ADVISE respects your privacy. Whether you deal with ADVISE as a customer, consumer, member of the general public, etc., you are entitled to have your personal data protected. The personal data may refer to your name, telephone number and email address, but it also includes other data such as geographic localisation, etc.
This ADVISE General Policy on Privacy and Data Protection (hereinafter, “this Policy”) describes how and why we collect your data; what happens to your personal data afterwards and who we share it with, as well as how we protect your data and choices you can make about your data.
This Policy applies to personal data processing within the framework of a variety of services, tools, apps, websites, portals, (online) sales promotions, marketing actions, sponsored social media platforms, etc. provided by ADVISE or by others acting in the name of ADVISE.
This policy is made up of general rules and explanations, with additional specific separate privacy notices on services, tools, apps, websites, portals, (online) sales promotions, marketing actions, sponsored social media platforms, etc. provided by or operated by ADVISE or by others on behalf of ADVISE. You will receive these privacy notices each time your data is required in the framework of those aforementioned activities (e.g. through websites, portals, individual communications services, newsletters, reminders, surveys, offers, events, etc.).
This Policy applies to all your personal data collected by (or on behalf of) ADVISE, referred to in this policy as “ADVISE”, “us”, “we” and “our”.
By accepting the terms and conditions of this Policy you agree we can process your personal data as described in this Policy.
Some of the key concepts used in this Policy are defined at the end of the Policy and marked with capital letters (e.g. Personal Data, Processing, Processing Manager, etc.).
Company Tax ID: B84037217
C/ Apolonio Morales, 10. Local F.
28036 – Madrid
ADVISE has set up a data protection contact point for your queries and requests regarding this policy, or specific privacy notices or your personal data (and its processing).
You can contact us through the data protection Contact Point with any query, request or complaint related to application of this Policy or to assert your rights, as described herein:
Please provide a copy of your Personal ID document as identification when exercising your rights.
ADVISE values the personal data you have entrusted to us and promises to process your personal data in a fair, transparent and secure manner. ADVISE applies the following key principles:
ADVISE will always be clear about what personal data is collected when we request your personal data. You will be provided with this information through a separate privacy notice that may, for example, be included in the specific services (including communication services), electronic newsletters, reminders, surveys, offers, invitations to events, etc.
Please be aware that your personal data may be processed, in accordance with applicable data protection legislation, in instances when:
You are hereby informed that no “sensitive” personal data is required when an interested party forwards a copy of his or her curriculum vitae to ADVISE. The interested party expressly consents if he or she decides of their own accord to include sensitive data in the curriculum.
ADVISE only processes your personal data for specific, express and lawful purposes and will never process your personal data in any way that may be deemed incompatible with those end purposes.
The end purpose might be to fulfil an order you have placed, to improve your experience when visiting one of our websites or portals; to improve our products and services in general; to provide services or apps, communications and marketing actions, etc. Each end purpose of processing your personal data is clearly defined in the specific privacy notice related to that processing. You may access the relevant privacy notice, for example, on a website or portal, in an application, in a newsletter, etc.).
It is important for ADVISE to keep our personal data records up to date. Please inform us of any change to or error in your personal data as soon as possible by contacting us through the data protection contact point (see Section 3 “Who should you contact with queries or requests?”). We will take the necessary steps to ensure that any incorrect information regarding your data is deleted or changed as a result.
You may access the personal data we hold about you and if you find that any of your personal data is inaccurate or incomplete, you may request that the data be corrected or cancelled. Please contact ADVISE through the Data Protection Contact Point (see Section 3 “Who should you contact with queries or requests?”) if you require further information on your privacy rights or wish to exercise any of these rights.
ADVISE will keep your personal data as established in data protection legislation. Your personal data will only be held as long as necessary to meet the provisions of applicable law or for the purposes for which your personal data is being processed.
Please contact ADVISE through the Data Protection Contact Point (see Section 3 “Who should you contact with queries or requests?”) if you wish to know how long certain personal data will probably be held before deletion from our systems and databases.
ADVISE uses a series of technical and organisational security measures to protect your personal data from any unauthorised or illegal access or use, and also from loss of or accidental harm to data integrity. These measures were designed bearing in mind the corporate IT infrastructure, potential impact on your privacy and the costs involved, pursuant to current sector standards and practices.
Your personal data will only be processed by a third party if the Processing Manager has agreed to put technical and organisational measures in place as necessary to comply with the data processing security commitment.
Keeping your personal data secure means protecting the confidentiality, integrity and availability of the data:
(a) Confidentiality: ADVISE will protect your data to avoid disclosure to third parties.
(b) Integrity: ADVISE will protect your personal data to ensure no changes are made by unauthorised third parties.
(c) Availability: ADVISE guarantees authorised persons can access your personal data when necessary.
ADVISE data security procedures include: secure access, backup systems, monitoring, review and maintenance, security incident and continuity management, etc.
Miscellaneous third parties:
Your personal data will not be transferred to any parties outside the EU/EEA unless required in order to provide the requested service. ADVICE will implement specific and appropriate measures to guarantee an adequate level of protection for your personal data if your personal data is transferred to any countries outside the EEA which do not normally offer the same data protection standard as within the EU/EEA. The interested party will be kept informed at all times in that regard.
Such measures implemented may, for example, comprise agreeing binding contractual clauses with receiving parties to guarantee a suitable standard of protection. You will always be clearly informed if your personal data is transferred outside the EU/EEA.
We wish to be as transparent as possible with you, enabling you to take important decisions as to how you would like us to use your information.
In this regard, you can choose from a variety of options available for how we will contact you: choice of method (e.g. email, post, etc.), purpose and frequency, by adjusting the privacy configuration on your device and updating your user profile or account and following opt-out instructions as set out in the notice.
Please bear in mind that, by default, if you make no choice, you will receive ADVISE promotional notices with the following frequency: on the publication date.
Please contact ADVISE through the Data Protection Contact Point (see Section 3 “Who should you contact with queries or requests?”) to check what personal data ADVISE holds about you and where it came from. In certain scenarios, you are entitled to receive your personal data, as provided by you, in a commonly used machine-readable format and to transfer your personal data to any third party of your choice.
If there is any error in your personal data or if it is incomplete or incorrect, you may require ADVISE to correct or complete the data.
You may restrict processing of your personal data (for example by verifying the accuracy of your personal data).
You may also oppose the use of your data for direct marketing purposes (if you prefer, and tell us through which channels and how often you wish us to contact you) and can oppose sharing your personal data with third parties for the same purpose.
You may withdraw your consent to continue processing personal data provided by you at any time by contacting us through the data protection contact point (see Section 3 “Who should you contact with queries or requests?”).
Additionally, you may request that any data concerning you be deleted (except in certain instances, for example as evidence of a transaction or when required in law).
Lastly, please keep in mind that you may file a complaint against the data controller before the corresponding data protection agency (“DPA”).
The relevant DPA is the Spanish Data Protection Agency.
The requirements established in this Policy are in addition to and do not replace any other legal requirement in force under applicable data protection legislation. If any conflict rises between matters established in this Policy and requirements established in applicable data protection law, the requirements of applicable data protection legislation will prevail.
ADVISE may amend this Policy at any time. When this occurs you will be notified of any change and we would ask you to read the most recent version of our Policy and confirm your acceptance. It is also advisable from time to time to check this Policy, at www.advise.es, to ensure you are up to date with changes.
For the purposes of this policy, the following terms shall have the meanings set out below:
(a) Data Controller means the organisation that decides the purposes for which and the manner in which personal data is processed. Unless we notify a change, the data controller is ADVISE (C/ Apolonio Morales, 10, Local F, 28036 Madrid).
You may be provided with additional information by means of a separate privacy notice, e.g. specific services (including communication services), electronic newsletters, reminders, invitations to events, etc.
(b) Processing manager means the person and/or organisation processing personal data on behalf of the Data controller.
(c) Data Protection Contact Point means the contact point (i.e. a person designated by ADVISE within the corresponding jurisdiction) through which you can contact the Data Controller with queries or requests regarding this policy and/or processing of your Data and who will reply to those questions and requests. Unless ADVISE notifies an alternative, please contact ADVISE through the Data Protection Contact Point described in Section 3 “Who should you contact with queries or requests?”
(e) EEA means European Economic Area (comprising member countries of the EU, Iceland, Norway and Lichtenstein).
(f) Personal Data means data directly about you or through which you can be identified, e.g. your name, telephone number and email address, (geographic) location, etc.
(g) Processing means gathering, accessing and using your personal data in any manner.