal data the same protection as they enjoy in Europe (so-called EU standard clauses).
- EXERCISE OF RIGHTS AND HOW YOU CAN EXERCISE THEM
You can address your communications and exercise your rights by sending a request to the following e-mail address: email@example.com
Under the UK and EU GDPR, you have certain rights when it comes to the processing of your personal data:
- Right to be informed: You have the right to receive clear, transparent and easily understandable information about how we use your personal data and your rights.
- Right of access: You have the right to obtain access to your personal data.
- Right of rectification: You have the right to have your personal data rectified if it is inaccurate or incomplete.
- Right of erasure: this right allows you to request the erasure or deletion of your personal data where there is no compelling reason for us to continue to use it. This is not an absolute right of erasure and exceptions apply.
- Right to restrict processing: You have the right to “block” or delete further use of your personal data. When processing is restricted, we may continue to store your personal data, but we may no longer use it.
- Right to data portability: You have the right to obtain and re-use your personal data for your own purposes in different services.
- Right to object to processing: You have the right to object to certain types of processing.
- Right not to be subject to an automated decision: You have the right not to be subject to a decision based solely on automated processing (including profiling) that produces legal (or similarly important) effects for you.
In some cases, the request may be refused if you ask for the deletion of data necessary for compliance with legal obligations.
If you feel that your rights have not been properly addressed, you have the right to lodge a complaint with:
For customers of Kantox Limited: You can lodge a complaint with the Information Comissioner Officer at https://ico.org.uk/.
For customers of Kantox European Union S.L.: You can lodge a complaint with the Spanish Data Protection Agency at www.aepd.es.
We would appreciate the chance to address your concern directly, prior to submitting it to the above mentioned supervisory authority. This is not a requirement, and you may go directly to the authority.
- RESPONSIBLE FOR THE ACCURACY AND VERACITY OF THE DATA PROVIDED
The user is solely responsible for the veracity and correctness of the data included, exonerating Kantox of any responsibility in this regard. Users guarantee and are responsible, in any case, for the accuracy, validity and authenticity of the personal data provided, and undertake to keep them duly updated. The user undertakes to provide complete and correct information in the registration or subscription form. Kantox reserves the right to terminate the services contracted with the users in the event that the data provided is false, incomplete, inaccurate or not up to date.
Kantox is not responsible for the veracity of the information that is not of its own elaboration and of which its origin is indicated from another source, so it does not assume any responsibility regarding hypothetical damages that could originate from the use of this information.
Kantox reserves the right to update, modify or delete the information contained in its web pages and may limit or deny access to this information.
- PROCESSING OF PERSONAL DATA OF MINORS
Anyone who provides data through the forms on this website and accepts its processing declares that they are over 14 years of age, and access to and use of the portal by minors under that age is prohibited. If at any time, the Data Controller detects that a minor under 14 years of age has provided personal data, we will proceed to the cancellation of the same.
Likewise, parents or guardians may in any case contact Kantox to block the access account of minors in their care who have registered by falsifying their identity.
- SOCIAL NETWORKS
- SECURITY MEASURES IMPLEMENTED TO PROTECT YOUR PERSONAL DATA
Kantox has adopted the legally required levels of security for the protection of personal data, and tries to install those additional technical means and measures within its reach to avoid the loss, misuse, alteration, unauthorised access and theft of the personal data provided to Kantox.
Kantox is not responsible for any hypothetical damages that may derive from interferences, omissions, interruptions, computer viruses, telephone breakdowns or disconnections in the operative functioning of this electronic system, caused by causes beyond the control of Kantox, delays or blockages in the use of this electronic system caused by deficiencies or overloads of telephone lines or overloads in the Data Processing Centre, in the Internet system or in other electronic systems, as well as damages that may be caused by third parties through illegitimate intromissions beyond the control of Kantox. However, the user must be aware that security measures on the Internet are not impregnable.
- LINKS TO OTHER WEBSITES