The Spanish Data Protection Act’s purpose is to protect the fundamental rights and freedoms of individuals, the privacy of private life, and to impose obligations against any wrongful act in Spain.
In accordance with the Personal Data Protection Law, we intend to establish a data security and storage policy. With this policy, we protect and preserve your personal data.
Tekce Legal Consultancy SA is a registered brand. We are an overseas legal consultancy company. https://tekcevisa.com is owned and run by Tekce Legal Consultancy SA.
The scope of this policy covers the Tekce Legal Consultancy SA team and https://tekcevisa.com visitors. All actions created and performed by Tekce Legal Consultancy SA are in accordance with the policy.
This policy has been prepared in accordance with the Spanish Data Protection Act and must be accepted by our all employees. Tekce Legal Consultancy SA expects that all employees, customers, and visitors, comply with this policy. The company provides essential information about this policy and provides relevant materials to the employees.
- GLOSSARY OF TERMS
3.1. Tekce Legal Consultancy SA
Tekce Legal Consultancy SA is an overseas legal consultancy company.
3.2. Explicit Consent
The processing of data is permitted, but only to a limited extent. It is presented for informational purposes only and is based on free will.
It is the rendering of personal data that cannot be associated with an identified or identifiable person, even if it is matched with other data.
The team of Tekce Legal Consultancy SA.
3.5. Service Provider
Employees of the third-party organization that provides services to Tekce Legal Consultancy SA.
3.6. Customer / Visitor / Individual
The person whose personal information is kept and processed by Tekce Legal Consultancy SA.
3.7. Personal Data / Personal Information
Information about customers/contacts/visitors allows them to be identified, such as phone number and e-mail address.
3.8. Processing of Personal Data
Whole or in part, automatically gathering, modifying, storing, saving, editing, or disclosing personal data.
3.9. Data Controller
Persons who decide what personal information Tekce Legal Consultancy SA will hold and how it will be stored and used.
3.10. Data Processor
Natural or legal persons who process data under the authority of the Data Controller.
3.11. Data Protection Act Board
The Board of Protection of Personal Data.
3.12. Data Protection Act Corporation
The Corporation for the Protection of Personal Data.
3.13. Law of Data Protection Act
It is the Spanish Data Protection and Digital Rights Act 3/2018.
Tekce Legal Consultancy SA’s Personal Data Protection and Processing Policy.
- ROLES AND RESPONSIBILITIES
4.1. Data Controller
The processing of Personal Data refers to the automatic collecting, amending, storing, saving, editing, or disclosing of personal data, in whole or in part, within the guidelines of the provisions of the Spanish Data Protection and Digital Rights Act 3/2018.
To continue our work, Tekce Legal Consultancy SA must gather and use specific types of information about visitors or clients. Within the scope of the Law, Tekce Legal Consultancy SA is the Data Controller and decides which data will be used.
4.2. Data Controller Agent
A Data Controller Agent will be needed when the Data Controllers Registry is established. This agent should be an expert in keeping data confidential, processing, and taking the necessary security steps.
4.3. Data Processor
Data processors are natural or legal persons who process Personal Data. The processor must be operating under the authority of Tekce Legal Consultancy SA.
Tekce Legal Consultancy SA and Data Processors are obliged to take precautions if the data is processed by natural or legal persons. As Data Controllers, Tekce Legal Consultancy SA oversees the trust process between the two parties; Tekce Legal Consultancy SA and individuals.
- LEGAL OBLIGATIONS
Tekce Legal Consultancy SA has legal responsibilities regarding the security and processing of Personal Data in accordance with the Spanish Data Protection Act. These are:
5.1. The Obligation to Clarify
Tekce Legal Consultancy SA is obliged to inform the visitors and customers about the following issues during Data Processing:
- The identity of the Data Controller
- Reasons for keeping Personal Data
- Legal reasons for keeping Personal Data
- Rights of persons
5.2. The Obligation to Inform
Tekce Legal Consultancy SA is obliged to inform the visitors and customers in accordance with the Spanish Data Protection and Digital Rights 3/2018 Act. In addition, information requests must be fulfilled via firstname.lastname@example.org or +34 951 23 59 59.
The special requests must be written by persons manually or by any other methods to be determined by the Data Protection Act Board.
5.3. The Obligation to Provide Personal Data Security
As Data Controllers, Tekce Legal Consultancy SA is obliged to provide the necessary security services in accordance with the Spanish Data Protection Act.
5.4. The Obligation to Enlist in the Data Controllers Registry
Tekce Legal Consultancy SA is obliged to register with the Data Controllers Registry in accordance with the Spanish Data Protection Act.
- CLASSIFICATION OF PERSONAL DATA
6.1. Personal Data
Information considered as Personal Data is an individual’s name, surname, date and place of birth, social security number, identity, e-mail address, telephone number, address, image, payment information, and other such data.
Tekce Legal Consultancy SA keeps some of this data, such as name, surname, telephone number, and e-mail address, due to membership conditions.
6.2. Private Personal Data
Information considered as Private Personal Data is an individual’s race, ethnicity, philosophical belief, political opinion, religion, sect or other beliefs, rig, membership to any foundation or organization, health problems, convictions, sexual life, security measures, biometric and genetic data.
In accordance with the Spanish Data Protection Act Law, it is strictly prohibited to hold such data without the consent of the individuals. As Data Controllers, Tekce Legal Consultancy SA never requests such Private Personal Data unless it is specified by laws.
- THE POLICY OF PERSONAL DATA PROCESSING
7.1. The Principles for Data Processing
All collected data must be processed following the Spanish Data Protection Act.
- Tekce Legal Consultancy SA must process the data under the Spanish Data Protection Act and other legal regulations.
- Tekce Legal Consultancy SA must be transparent, fulfill the obligations to clarify and inform by adhering to the rules of honesty.
- Tekce Legal Consultancy SA should only process the data for justifiable reasons. The reasons must be lawful and specified in the Spanish Data Protection Act or other legal regulations.
- The data must be relevant to the purpose and limited to that purpose only.
- Tekce Legal Consultancy SA must process data at the required scale. The code of proportion must be enforced and only the essential bit of the data must be processed.
- Tekce Legal Consultancy SA must hold data only for as long as needed (see section 9) and must not keep data if the required time has passed anonymously.
7.2. The Objectives of Data Processing
Tekce Legal Consultancy SA does not gather and save any personal information from any customer to send unwanted and unsolicited information (spam). We aim to process data for some purposes such as:
- Personal and contact data, such as name, surname, e-mail address, and phone number are processed for website registration and higher-quality communication.
- Demographic site or app browsing data is processed to analyze and collect user points of interest. This information is used to improve business and operational activities, such as remarketing, retargeting, and communications.
- Social web data is used to provide a more useful and easier experience on the website. Some social websites, such as Facebook, Twitter, and Linkedin, can only be used to register on the Tekce Legal Consultancy SA website.
- Location data is used if the user gives permission from mobile phones while browsing. We process location data to suggest properties and show the closest offices by location.
The data is processed for other purposes in addition to the above-mentioned purposes;
- Tekce Legal Consultancy SA sends news via e-mail addresses in a newsletter format.
- Tekce Legal Consultancy SA deals with each customer individually by answering any questions and demands provided by the communication data.
- Tekce Legal Consultancy SA informs about the latest services.
- Tekce Legal Consultancy SA engages in direct marketing.
- Tekce Legal Consultancy SA can communicate directly with people when required.
7.3. Ensuring the Data to be Processed on Legal Grounds
The following technical measures are taken by Tekce Legal Consultancy SA when processing personal data legally:
- Arranging an intercorporate institution for the processing and storage of Personal Data in accordance with the Law
- Establishing the technical infrastructure for the database where all Personal Data will be kept
- Supervising the created technical infrastructure and process
- Designating the necessary procedures for reporting technical procedures and reviewing periods
Tekce Legal Consultancy SA takes the following legal safeguards for the processing of personal data on legal grounds:
- To educate and inform Tekce Legal Consultancy SA employees regarding the legal processing of personal information
- To take precautions against any unlawful processing of personal data in contracts, legal files, and policies
- To inspect the personal data processing of third-party processors and partners
- THE POLICY OF TRANSFERRING THE PERSONAL DATA
8.1. Transferring the Personal Data Inland
Tekce Legal Consultancy SA is obliged to act in accordance with the Spanish Data Protection Act and the regulations defined by the Data Protection Act Board. As Data Controllers, Tekce Legal Consultancy SA is obliged to comply with the Spanish Data Protection Act.
We never share any personal data or information with third-party companies without the consent of the person. However, in case of obligations deriving from the Spanish Data Protection Act and other Constitutional Laws, we may transfer the data to the relevant jurisdiction, governmental or legal bodies.
8.2. Transferring the Personal Data Abroad
Tekce Legal Consultancy SA can also transfer data abroad for processing and storage. The country that will receive the Personal Data must have taken the essential protection measures. The measures should be controlled by the Data Protection Act Board.
In case the necessary measures are not sufficient, Data Controllers from both Spain and the recipient country must make a written commitment, and the Data Protection Act Board must approve it.
8.3. Which Person/Organization Receives the Personal Data?
Authorized institutions and organizations: Public legal entities can receive the Data as they request. Tekce Legal Consultancy SA customer program, TEKÇE, receives and stores Personal Data and keeps track of customers.
Some third-party software and tools, such as Bing, Google AdWords, Google Analytics, Yandex Metrica, Yandex Direct, Whatsapp, Facebook, Twitter, Instagram, and JivoChat, gather Personal Data from cookies to facilitate your browsing experience.
8.4. The Precautions for Transferring the Personal Data
Tekce Legal Consultancy SA is obliged to take the required technical measurements in case of unauthorized access to and use of Personal Data by any data processor person or company, even if these data processors are authorized by Tekce Legal Consultancy SA.
Tekce Legal Consultancy SA has established internal policies on how and for what purpose the data should be transferred. We also decide the parties to whom the data should be transferred.
- THE POLICY OF THE PERSONAL DATA PRESERVATION
9.1. Preserving the Data for a Specific Amount of Time
According to the Spanish Data Protection Act, any information related to persons known or found is personal data. All information, such as phone numbers and e-mail addresses is securely saved and stored by Tekce Legal Consultancy SA.
In this context, Tekce Legal Consultancy SA is obliged to act following the law while acquiring and storing the data. The data will be stored until the preservation purpose (see 7.2) is finished. According to government obligations, data must be kept for an average of 2 years.
This duration varies from law to law. For instance, according to the Tax Procedure Law, registration and credentials must be kept for 5 years.
9.2. The Precautions for Processing the Personal Data
Tekce Legal Consultancy SA takes measures to ensure the safety and protection of personal data. The required systems and control mechanisms as technical measures are established.
We also create awareness and education among our employees on the protection of Personal Data. We are obliged to inspect these measures for the protection of personal data.
- SAFETY POLICY OF THE PERSONAL DATA
10.1. Responsibilities of Tekce Legal Consultancy SA about the Safety of Data
We have the responsibility to keep Personal Data safe per the Spanish Personal Data Protection Law. We are responsible for:
- Preventing the processing of Personal Data in violation of any law,
- Reviewing the measures regularly,
- Providing sufficient technical equipment to stop any infiltration of Personal Data,
- Informing the authorized institutions in case of any infiltration.
10.2. Precautions for Keeping the Personal Data Safe
We take essential precautions at times of security risk to keep Personal Data safe and secure. These precautions are as follows;
Technical and Executive Precautions
Technical and administrative measures regarding the processing, transfer, and protection of Personal Data are defined in the relevant articles. We are obliged by the Law to take measures for the protection of individuals if Personal Data is still leaked and in the hands of third parties unlawfully.
Precautions and Inspection for Safety of the Personal Data
We prepare a report on the submission of the Data recorder with the Spanish Data Protection Act. The recorder is periodically inspected, and the report is submitted to the authorized person or board.
Precautions in Case of Disclosure without Authorization
We are obliged to hinder all disclosure activities, take the necessary precautions, and establish an internal policy. In case of any unauthorized disclosure, we are obliged to inform the disclosed person and the Data Protection Act Board.
- THE RIGHTS OF INDIVIDUALS
11.1. Right to Access Own Personal Data
Individuals, customers, and visitors have the right to access their personal data without making any payment. They can:
- Learn whether their Personal Data is processed or not,
- Demand information about the operation if the data is processed,
- Question the purpose of processing and learn whether the data is used following its purpose.
11.2. Right to Change or Delete Own Personal Data
Individuals, customers, and visitors can change or delete their personal data without any payment. They can:
- Request the correction of the Data in case of any wrong or incomplete information,
- Request the deletion of the Data if the purpose of storing the information is no longer active,
- Request notification of these procedures to third-party processors,
- Object to any negative outcomes resulting from the analysis of the processed data by automatic systems.
11.3. Updating Own Personal Data
You may get in touch with us when you have a request to access, change, or delete your Personal Data;
Phone: +34 951 23 59 59
Personal meeting or letter: C/El Montículo 8, 29631, Benalmádena Málaga, Spain
11.4. Application of Individuals and Evaluation
Individuals may demand access to their processed data and the use of their rights defined in this policy. Tekce Legal Consultancy SA creates these communication opportunities. All applications are answered in a short time, not more than the Spanish Data Protection Act foresees.
These persons should consult the representatives who have been acknowledged by Tekce Legal Consultancy SA and declared by the Data Controllers Registry. The Data Controller Representative will conclude these applications in a short time and exceeding 30 days, without any fee or payment determined by the Data Protection Act Board.
To start this process, individuals must send their applications to the Data Controller Representative as determined by the Data Protection Act Board. Applications must be written in letters until the Board decides on another method. The person must define their application clearly and send their official letter as a registered and reply-paid letter to:
C/El Montículo 8, 29631, Benalmádena Málaga, Spain
The application is accepted or rejected by the Data Controller Representatives and answered in writing or electronically. If the application is accepted, the demand will be made by Tekce Legal Consultancy SA. If the fault belongs to Tekce Legal Consultancy SA, the payment is refunded to the individual.
If the application is rejected, the answer is not sufficient, or the answer is not given within the given time, the person can write a complaint letter within 30 days as it is answered within 60 days.
Visitors can always block Cookies through their browser settings. However, blocking or limiting Cookies may affect the smooth experience visitors have. Visitors are deemed to accept Cookies as long as they do not block or limit.
- PUBLISHING AND PRESERVING THE POLICY
- THE PERIOD OF UPDATING THE POLICY
This policy will be valid starting from its publication until it is removed from the mobile app or website.
We have taken technical and organizational security measures to prevent accidental loss, use or unauthorized access, change, or disclosure of your personal data. However, no method of transmission or electronic storage via the Internet or mobile device ensures 100% protection.
Tekce Legal Consultancy SA expressly disclaims any such liability and obligation.
- INTERNATIONAL DATA TRANSFER
We take our users’ privacy seriously. Thus, we take actions to protect your data, including ensuring an adequate level of data protection in line with EU standards.
These include the application of the European Commission’s Standard Contractual Clauses for personal information transfers between our group companies, which require all group companies to protect the personal information they process from the EEA in accordance with European Union data protection laws.
We have implemented similar appropriate measures with our third-party service partners and providers. More details can be provided on demand.
* This document has been updated on December 09, 2022.