From SUMIBI, S.L., we understand the importance of maintaining a transparent relationship with you. Therefore, we present our Privacy Policy so that you are always properly informed about how we collect and securely process any data you provide to us.

Your data will be processed in accordance with current legislation, specifically in accordance with the provisions of Regulation (EU) 2016/679 of April 27, 2016 (GDPR) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data. This also applies to Organic Law 3/2018, of December 5, on Personal Data Protection and Digital Rights Guarantee.

A careful reading of our Privacy Policy will provide you with the necessary information to understand how we will use the data you provide.

WHO IS RESPONSIBLE FOR YOUR DATA PROCESSING?

If you or an authorized person has provided us with your data, we inform you that SUMIBI, S.L, with VAT number: B16476590, is responsible for processing it. This data will be processed in accordance with current regulations on the protection of personal data.

There may be other data controllers for the processes we carry out. In such cases, we will always inform you of who the data controller is, along with their contact information.

At SUMIBI, S.L, we are committed to complying with the obligation of personal data confidentiality and its duty to keep them secure. To achieve this, we take the necessary measures to prevent their alteration, loss, unauthorized access, or processing, in accordance with what is established by the Regulation.

WHERE DO WE INFORM?

SUMIBI, S.L. provides information through the website www.rokuseki.es in the section related to the privacy policy. More information can be found in the “Legal Notice.”

WHAT PERSONAL DATA DO WE PROCESS?

The personal data we process are:

– Those that you decide to voluntarily provide.
– Data derived from communications you have with us.
– Information related to your online navigation, such as your IP address or data from cookies or similar devices (you can review our Cookie Policy on the website).
– Information available from publicly accessible sources, to which we can legitimately access.
– Data resulting from the contractual or pre-contractual relationship you have with us, including your image, with prior notice in this case regarding the possibility of image capture.
– Data provided by third parties about you, with a legitimate basis for doing so or after obtaining your consent.
– Data from third parties that you provide us with, with the prior consent of the relevant third party.

HOW DO WE PROCESS THE DATA?

At SUMIBI, S.L, we always process your personal data in strict compliance with current legislation. Additionally, we inform you that we have implemented appropriate technical and organizational measures to ensure an optimal level of security, ensuring that only authorized individuals have access to the data. We also ensure data integrity, preventing any intentional or accidental loss, and have strengthened data processing systems and services.

The operations, processes, and technical procedures we perform, whether automated or not, which involve the collection, storage, modification, transfer, and other actions on personal data, are considered as the processing of personal data.

WHAT IS THE LEGAL BASIS FOR PROCESSING?

The legal basis for the processing of personal data will depend on the contractual or pre-contractual relationship, the employment relationship, or any other relationship that may require data processing, as well as the express consent obtained.

HOW DO WE MANAGE ELECTRONIC COMMUNICATIONS?

In the case of receiving communications through electronic means (e.g., emails, automated response messages from forms, and other communication systems), we inform you that these messages are directed solely to the intended recipient and may contain privileged or confidential information. If you are not the intended recipient, be aware that the use, disclosure, and/or copying without authorization is prohibited by law.

In accordance with the provisions of Law 34/2002 of July 11, on Information Society Services and Electronic Commerce, and Directive 2002/58/EC, we inform you that if you do not wish to receive commercial communications and information through this electronic communication system, you can notify us via the same method, indicating in the subject line “UNSUBSCRIBE FROM COMMERCIAL COMMUNICATIONS.” This way, your personal data will be removed from our database. Your request will be processed within 10 days of its submission. In the event that we do not receive a clear response from you, we will assume that you accept and authorize our entity to continue sending these communications.

HOW LONG DO WE RETAIN YOUR DATA?

Personal data related to individuals collected by SUMIBI, S.L. through any means will be retained until the data subject requests their deletion. They will also be retained for the duration of the relationship that gave rise to the data processing, always respecting the legal retention periods. Once this period has ended, personal data will be deleted from all SUMIBI, S.L. systems.

WILL YOUR DATA BE SHARED WITH THIRD PARTIES?

There will be no transfer or transmission of personal data except as previously disclosed, unless required by law. If the Public Administration or Autonomous Institutions within the scope of their legal functions request your data, they will be transmitted.

If there is a transfer, transmission, or transfer of personal data beyond the cases previously mentioned, you will be informed in advance and, if necessary, asked for your consent.

To organize ourselves properly, have good operations and procedures to ensure proper management, SUMIBI, S.L. may need to contract the services of advisors, professionals, or other service companies to process data under our instructions.

This data processing by third parties is regulated by a contract that is in writing or in any other legally accepted form, which allows for the verification of its execution and content. It explicitly states that the data processor will process the data in accordance with our instructions, will not use it for any other purpose than specified in the contract, and will not disclose it to other parties, even for storage.

WHAT ARE YOUR RIGHTS?

Data protection regulations grant you the following rights:

– Right to withdraw any previously given consent.
– Right of access: To know what kind of data is being processed and the characteristics of the processing.
– Right to rectification: To request the modification of inaccurate or untruthful data.
– Right to data portability: To obtain a copy of the data being processed in an interoperable format.
– Right to limit processing in cases where it is deemed unnecessary.
– Right to erasure: To request the cessation of data processing and deletion when data is no longer needed.

If you would like more information regarding the processing of your data, want to correct inaccuracies, oppose and/or restrict any processing you consider unnecessary, or request the deletion of data that is no longer necessary, you can contact SUMIBI, S.L. in writing at C/ Canceleiro, 24 Bajo, 36201 – Vigo (Pontevedra) or by email at info@rokuseki.es.

Your communication should include the following information: your full name, your request, your address, and supporting documentation.

The exercise of these rights must be carried out by the data subject themselves. However, they can be executed by an authorized person acting as the data subject’s legal representative. In this case, documentation proving this representation must be provided.

Additionally, we want to inform you that you can withdraw your consent without affecting the lawfulness of the processing carried out before withdrawal. To do this, you should send your request to

the same address mentioned in the previous paragraph. In this case, you must include a copy of your ID or a document proving your identity with your request.

Furthermore, please note that you have the right to file a complaint with the Spanish Data Protection Agency (AEPD) if you believe your rights have been violated. The contact information for the Data Protection Agency is as follows: Data Protection C/ Jorge Juan, 6 28001-Madrid – FAX: 914483680- TELF: 901 100 099- E-mail: ciudadano@agpd.es.

HOTJAR

With your consent, this website uses web analytics services provided by Hotjar Ltd., located at Level 2, St. Julians Business Centre, 3 Elia Zammit Street, St. Julians STJ 1000, Malta (hereinafter “Hotjar”).

Hotjar allows tracking website activities through what are called Heatmaps. By using Hotjar’s Heatmaps service, we can see, for example, how far users scroll, how they navigate the website, which links they click on, and how often they do so.

This website also uses Hotjar’s Recordings feature, which records certain data about how users navigate the website during a session, such as changes in the HTML that occur when visiting the website, mouse movements and clicks, scroll movements, and changes in the size of the browser window. Keystrokes may also be recorded for certain input fields.

Additionally, this website uses Hotjar’s Forms service, which allows us to record how users interact with input fields on the website. For example, if a user fills in an input field and submits it, the time spent interacting with the field, whether the field is left blank, or whether the user chooses not to fill it in may be recorded.

By using Hotjar’s services as described above, valuable information is gained about user interactions and website navigation, which helps improve the website to make it faster and more intuitive. In addition to information about user interaction and navigation (such as which links users decide to click on, mouse movements, etc., as explained above), data is collected about the device screen size, device type, browser and operating system information, geographic location (country only), preferred language for displaying the website, and the device’s IP address (captured and stored anonymously).

Hotjar does not record content or information provided by users in input fields on the website.

Hotjar creates a Hotjar Tracking Code to track a user’s use of the website through a Hotjar cookie.

For more information about Hotjar and its service, please visit https://www.hotjar.com. Users can find Hotjar’s privacy policy at https://www.hotjar.com/privacy.

The legal basis for using Hotjar cookies is your consent (Article 6, paragraph 1, letter a) of the GDPR). We will only use Hotjar cookies if you explicitly permit it. Even if you have allowed the use of Hotjar cookies, you can disable them at any time by changing the cookie settings below. You can also disable this function by following the instructions provided at:

https://www.hotjar.com/legal/compliance/opt-out.

The legal basis for further processing of data collected through Hotjar, such as use, analysis, and storage, is Article 6, paragraph 1, letter f) of the GDPR. The legitimate interest pursued is to improve and optimize this website for the benefit of the user.

At any time, you can exercise your right to object to this processing for reasons related to your particular situation, and you can disable tracking cookies through the tracking cookie settings below.