iSencia

// legal_center.md

> Legal Center

iSencia, S.L. · NIF: B62436845 · Mataró, Barcelona

Legal Notice

Social Media Policy

Cookie Policy

ISMS Security Policy

// INDEX

Download PDF

01. Legal Notice

### SPANISH LAW ON INFORMATION SOCIETY SERVICES (LSSI)

ISENCIA, S.L., as the party responsible for the website, hereinafter the website MANAGER, makes this document available to its users, for the purpose of complying with the obligations set out in Law 34/2002, of 11 July, on Information Society and Electronic Commerce Services (LSSICE), BOE No. 166, and also to inform all users of the website of its conditions of use. Any person accessing this website assumes the role of user, and undertakes to observe and comply strictly with the provisions herein, and with any other legal provision that might apply. ISENCIA, S.L. reserves the right to modify any type of information that might appear on the website, with no obligation to provide advance notice or make users aware of said obligations; it shall be understood that the mere fact that it is published on the ISENCIA, S.L., website is sufficient.

### 1. IDENTIFICATION DETAILS

Domain name: isencia.com

Company name: ISENCIA, S.L.

NIF: B62436845

Registered office: C/ Pablo Iglesias, 63 - Edifici de Vidre, local 7, 1r - 08302 Mataró (Barcelona)

Telephone: 937540366

E-mail: info@isencia.com

Registered in: Registre Mercantil de Barcelona, Tomo 33135, Folio 109, Hoja B223737, Inscripción 1

Domain name: isencia.com

Company name: ISENCIA, S.L.

NIF: B62436845

Registered office: C/ Pablo Iglesias, 63 - Edifici de Vidre, local 7, 1r - 08302 Mataró (Barcelona)

Telephone: 937540366

E-mail: info@isencia.com

Registered in: Registre Mercantil de Barcelona, Tomo 33135, Folio 109, Hoja B223737, Inscripción 1

Domain name: isencia.com

Company name: ISENCIA, S.L.

NIF: B62436845

Registered office: C/ Pablo Iglesias, 63 - Edifici de Vidre, local 7, 1r - 08302 Mataró (Barcelona)

Telephone: 937540366

E-mail: info@isencia.com

Registered in: Registre Mercantil de Barcelona, Tomo 33135, Folio 109, Hoja B223737, Inscripción 1

### 2. INTELLECTUAL AND INDUSTRIAL PROPERTY RIGHTS

The website, including as examples, though not limited to these, its programming, edition, compilation and other elements necessary for it to function, the designs, logos, text and/or graphics, are the property of the MANAGER or, where relevant, it has a licence or explicit authorisation from the authors. All the website content is duly protected by intellectual and industrial property legislation, and is registered in the corresponding public registers. Irrespective of the purpose for which said content was intended, the total or partial reproduction, use, operation, distribution and commercialisation requires, under all circumstances, the prior written authorisation of the MANAGER. Any use that is not authorised in advance is considered a serious breach of the author’s intellectual or industrial property rights. Any designs, logos, text and/or graphics which do not belong to the MANAGER, and which might appear on the website, belong to their respective owners, and they themselves are liable for any dispute that might arise with regard to them. The MANAGER explicitly authorises third parties to re-direct directly to the specific content on the website and, in any event, re-direct to the main http:isencia.com. The MANAGER recognises the corresponding intellectual and industrial property rights of their holders, and the fact that they are referred to or appear on the website does not mean that it has any rights or responsibility over ISENCIA, S.L. 21-04-2026 2 ISENCIA, S.L. c/Pablo Iglesias, 63 - Edifici de Vidre, local 7, 1r, - 08302 Mataró (Barcelona) ESPAÑA said rights. Neither does it provide any guarantee, sponsorship or recommendation for such. If you wish to make any comments on possible infringements of the intellectual or industrial property rights, or regarding any of the website content, you may do so by sending an e-mail to: eli.bochaca@isencia.com.

### 3. EXEMPTION FROM LIABILITY

The MANAGER is exempt from any type of liability deriving from the information published on its website, provided this information has been handled or entered by a third party beyond its control.

Use of Cookies: This website may use technical cookies (small information files that the server sends to the computer of the person accessing the page) to carry out certain functions considered essential for the correct functioning and viewing of the website. The cookies used are, in any event, temporary in nature; their sole purpose is to make browsing more efficient, and they disappear when the user ends his/her session. Under no circumstances do these cookies provide personal data by themselves, and neither are they used to collect such data.
Cookies may also be used to ensure that the website server recognises the browser used by the user, to make browsing simpler; it allows, for example, access for users who have registered previously for the areas, services, promotions or competitions reserved exclusively for them without having to register on every visit. They may also be used to measure audience, traffic parameters, monitor the progress and number of entries, etc. In these cases, they are cookies that are technically dispensable but beneficial for the user. This website will not install dispensable cookies without the user’s prior consent.
It is possible for the user to configure his/her browser to receive alerts when cookies are received, and to prevent them being installed on his/her computer. Please consult your browser’s instructions for more detailed information on this.
Links policy: It is possible that you may be re-directed from the website to content on third party websites. Given that the MANAGER cannot always monitor the content third parties place on their respective websites, it cannot be held liable for any of said content. In any event, it will withdraw immediately any content that might contravene domestic or international laws, morals or public order, will withdraw immediately the re-direction to said website, and will make the relevant authorities aware of the content in question.
The MANAGER cannot be held liable for the information and content stored in the following, which are examples, and not an exhaustive list: forums, chats, blog generators, comments, social networks or any other medium which allows third parties to publish content independently on the MANAGER’s website. However, in compliance with articles 11 and 16 of the LSSICE, it makes itself available to all users, authorities and security forces, and cooperates actively in the withdrawal or, where relevant, blocking of all content that might affect or contravene domestic or international laws, the rights of third parties or morals and public order. If you as a user consider that the website features any content which might fall under this heading, we request that you inform the website administrator immediately.
This website has been checked and tested to ensure that it works correctly. In principle, correct functioning can be guaranteed 365 days a year, 24 hours a day. However, the MANAGER does not rule out the possibility that there might be certain programming errors, or that there might be causes of force majeure, natural catastrophes, strikes or similar circumstances that make access to the website impossible.
IP Addresses: The website servers may detect automatically the IP address and the domain name used by the user. An IP address is a number assigned automatically to a computer when it connects to the Internet. All this information is recorded in a duly registered server activity file which allows subsequent processing of the data in order to obtain solely statistical measurements that reveal the number of pages printed, the number of visits made to the web servers, the order of visits, the point of access, etc.

The MANAGER is exempt from any type of liability deriving from the information published on its website, provided this information has been handled or entered by a third party beyond its control.

Use of Cookies: This website may use technical cookies (small information files that the server sends to the computer of the person accessing the page) to carry out certain functions considered essential for the correct functioning and viewing of the website. The cookies used are, in any event, temporary in nature; their sole purpose is to make browsing more efficient, and they disappear when the user ends his/her session. Under no circumstances do these cookies provide personal data by themselves, and neither are they used to collect such data.
Cookies may also be used to ensure that the website server recognises the browser used by the user, to make browsing simpler; it allows, for example, access for users who have registered previously for the areas, services, promotions or competitions reserved exclusively for them without having to register on every visit. They may also be used to measure audience, traffic parameters, monitor the progress and number of entries, etc. In these cases, they are cookies that are technically dispensable but beneficial for the user. This website will not install dispensable cookies without the user’s prior consent.
It is possible for the user to configure his/her browser to receive alerts when cookies are received, and to prevent them being installed on his/her computer. Please consult your browser’s instructions for more detailed information on this.
Links policy: It is possible that you may be re-directed from the website to content on third party websites. Given that the MANAGER cannot always monitor the content third parties place on their respective websites, it cannot be held liable for any of said content. In any event, it will withdraw immediately any content that might contravene domestic or international laws, morals or public order, will withdraw immediately the re-direction to said website, and will make the relevant authorities aware of the content in question.
The MANAGER cannot be held liable for the information and content stored in the following, which are examples, and not an exhaustive list: forums, chats, blog generators, comments, social networks or any other medium which allows third parties to publish content independently on the MANAGER’s website. However, in compliance with articles 11 and 16 of the LSSICE, it makes itself available to all users, authorities and security forces, and cooperates actively in the withdrawal or, where relevant, blocking of all content that might affect or contravene domestic or international laws, the rights of third parties or morals and public order. If you as a user consider that the website features any content which might fall under this heading, we request that you inform the website administrator immediately.
This website has been checked and tested to ensure that it works correctly. In principle, correct functioning can be guaranteed 365 days a year, 24 hours a day. However, the MANAGER does not rule out the possibility that there might be certain programming errors, or that there might be causes of force majeure, natural catastrophes, strikes or similar circumstances that make access to the website impossible.
IP Addresses: The website servers may detect automatically the IP address and the domain name used by the user. An IP address is a number assigned automatically to a computer when it connects to the Internet. All this information is recorded in a duly registered server activity file which allows subsequent processing of the data in order to obtain solely statistical measurements that reveal the number of pages printed, the number of visits made to the web servers, the order of visits, the point of access, etc.

The MANAGER is exempt from any type of liability deriving from the information published on its website, provided this information has been handled or entered by a third party beyond its control.

Use of Cookies: This website may use technical cookies (small information files that the server sends to the computer of the person accessing the page) to carry out certain functions considered essential for the correct functioning and viewing of the website. The cookies used are, in any event, temporary in nature; their sole purpose is to make browsing more efficient, and they disappear when the user ends his/her session. Under no circumstances do these cookies provide personal data by themselves, and neither are they used to collect such data.
Cookies may also be used to ensure that the website server recognises the browser used by the user, to make browsing simpler; it allows, for example, access for users who have registered previously for the areas, services, promotions or competitions reserved exclusively for them without having to register on every visit. They may also be used to measure audience, traffic parameters, monitor the progress and number of entries, etc. In these cases, they are cookies that are technically dispensable but beneficial for the user. This website will not install dispensable cookies without the user’s prior consent.
It is possible for the user to configure his/her browser to receive alerts when cookies are received, and to prevent them being installed on his/her computer. Please consult your browser’s instructions for more detailed information on this.
Links policy: It is possible that you may be re-directed from the website to content on third party websites. Given that the MANAGER cannot always monitor the content third parties place on their respective websites, it cannot be held liable for any of said content. In any event, it will withdraw immediately any content that might contravene domestic or international laws, morals or public order, will withdraw immediately the re-direction to said website, and will make the relevant authorities aware of the content in question.
The MANAGER cannot be held liable for the information and content stored in the following, which are examples, and not an exhaustive list: forums, chats, blog generators, comments, social networks or any other medium which allows third parties to publish content independently on the MANAGER’s website. However, in compliance with articles 11 and 16 of the LSSICE, it makes itself available to all users, authorities and security forces, and cooperates actively in the withdrawal or, where relevant, blocking of all content that might affect or contravene domestic or international laws, the rights of third parties or morals and public order. If you as a user consider that the website features any content which might fall under this heading, we request that you inform the website administrator immediately.
This website has been checked and tested to ensure that it works correctly. In principle, correct functioning can be guaranteed 365 days a year, 24 hours a day. However, the MANAGER does not rule out the possibility that there might be certain programming errors, or that there might be causes of force majeure, natural catastrophes, strikes or similar circumstances that make access to the website impossible.
IP Addresses: The website servers may detect automatically the IP address and the domain name used by the user. An IP address is a number assigned automatically to a computer when it connects to the Internet. All this information is recorded in a duly registered server activity file which allows subsequent processing of the data in order to obtain solely statistical measurements that reveal the number of pages printed, the number of visits made to the web servers, the order of visits, the point of access, etc.

### 4. APPLICABLE LAW AND JURISDICTION

For the resolution of any disputes or similar matters related to this website or the activities carried out on it, Spanish law shall apply. The parties submit themselves explicitly to Spanish law, and the resolution of any conflicts deriving from or related to the use of the website shall be the competence of the Courts and Tribunals closest to Mataró

1C1C1C

Download PDF

02. Privacy Policy

### DATA CONTROLLER

The company responsible for processing your data according to this Privacy Policy is:

ISENCIA, S.L.

NIF: B62436845

Address: C/ Pablo Iglesias, 63 - Edifici de Vidre, local 7, 1r - 08302 Mataró (Barcelona)

E-mail address:info@isencia.com Website: isencia.com

Telephone no.: 937540366

Registered in the Companies Register of Barcelona in volume 33165, folio 109, section 1st, page B223737

At ISENCIA, S.L., we recognise the importance of protecting your personal information and we are committed to processing it responsibly and in compliance with the data protection laws.

The purpose of this privacy policy is to regulate all the aspects relating to the processing of data of the different users browsing the website or providing their personal details on the different forms to be found on it.

The company responsible for processing your data according to this Privacy Policy is:

ISENCIA, S.L.

NIF: B62436845

Address: C/ Pablo Iglesias, 63 - Edifici de Vidre, local 7, 1r - 08302 Mataró (Barcelona)

E-mail address:info@isencia.com Website: isencia.com

Telephone no.: 937540366

Registered in the Companies Register of Barcelona in volume 33165, folio 109, section 1st, page B223737

At ISENCIA, S.L., we recognise the importance of protecting your personal information and we are committed to processing it responsibly and in compliance with the data protection laws.

The company responsible for processing your data according to this Privacy Policy is:

ISENCIA, S.L.

NIF: B62436845

Address: C/ Pablo Iglesias, 63 - Edifici de Vidre, local 7, 1r - 08302 Mataró (Barcelona)

E-mail address:info@isencia.com Website: isencia.com

Telephone no.: 937540366

Registered in the Companies Register of Barcelona in volume 33165, folio 109, section 1st, page B223737

At ISENCIA, S.L., we recognise the importance of protecting your personal information and we are committed to processing it responsibly and in compliance with the data protection laws.

### PERSONAL DATA

Personal Data is the information that identifies you or may identify you. Through the website, in the boxes that are stablished for that purpose, it is collected the personal data that the User provides us: Name, surname, email, telephone number, postal code, city, etc. In addition, it is collected all the personal data that the User voluntarily provides us through any of the social networks, of which the User is registered. In this case, the privacy settings will depend on both the configuration that the User established as well as the terms and conditions of the social network itself.

When a user visits the website, this does not mean that he/she has to provide any information about his/her personal data. However, if such information is provided, the data will be processed lawfully and subject at all times to the principles and rights contained in the GDPR 2016/679 of 27 April 2016 and the LOPDGDD 3/2018 of 5 December

### PURPOSE, DURATION AND LEGITIMATION

We will process the data provided to us by the user for the following purposes:

To improve the user experience when browsing the website. We will keep these data for as long as the user does not revoke his/her consent to them being processed by deleting the cookies, for the time established by law and for a minimum duration of 3 years.
The legitimate basis for improving website browsing is the consent given by the user when accepting the cookies. The user has the right to revoke his/her consent at any time, without this affecting the lawfulness of the processing based on the consent given prior to it being withdrawn.
To manage our social networks and send users information about our activities and products. We will keep these data for as long as the user does not revoke his/her consent to them being processed, for the time established by law and for a minimum duration of 3 years.
The legitimate basis for managing our social networks and sending users our activities and new features is the consent we are given to do so. The user has the right to revoke his/her consent at any time, without this affecting the lawfulness of the processing based on the consent given prior to it being withdrawn.
To manage the competitions and draws organised on the website. We collect and process the user’s personal data to enable us to manage his/her participation in the different draws or competitions organised by ISENCIA, S.L. and to communicate subsequently with the winners. We will keep these data for as long as the competition or draw is in progress and for subsequent exposure, as determined in the competition rules, and for the time established by law with a minimum duration of 3 years.
The basis for legitimation of the data processing will be the consent granted by the user when completing the participation form on the website and checking the box for acceptance of our privacy policy and for the rules of the competition or draw. The user has the right to revoke his/her consent at any time, without this affecting the lawfulness of the processing based on the consent given prior to it being withdrawn

We will process the data provided to us by the user for the following purposes:

To improve the user experience when browsing the website. We will keep these data for as long as the user does not revoke his/her consent to them being processed by deleting the cookies, for the time established by law and for a minimum duration of 3 years.
The legitimate basis for improving website browsing is the consent given by the user when accepting the cookies. The user has the right to revoke his/her consent at any time, without this affecting the lawfulness of the processing based on the consent given prior to it being withdrawn.
To manage our social networks and send users information about our activities and products. We will keep these data for as long as the user does not revoke his/her consent to them being processed, for the time established by law and for a minimum duration of 3 years.
The legitimate basis for managing our social networks and sending users our activities and new features is the consent we are given to do so. The user has the right to revoke his/her consent at any time, without this affecting the lawfulness of the processing based on the consent given prior to it being withdrawn.
To manage the competitions and draws organised on the website. We collect and process the user’s personal data to enable us to manage his/her participation in the different draws or competitions organised by ISENCIA, S.L. and to communicate subsequently with the winners. We will keep these data for as long as the competition or draw is in progress and for subsequent exposure, as determined in the competition rules, and for the time established by law with a minimum duration of 3 years.
The basis for legitimation of the data processing will be the consent granted by the user when completing the participation form on the website and checking the box for acceptance of our privacy policy and for the rules of the competition or draw. The user has the right to revoke his/her consent at any time, without this affecting the lawfulness of the processing based on the consent given prior to it being withdrawn

We will process the data provided to us by the user for the following purposes:

To improve the user experience when browsing the website. We will keep these data for as long as the user does not revoke his/her consent to them being processed by deleting the cookies, for the time established by law and for a minimum duration of 3 years.
The legitimate basis for improving website browsing is the consent given by the user when accepting the cookies. The user has the right to revoke his/her consent at any time, without this affecting the lawfulness of the processing based on the consent given prior to it being withdrawn.
To manage our social networks and send users information about our activities and products. We will keep these data for as long as the user does not revoke his/her consent to them being processed, for the time established by law and for a minimum duration of 3 years.
The legitimate basis for managing our social networks and sending users our activities and new features is the consent we are given to do so. The user has the right to revoke his/her consent at any time, without this affecting the lawfulness of the processing based on the consent given prior to it being withdrawn.
To manage the competitions and draws organised on the website. We collect and process the user’s personal data to enable us to manage his/her participation in the different draws or competitions organised by ISENCIA, S.L. and to communicate subsequently with the winners. We will keep these data for as long as the competition or draw is in progress and for subsequent exposure, as determined in the competition rules, and for the time established by law with a minimum duration of 3 years.
The basis for legitimation of the data processing will be the consent granted by the user when completing the participation form on the website and checking the box for acceptance of our privacy policy and for the rules of the competition or draw. The user has the right to revoke his/her consent at any time, without this affecting the lawfulness of the processing based on the consent given prior to it being withdrawn

### Assignment or communication of personal data and international transfers

Your data will not be communicated or transferred to third parties unless there is a legal obligation, or to those service providers associated with the Controller which act as data processors.

Our servers are located within the European Union and generally we have service providers located within the European Economic Area or in countries determined to have an adequate level of data protection.

If we need to use service providers which carry out processing outside the European Union or in countries not determined to have an adequate level of data protection, we will ensure that your data is processed in a secure and legitimate manner on the basis of adequacy decisions, standard data protection clauses, binding corporate rules, exceptions or any other instrument approved by the supervisory authority that offers adequate guarantees for the international transfer of data.

Your data will not be communicated or transferred to third parties unless there is a legal obligation, or to those service providers associated with the Controller which act as data processors.

### Updating of data

In order for us to keep the personal data up to date, the user must always inform us of any change in said data; if this is not done, we cannot be liable for the veracity of the data.

The user guarantees that the personal data provided are true, and guarantees that all the information provided corresponds to reality, is up to date and is accurate. He/she is obliged to communicate any modification thereto

In order for us to keep the personal data up to date, the user must always inform us of any change in said data; if this is not done, we cannot be liable for the veracity of the data.

### Third Party Data

If the user provides third party data for any purpose to ISENCIA, S.L., he/she guarantees that he/she has obtained these data lawfully, has informed the affected parties in advance, has obtained his/her consent to communicate them, and that the information provided is accurate and true.

### Compulsory nature of the information requeste

All our forms have an asterisk (*) to indicate which details are compulsory. If the user does not complete these fields, or does not check the privacy policy box, the information will not be sent.

### Rights of data subjects

You have the right to access your data and obtain confirmation regarding the processing thereof, as well as a copy of the personal data being processed. You have the right to update them and request that any inaccurate data be corrected, or request removal of the data when they are not necessary for the purposes for which they were collected. You may request a restriction in the processing of your data and object to them being processed by revoking your consent, and also exercise your right to data portability. Similarly, you have the right not to be the subject of decisions based solely on the automated processing of your personal data. You may exercise your rights by contacting us C/ Pablo Iglesias, 63 - Edifici de Vidre, local 7, 1r - 08302 Mataró (Barcelona) E-mail: info@isencia.com

If you consider that your rights have not been duly respected, you have the right to lodge a complaint with the Spanish Data Protection Agency www.aepd.es.

### Processing of the data of Minors

Anyone providing data through the forms on this website and accepting the processing of such states that he/she is at least 14 years old. Access to, and use of the website is prohibited for anyone younger than 14. If, at any time, the Data Controller detects that a person younger than 14 years of age has provided personal data, we will cancel said data. In addition, parents or tutors may in any event write to ISENCIA, S.L. to block any access account created by minors in their charge who have registered by falsifying their identity.

### Social Networks

The object of social tools such as Facebook, Twitter, Instagram, etc. or other social networks is to give visibility and dissemination of the activities that take place in our organization. These social tools store personal data in the servers of the corresponding services and are governed by their own privacy policy. It is recommended to review and read the conditions of use and the privacy policy of the social network at the time of registration, taking into account the different configuration´s possibilities regarding the privacy of the user’s profile in the social network. In addition, the Controller reserves the right to erase from its social networks any published information by third-parties that trespasses the legality, encourages to infringe it or contains messages that infringe upon human dignity or institutions. Likewise, the Controller reserves the right to block or report the author´s profile of such content.

### Cookies

A cookie is a small file that is downloaded and stored on the user’s computer when he/she access a website. Cookies allow the website, amongst other things, to store and recover information on the browsing habits of the user or of his/her computer and, depending on the information they contain and the way in which you use your computer, they may be used for user recognition. The user has the option to prevent the generation of cookies, by selecting the corresponding option in his/her browser program. You can obtain more information by reading our Cookies Policy

Last Updated: 2021/04/27

Download PDF

### 1. USER INFORMATION

Who is responsible for processing your personal data?

ISENCIA, S.L. will be responsible for processing the personal data of individuals who have created a profile on any of its social media platforms. These data will be processed in accordance with the provisions of Regulation (EU) 2016/679 of April 27 (GDPR), Organic Law 3/2018 of December 5 (LOPDGDD), and the Law on Information Society Services and Electronic Commerce (LSSI). We provide the following information about this processing:

Why do we process your personal data?

Purpose of processing: To maintain a relationship between the USER and ISENCIA, S.L. (hereinafter referred to as the CONTROLLER), which may include the following operations:

Handling requests and inquiries submitted to the controller.
Informing about activities and events organized by the controller.
Providing information about products or services offered by the controller.
Interacting through official profiles.

When the CONTROLLER collects and processes personal data via its social media platforms, USERS will be informed about the purpose of data collection and their rights regarding their personal data. Personal data will be used only for the specified purposes and will be securely maintained. Legal Basis for Processing: Explicit consent granted by the USER for the processing of their personal data for one or more specific purposes (Article 6.1.a GDPR). Additionally, USERS can access the privacy policies of the respective social networks at any time and configure their profile to ensure privacy.

Who is responsible for processing your personal data?

Why do we process your personal data?

Purpose of processing: To maintain a relationship between the USER and ISENCIA, S.L. (hereinafter referred to as the CONTROLLER), which may include the following operations:

Handling requests and inquiries submitted to the controller.
Informing about activities and events organized by the controller.
Providing information about products or services offered by the controller.
Interacting through official profiles.

When the CONTROLLER collects and processes personal data via its social media platforms, USERS will be informed about the purpose of data collection and their rights regarding their personal data. Personal data will be used only for the specified purposes and will be securely maintained. Legal Basis for Processing: Explicit consent granted by the USER for the processing of their personal data for one or more specific purposes (Article 6.1.a GDPR). Additionally, USERS can access the privacy policies of the respective social networks at any time and configure their profile to ensure privacy.

Who is responsible for processing your personal data?

Why do we process your personal data?

Purpose of processing: To maintain a relationship between the USER and ISENCIA, S.L. (hereinafter referred to as the CONTROLLER), which may include the following operations:

Handling requests and inquiries submitted to the controller.
Informing about activities and events organized by the controller.
Providing information about products or services offered by the controller.
Interacting through official profiles.

When the CONTROLLER collects and processes personal data via its social media platforms, USERS will be informed about the purpose of data collection and their rights regarding their personal data. Personal data will be used only for the specified purposes and will be securely maintained. Legal Basis for Processing: Explicit consent granted by the USER for the processing of their personal data for one or more specific purposes (Article 6.1.a GDPR). Additionally, USERS can access the privacy policies of the respective social networks at any time and configure their profile to ensure privacy.

How long will we retain your personal data?
Data retention criteria: The data will be retained until the USER revokes the consent given, as indicated in this privacy policy.

Who do we share your personal data with?

Data disclosure: Information provided by the USER through the CONTROLLER’s social media, including their personal data, may be published, depending on the services the USER uses, and may thus become publicly available to other third-party users of the social media. From each social network profile, USERS can configure what information they want to make public in each case, view the permissions granted, delete them, or disable them, just like any third-party application they no longer wish to use. However, no personal data will be disclosed to third parties outside the social network unless it is essential for the development and execution of the processing purposes. In such cases, the CONTROLLER has signed confidentiality and data processing agreements with its communication service providers, as required by current privacy regulations.

What are your rights?

Rights of the USER: These rights can only be satisfied regarding information under the control of the CONTROLLER.

• Right to withdraw consent at any time. Ç

• Right of access, rectification, data portability, or erasure of your data, and the right to restrict or object to its processing.

• Right to file a complaint with the supervisory authority (www.aepd.es) if you believe that the processing does not comply with current regulations. Contact details to exercise your rights: ISENCIA, S.L., c/Pablo Iglesias, 63 Edifici de Vidre, local 7, 1r, - 08302 Mataró (Barcelona). E-mail: info@isencia.com The complete privacy policy is available at www.isencia.com/

How long will we retain your personal data?
Data retention criteria: The data will be retained until the USER revokes the consent given, as indicated in this privacy policy.

Who do we share your personal data with?

What are your rights?

Rights of the USER: These rights can only be satisfied regarding information under the control of the CONTROLLER.

• Right to withdraw consent at any time. Ç

• Right of access, rectification, data portability, or erasure of your data, and the right to restrict or object to its processing.

How long will we retain your personal data?
Data retention criteria: The data will be retained until the USER revokes the consent given, as indicated in this privacy policy.

Who do we share your personal data with?

What are your rights?

Rights of the USER: These rights can only be satisfied regarding information under the control of the CONTROLLER.

• Right to withdraw consent at any time. Ç

• Right of access, rectification, data portability, or erasure of your data, and the right to restrict or object to its processing.

### 2. USE OF THE PROFILE

The CONTROLLER will carry out the following actions:

Access to public information on the profile.
Posting on the USER’s profile of any information already published on the CONTROLLER’s social network.

• Sending personal and individual messages through the social network’s channels.

• Updates on the page’s status that will be published on the USER’s profile.

The USER can always control their connections, delete content they are no longer interested in, and restrict who they share their connections with. To do so, they must access their settings, where they will find various configuration options related to the privacy of the user profile on the social network.

The CONTROLLER will carry out the following actions:

Access to public information on the profile.
Posting on the USER’s profile of any information already published on the CONTROLLER’s social network.

• Sending personal and individual messages through the social network’s channels.

• Updates on the page’s status that will be published on the USER’s profile.

The CONTROLLER will carry out the following actions:

Access to public information on the profile.
Posting on the USER’s profile of any information already published on the CONTROLLER’s social network.

• Sending personal and individual messages through the social network’s channels.

• Updates on the page’s status that will be published on the USER’s profile.

### 3. POSTS

The purpose of social networks is to provide visibility and dissemination of the activities carried out by the CONTROLLER. These tools store personal data on the servers of the respective services and are governed by their own privacy policies. Once a USER becomes a follower or joins the social network of the CONTROLLER, they can post comments, links, images, photographs, or any other type of multimedia content supported by the network. In all cases, the USER must be the owner of the published content, have copyright and intellectual property rights, or have the consent of the affected third parties. Expressly prohibited are any publications on the social network, including texts, graphics, photos, videos, etc., that infringe or may infringe on morality, ethics, good taste, or decorum, and/or violate or breach intellectual or industrial property rights, image rights, or the law. Offensive, defamatory, illegal, or inappropriate comments or content will not be tolerated on the company’s profiles. The Company reserves the right to delete such comments or content and to block the responsible users. In these cases, the CONTROLLER reserves the right to immediately remove the content, without prior notice, and may request the permanent blocking of the USER.

The CONTROLLER is not responsible for the content that USERS have freely published.

USERS should be aware that their posts will be visible to other users, making them primarily responsible for their own privacy. Images that may be published on the social network will not be stored in any file by the CONTROLLER but will remain on the social network.

The CONTROLLER is not responsible for the content that USERS have freely published.

### 4. DATA OF MINORS OR INDIVIDUALS WITH SPECIAL NEEDS

Reviewing and reading the terms of use and privacy policy of each social network at the time of registration is recommended, taking into account the different age requirements for registration. Furthermore, the CONTROLLER will be expressly exempt from any liability that may arise from the use of social networks by minors or individuals with special needs, whose access should be supervised and controlled by their legal representatives. The CONTROLLER reserves the right to modify this policy at any time. Changes will be communicated through our social media profiles and/or our website.

Download PDF

The purpose of this cookies policy is to provide clear and precise information about the cookies used on our website.

We use own and third-party cookies to improve our services, customise our website, make it easier for our users to browse, offer an improved experience when using the website, identify problems and thereby improve the website, carry out measurements and usage statistics and show you advertising related to your preferences by analysing use of the website.

We inform you that we can use cookies on your device provided you have given your consent, except in those cases where the cookies are necessary to browse our website. If you give your consent, we will be able to use cookies that will allow us to gather more information about your preferences and customise our website according to your individual interests

The purpose of this cookies policy is to provide clear and precise information about the cookies used on our website.

### WHAT ARE COOKIES?

Cookies and other similar technologies, such as local shared objects, flash cookies or pixels, are tools used by Web servers to store and recover information about website visitors, and also to ensure correct functioning of the website.

### TYPES OF COOKIES

Types of cookies depending on the organisation managing them:

Own cookies: these cookies are sent to the user’s terminal from a computer or domain managed by the owner of the website from which the service requested by the user is provided.
Third-party cookies: these cookies are sent to the user’s terminal from a computer or domain not managed by the owner of the website from which the service requested by the user is provided, but by another organisation that processes the data obtained through the cookies. In addition, if the cookies are installed from a computer or domain managed by the Website owner but the information collected by them is managed by a third party, they will also be considered third-party cookies.

Types of cookies according to their purpose:

Technical cookies: these are cookies that allow the user to browse a website, platform or application and to use the different options or services thereon, including those that the editor uses to allow management and operation of the website and enable its functions and services. These include, for example, monitoring traffic and data communication, identifying the session, accessing restricted access areas, remembering the component elements of an order, carrying out the order purchase process, managing the payment, monitoring any fraud associated with the security of the service, dealing with an application for registration or participation in an event, counting the number of visits for the purposes of invoicing licences for the software with which the service operates (website, platform or application), using security elements during browsing, storing content for the dissemination of videos or sound, enabling dynamic content (for example, animation to load a text or an image) or sharing content on social networks.

This category also includes, because of their technical nature, those cookies that allow management, as efficiently as possible, of any advertising spaces that, as one more element of design or “layout” of the service offered to the user, the editor has included on a website, application or platform based on criteria such as the content edited, without compiling information about the users for other purposes, such as customising this advertising content or other content.

Preference or customisation cookies: these cookies are used to remember information so that the user can access the service with certain characteristics that differentiate his/her experience from that of other users such as, for example, the language, the number of results displayed when the user performs a search, the appearance or content of the service depending on the type of browser used by the user to access the service or the region from which he/she accesses the service, etc.

Analytics or performance cookies: these cookies allow the person or entity responsible for them to monitor and analyse the behaviour of users of the websites with which they are associated, including quantifying the impacts of adverts. The information collected by this type of cookies is used to measure activity on the website, application or platform, in order to introduce improvements according to the analysis of the users’ data usage.

Behavioural advertising cookies: these allow us to manage, as efficiently as possible, the advertising spaces on the website. These cookies store information on user behaviour obtained through continuous observation of his/her browsing habits, allowing us to develop a specific profile to show advertising adapted to that profile.

Geolocation cookies: these are used to find a user’s location when he/she requests a service. This cookies is anonymous and is used, for example, to offer you relevant information depending on the country where you are located.

Types of cookies according to the length of time they remain active:

Session cookies: these cookies are designed to collect and store data when the user accesses a website. They are generally used to store information that only needs to be kept for the provision of the service requested by the user on a single occasion (for example, a list of products bought) and disappear when the user logs off or ends the session.

Persistent cookies: with these cookies, the data continue to be stored in the terminal and may be accessed and processed for a period defined by the person/entity responsible for the cookie, which may range from a few minutes to several years..

Types of cookies depending on the organisation managing them:

Own cookies: these cookies are sent to the user’s terminal from a computer or domain managed by the owner of the website from which the service requested by the user is provided.
Third-party cookies: these cookies are sent to the user’s terminal from a computer or domain not managed by the owner of the website from which the service requested by the user is provided, but by another organisation that processes the data obtained through the cookies. In addition, if the cookies are installed from a computer or domain managed by the Website owner but the information collected by them is managed by a third party, they will also be considered third-party cookies.

Types of cookies according to their purpose:

Technical cookies: these are cookies that allow the user to browse a website, platform or application and to use the different options or services thereon, including those that the editor uses to allow management and operation of the website and enable its functions and services. These include, for example, monitoring traffic and data communication, identifying the session, accessing restricted access areas, remembering the component elements of an order, carrying out the order purchase process, managing the payment, monitoring any fraud associated with the security of the service, dealing with an application for registration or participation in an event, counting the number of visits for the purposes of invoicing licences for the software with which the service operates (website, platform or application), using security elements during browsing, storing content for the dissemination of videos or sound, enabling dynamic content (for example, animation to load a text or an image) or sharing content on social networks.

This category also includes, because of their technical nature, those cookies that allow management, as efficiently as possible, of any advertising spaces that, as one more element of design or “layout” of the service offered to the user, the editor has included on a website, application or platform based on criteria such as the content edited, without compiling information about the users for other purposes, such as customising this advertising content or other content.

Preference or customisation cookies: these cookies are used to remember information so that the user can access the service with certain characteristics that differentiate his/her experience from that of other users such as, for example, the language, the number of results displayed when the user performs a search, the appearance or content of the service depending on the type of browser used by the user to access the service or the region from which he/she accesses the service, etc.

Analytics or performance cookies: these cookies allow the person or entity responsible for them to monitor and analyse the behaviour of users of the websites with which they are associated, including quantifying the impacts of adverts. The information collected by this type of cookies is used to measure activity on the website, application or platform, in order to introduce improvements according to the analysis of the users’ data usage.

Behavioural advertising cookies: these allow us to manage, as efficiently as possible, the advertising spaces on the website. These cookies store information on user behaviour obtained through continuous observation of his/her browsing habits, allowing us to develop a specific profile to show advertising adapted to that profile.

Geolocation cookies: these are used to find a user’s location when he/she requests a service. This cookies is anonymous and is used, for example, to offer you relevant information depending on the country where you are located.

Types of cookies according to the length of time they remain active:

Session cookies: these cookies are designed to collect and store data when the user accesses a website. They are generally used to store information that only needs to be kept for the provision of the service requested by the user on a single occasion (for example, a list of products bought) and disappear when the user logs off or ends the session.

Persistent cookies: with these cookies, the data continue to be stored in the terminal and may be accessed and processed for a period defined by the person/entity responsible for the cookie, which may range from a few minutes to several years..

Types of cookies depending on the organisation managing them:

Own cookies: these cookies are sent to the user’s terminal from a computer or domain managed by the owner of the website from which the service requested by the user is provided.
Third-party cookies: these cookies are sent to the user’s terminal from a computer or domain not managed by the owner of the website from which the service requested by the user is provided, but by another organisation that processes the data obtained through the cookies. In addition, if the cookies are installed from a computer or domain managed by the Website owner but the information collected by them is managed by a third party, they will also be considered third-party cookies.

Types of cookies according to their purpose:

Technical cookies: these are cookies that allow the user to browse a website, platform or application and to use the different options or services thereon, including those that the editor uses to allow management and operation of the website and enable its functions and services. These include, for example, monitoring traffic and data communication, identifying the session, accessing restricted access areas, remembering the component elements of an order, carrying out the order purchase process, managing the payment, monitoring any fraud associated with the security of the service, dealing with an application for registration or participation in an event, counting the number of visits for the purposes of invoicing licences for the software with which the service operates (website, platform or application), using security elements during browsing, storing content for the dissemination of videos or sound, enabling dynamic content (for example, animation to load a text or an image) or sharing content on social networks.

This category also includes, because of their technical nature, those cookies that allow management, as efficiently as possible, of any advertising spaces that, as one more element of design or “layout” of the service offered to the user, the editor has included on a website, application or platform based on criteria such as the content edited, without compiling information about the users for other purposes, such as customising this advertising content or other content.

Preference or customisation cookies: these cookies are used to remember information so that the user can access the service with certain characteristics that differentiate his/her experience from that of other users such as, for example, the language, the number of results displayed when the user performs a search, the appearance or content of the service depending on the type of browser used by the user to access the service or the region from which he/she accesses the service, etc.

Analytics or performance cookies: these cookies allow the person or entity responsible for them to monitor and analyse the behaviour of users of the websites with which they are associated, including quantifying the impacts of adverts. The information collected by this type of cookies is used to measure activity on the website, application or platform, in order to introduce improvements according to the analysis of the users’ data usage.

Behavioural advertising cookies: these allow us to manage, as efficiently as possible, the advertising spaces on the website. These cookies store information on user behaviour obtained through continuous observation of his/her browsing habits, allowing us to develop a specific profile to show advertising adapted to that profile.

Geolocation cookies: these are used to find a user’s location when he/she requests a service. This cookies is anonymous and is used, for example, to offer you relevant information depending on the country where you are located.

Types of cookies according to the length of time they remain active:

Session cookies: these cookies are designed to collect and store data when the user accesses a website. They are generally used to store information that only needs to be kept for the provision of the service requested by the user on a single occasion (for example, a list of products bought) and disappear when the user logs off or ends the session.

Persistent cookies: with these cookies, the data continue to be stored in the terminal and may be accessed and processed for a period defined by the person/entity responsible for the cookie, which may range from a few minutes to several years..

### COOKIES USED ON OUR WEBSITE

1P_JAR — Google Adwords — Persistent — For Advertising Purposes. s_vi — Adobe Analytics — 1 day — Date and time mark identifying the unique visitor. PHPSESSID — Technical Cookie — Session — Contains the session identifier. Erased when browser is closed.

### DISABLING COOKIES

The user can, at any time, allow, block or delete the cookies installed on his/her device by changing the settings on the browser installed on his/her computer:

• Chrome: Settings → Advanced → Privacy → Content settings

For more information, consult Google support or your browser Help.

• Edge: Tools → Internet options → Privacy → Settings

For more information, consult Microsoft support or your browser Help.

• Firefox: Tools → Options → Privacy → History → Customised Settings

For more information, consult Mozilla support or your browser Help.

• Safari: Preferences → Security

For more information, consult Apple support or your browser Help

If you deactivate the cookies, it will not prevent you from browsing the website, but the use of some services may be limited and, consequently, your browsing experience may be less satisfactory.

The user can, at any time, allow, block or delete the cookies installed on his/her device by changing the settings on the browser installed on his/her computer:

• Chrome: Settings → Advanced → Privacy → Content settings

For more information, consult Google support or your browser Help.

• Edge: Tools → Internet options → Privacy → Settings

For more information, consult Microsoft support or your browser Help.

• Firefox: Tools → Options → Privacy → History → Customised Settings

For more information, consult Mozilla support or your browser Help.

• Safari: Preferences → Security

For more information, consult Apple support or your browser Help

If you deactivate the cookies, it will not prevent you from browsing the website, but the use of some services may be limited and, consequently, your browsing experience may be less satisfactory.

The user can, at any time, allow, block or delete the cookies installed on his/her device by changing the settings on the browser installed on his/her computer:

• Chrome: Settings → Advanced → Privacy → Content settings

For more information, consult Google support or your browser Help.

• Edge: Tools → Internet options → Privacy → Settings

For more information, consult Microsoft support or your browser Help.

• Firefox: Tools → Options → Privacy → History → Customised Settings

For more information, consult Mozilla support or your browser Help.

• Safari: Preferences → Security

For more information, consult Apple support or your browser Help

If you deactivate the cookies, it will not prevent you from browsing the website, but the use of some services may be limited and, consequently, your browsing experience may be less satisfactory.

### WITHDRAWING CONSENT

The user may withdraw his/her consent relating to the Cookies Policy at any time, and may delete the cookies stored on his/her device by adjusting his/her internet browser settings, as described above, and also by accessing our settings panel.

This Cookies Policy may be modified when required by the legislation in force at any time or when there is a change in the type of cookies used on the website. For this reason, we recommend that you review this policy every time you access our website, so that you are appropriately informed of how and why we use cookies

05. ISMS Security Policy

### OBJECT

This policy establishes the commitment of iSencia to the protection of the Confidentiality, Integrity, and Availability (CIA) of its own information and that of its clients, structuring a robust and continuously improving Information Security Management System (ISMS). It serves as a framework to establish the information security objectives of the organization.

### SCOPE AND INSTITUTIONAL COMMITMENT

It applies to all personnel, contractors, and third parties with access to information assets. Management commits to providing resources, complying with legal requirements (GDPR), and fostering a proactive security culture.

### RISK AND INCIDENT MANAGEMENT

Proactive Identification: Maintenance of an inventory of risks and updated contingency plans in the face of IT innovations.

Response: Implementation of a Security Incident Procedure with communication protocols and subsequent handling.
Security in the Lifecycle (SDLC)
Integration of security from the design and specification of the software.
Code reviews and mandatory security tests.
Role-based access through individual accounts (prohibition of shared accounts in production).

Proactive Identification: Maintenance of an inventory of risks and updated contingency plans in the face of IT innovations.

Response: Implementation of a Security Incident Procedure with communication protocols and subsequent handling.
Security in the Lifecycle (SDLC)
Integration of security from the design and specification of the software.
Code reviews and mandatory security tests.
Role-based access through individual accounts (prohibition of shared accounts in production).

### ACCESS CONTROL AND DATA PROTECTION

Logical Access: Mandatory use of MFA (Multi-Factor Authentication) whenever possible; failing that, secure passwords with rotation every 120 days and SSL encryption.

Leak Prevention (DLP): Monitoring of network traffic to detect and alert about unauthorized outputs of sensitive data.
Physical Security: Use of certified cloud providers $(AWS/Azure)$ or internal facilities with restricted access and isolated zones.

Logical Access: Mandatory use of MFA (Multi-Factor Authentication) whenever possible; failing that, secure passwords with rotation every 120 days and SSL encryption.

Leak Prevention (DLP): Monitoring of network traffic to detect and alert about unauthorized outputs of sensitive data.
Physical Security: Use of certified cloud providers $(AWS/Azure)$ or internal facilities with restricted access and isolated zones.

### THREAT MONITORING (SIEM)

Implementation of SIEM tools to centralize security events, allowing an immediate response to high-level alerts and periodic annual reviews of the threat landscape.

### BUSINESS CONTINUITY

Backups: Automated backup copies with daily monitoring.

Recovery: Execution of disaster recovery tests (DRP) at least once a year to guarantee effective restoration

Backups: Automated backup copies with daily monitoring.

Recovery: Execution of disaster recovery tests (DRP) at least once a year to guarantee effective restoration

### TRAINING AND AWARENESS

Mandatory annual training program for all employees.

Focus on password hygiene, physical security, patch management, and protection against malware.

Mandatory annual training program for all employees.

Focus on password hygiene, physical security, patch management, and protection against malware.

### GOVERNANCE AND RESPONSIBILITIES

. Data Security Officer: Key role that reports directly to Management.

Review: Periodic audits and updates of the policy to maintain alignment with the ISO 27001 standard.
Dissemination: Publication on the corporate website; ignorance of the policy does not exempt from its compliance.

. Data Security Officer: Key role that reports directly to Management.

Review: Periodic audits and updates of the policy to maintain alignment with the ISO 27001 standard.
Dissemination: Publication on the corporate website; ignorance of the policy does not exempt from its compliance.

Download PDF

### OBJECT

### SCOPE AND INSTITUTIONAL COMMITMENT

### RISK AND INCIDENT MANAGEMENT

Proactive Identification: Maintenance of an inventory of risks and updated contingency plans in the face of IT innovations.

Response: Implementation of a Security Incident Procedure with communication protocols and subsequent handling.
Security in the Lifecycle (SDLC)
Integration of security from the design and specification of the software.
Code reviews and mandatory security tests.
Role-based access through individual accounts (prohibition of shared accounts in production).

### ACCESS CONTROL AND DATA PROTECTION

Logical Access: Mandatory use of MFA (Multi-Factor Authentication) whenever possible; failing that, secure passwords with rotation every 120 days and SSL encryption.

Leak Prevention (DLP): Monitoring of network traffic to detect and alert about unauthorized outputs of sensitive data.
Physical Security: Use of certified cloud providers $(AWS/Azure)$ or internal facilities with restricted access and isolated zones.

### THREAT MONITORING (SIEM)

Implementation of SIEM tools to centralize security events, allowing an immediate response to high-level alerts and periodic annual reviews of the threat landscape.

### BUSINESS CONTINUITY

Backups: Automated backup copies with daily monitoring.

Recovery: Execution of disaster recovery tests (DRP) at least once a year to guarantee effective restoration

### TRAINING AND AWARENESS

Mandatory annual training program for all employees.

Focus on password hygiene, physical security, patch management, and protection against malware.

### GOVERNANCE AND RESPONSIBILITIES

. Data Security Officer: Key role that reports directly to Management.

Review: Periodic audits and updates of the policy to maintain alignment with the ISO 27001 standard.
Dissemination: Publication on the corporate website; ignorance of the policy does not exempt from its compliance.

05. ISMS Security Policy

// HEADQUARTERS

C/ Pablo Iglesias, 63

08302 Mataró, Barcelona

España

// CONTACT

info@isencia.com

// NAVIGATION

./services

./our journey

./contact

// COMPLIANCE_RESOURCES