1. DATA CONTROLLER INFORMATION

Company Name: GFS Consulting Group (hereinafter referred to as the “Company” or the “Controller”)
CIF: B13306428
Address: Paseo de la Castellana, 141 – 28046 (Madrid)
Phone: +34 902 120 567
Email for Data Protection Communications: info@kreatum.es

1.1. Applicable Regulations

Our Privacy Policy has been designed in accordance with the EU General Data Protection Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016, concerning the protection of natural persons with regard to the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), as well as Organic Law 3/2018 of December 5, on the Protection of Personal Data and Guarantee of Digital Rights.

By providing us with your data, you declare that you have read and understood this Privacy Policy, giving your unequivocal and express consent to the processing of your personal data in accordance with the purposes and terms expressed herein.

The Company reserves the right to modify this Privacy Policy to adapt it to new legislative, jurisprudential, or interpretative developments by the Spanish Data Protection Agency. These privacy conditions may be supplemented by the Legal Notice, Cookie Policy, and General Conditions that, where applicable, are provided for certain products or services, if such access involves any particularity in terms of personal data protection.

1.2. Data Protection Officer

There is no Data Protection Officer appointed.

2. PURPOSE OF PERSONAL DATA PROCESSING

The processing of your personal data is carried out for the following purposes:

To provide you with information related to the products and services offered by our company and detailed on this website.

To facilitate the contracting of our services through the acceptance of the corresponding estimate/order and/or the signing of a commercial contract.

To send you news and updates about our entity via email and/or postal mail, as well as updates to our product and service catalog.

2.1. Data Retention Period

We will retain your personal data from the moment you provide consent until you revoke it or request the limitation of processing. In such cases, we will keep your data blocked for the legally required periods.

3.LEGITIMACY AND DATA COLLECTED

The legitimacy for processing your data is the express consent you provide through a positive and affirmative act (completing the relevant form and checking the acceptance box of this policy) at the time you provide your personal data.

3.1. Consent to Process Your Data

By completing the forms, checking the “I accept the Privacy Policy” box, and clicking to send the data, or by sending emails to the Company through the designated accounts, the User acknowledges having read and expressly accepted this privacy policy and provides their unequivocal and express consent to the processing of their personal data according to the stated purposes.

3.2. Categories of Data

The data collected pertains to the category of identifying information, which may include: Name and Surname, Phone Number, Postal Address, Company, Email Address, as well as the IP address from which the data collection form is accessed.

4. SECURITY MEASURES

As part of our commitment to ensuring the security and confidentiality of your personal data, we inform you that we have adopted the necessary technical and organizational measures to guarantee the security of personal data and to prevent their alteration, loss, processing, or unauthorized access, considering the state of technology, the nature of the data stored, and the risks to which they are exposed, in accordance with Article 32 of the EU GDPR 679/2016.

5. DATA SHARING

No data transfers or international transfers of your data are foreseen, except those authorized by tax, commercial, and telecommunications legislation, or in cases where a judicial authority requires it.

6. USER RIGHTS

Any interested party has the right to obtain confirmation as to whether we are processing personal data concerning them. Interested persons have the right to access their personal data, as well as to request the rectification of inaccurate data or, where applicable, to request its deletion when, among other reasons, the data is no longer necessary for the purposes for which it was collected. Under certain circumstances, interested parties may request the limitation of the processing of their data, in which case we will only retain them for the exercise or defense of claims. For reasons related to their particular situation, interested parties may oppose the processing of their data. The data controller will cease processing the data unless there are compelling legitimate grounds, or the exercise or defense of possible claims.

In accordance with the current legislation, you have the following rights: the right to request access to your personal data, the right to request its rectification or deletion, the right to request the limitation of its processing, the right to object to the processing, the right to data portability, and the right to withdraw the consent given. You also have the right to file a complaint with the Spanish Data Protection Agency.

6.1. How to Exercise My Rights

To exercise your rights, you must contact the controller, requesting the appropriate form for exercising the chosen right. Alternatively, you may contact the competent Supervisory Authority for additional information about your rights. The contact details for exercising your rights are the phone number —- and the email address: —-. Remember to include a copy of a document that allows us to identify you.

7. CONSENT FOR ELECTRONIC COMMUNICATIONS

In accordance with the provisions of Law 34/2002 of July 11, on Information Society Services and Electronic Commerce, by completing the data collection form and checking the corresponding “I accept the sending of electronic communications” box, you are giving your express consent to receive information from the Company via email, phone, fax, or other electronic means.