Data Protection Policy
Version 1.2. Publication Date 10/02/2022
The Tiaxa group of companies consisting of different affiliated, controlled, controlling and subsidiary companies (hereinafter referred to jointly as “Tiaxa”), provides, directly and indirectly, various services on its own behalf or for third parties of all kinds of products and services, electronic commerce and commercial applications and telecommunications and value-added transactions, among others (hereinafter collectively referred to as “Services”).
For Tiaxa, the protection of its own and third-party data (hereinafter referred to interchangeably as “data”) is one of the most important concerns and we strive to protect the privacy of the data to which we give any kind of treatment, establishing this policy to inform customers, collaborating users and suppliers, in a transparent manner, regarding such treatment.
We establish the guidelines that govern the activities in which we receive the data, the way in which it is managed according to its specific use and the safeguards considered for the protection of the data.
We permanently update the principles and safeguards so that this policy remains in force and complies with the principles for which it was implemented.
Due to the above and to establish data processing, Tiaxa has defined the following guidelines of general application for this policy:
- Define and keep updated a policy for data protection, with greater emphasis on that which should be considered personal data in accordance with the applicable regulations.
- Determine the application of technical and organizational measures, whether physical or logical, necessary to establish adequate data protection in accordance with the needs of the services provided by the organization and the legislation that applies to these matters.
- Identify the risks that affect data protection and adopt the necessary measures to guarantee its security.
- Guarantee the security of data processing both in terms of confidentiality and integrity, that is, to prevent leaks, loss, accidental or unlawful alteration of data received, transmitted, stored or processed, as well as unauthorized use or access to the same.
- Keep a record of data processing activities, identifying events that may pose a risk and carrying out the corresponding assessments for the detection, mitigation of any potential impact and correction of any verified impact.
- Notify interested parties regarding any impact on data security regarding its confidentiality and/or integrity.
- Cooperate with the competent authorities, when requested, within the framework of attributions conferred to them by the applicable legislation, providing information on the possible affectation of personal data that the organization has defined to apply data processing.
- Define, communicate and ensure awareness of the guidelines and considerations that must be applied by all persons belonging to the organization and who have access to or participate in data processing, who must follow these instructions.
This policy is known and applied by all Tiaxa employees for the benefit and satisfaction of its customers.
This policy applies to the collection, storage, management and deletion of data received by our customers, collaborators, suppliers, contractors, independent advisors, consultants and, in general, to all data received that is subject to treatment by Tiaxa.
2. DEFINITION OF THE DATA SUBJECT FOR TREATMENT
The following are the processes in which data is received from third parties and the data protection treatment that will be applied:
2.1. DATA RECEIVED FOR SERVICES PROVIDED TO CUSTOMERS
Tiaxa provides its customers with the following lines of service:
a) Analysis of massive data for its application in profiling and prediction models for different fields of use.
b) Notification of events linked to services
c) Delivery of messaging through digital channels provided by third parties.
d) Preparation of the notification and charging of the service to the final customers of the operating companies.
e) Digitalization of internal processes of different companies, either by automating them and/or generating added value, in order to reduce costs and possible errors.
2.2. CONTACT DATA
Tiaxa records, uses and protects all contact data used for external or internal communication purposes, according to the following elements:
2.2.1. CONTACT INFORMATION OF CUSTOMERS, USERS AND SUPPLIERS:
The contact data will be used to channel and process the requirements and facilitate the development of the implementation and execution of the services provided by Tiaxa.
Therefore, the contact data will be used to achieve:
- communication with the level of interaction that is required according to the processes that are being executed,
- better management and administration of services,
- expand and improve services,
- achieve an adequate understanding of the specific requirements of each case in order to determine the feasible adaptations to meet the requirements and processes, including determining the feasibility of service improvements based on the needs expressed by our customers.
Tiaxa may use this data to exchange information about products, services, offers and news that we may consider of interest to our customers, partners and suppliers.
3. DATA RECEIVED THROUGH TIAXA’S DIGITAL CHANNELS
The channels through which Tiaxa communicates and shares general information with customers and prospects, suppliers and individuals are as follows:
- Website www.tiaxa.com, which provides corporate information about the organization, products and services and customer testimonials about the experiences of the projects carried out with our company. The companies or individuals involved in such testimonials have expressly authorized Tiaxa to use and disseminate their identity and information for the purpose of disseminating or promoting the qualities and results of working with Tiaxa.
The Organization declares that as a basic principle, it does not capture any user data or information such as the IP address (only through the website), geolocation, registration of how the services and sites are used, browsing habits and other data that cannot be used to identify the user browsing the site.
4. DATA TREATMENT
4.1. BUSINESS RELATIONSHIP
- Sending commercial information. When appropriate, and having obtained customer consent, we will treat the data to make commercial communications about products and / or services related to the company.
- Enhancement of Services: In certain cases, we will treat the contact data of our customers to improve our services, as well as, sending communications in relation to surveys or polls in which the customer may wish to participate or comply with our requirements for internal or external audits, in each case. In the same way, it will be necessary to use them to protect our rights or respond to claims of any kind.
- For marketing and event purposes. On certain occasions, the company will use the contact data provided to send marketing communications and events through various platforms. However, we will explicitly request consent when required to do so and we also have the appropriate means to cease any communications of commercial offers that have not been expressly requested by our customers.
- When consent is obtained. In certain cases, we may use the data for purposes other than those mentioned above, provided that the customer gives us their consent in an isolated, clear and unambiguous manner.
4.2. RELATIONSHIP FOR CONTRACTING SERVICES OR PRODUCTS
When any type of contract is executed with us or a binding legal relationship with the company subsists, the data will be used in order to carry out, manage and/or provide correct and adequate administrative processing.
- Existing pre-contractual relationship:
It may be necessary to process the data for the execution of pre-contractual actions (commercial prospects) to which the customer or the customer’s contacts are party.
- Operational, logistical and administrative management.
In the event that a purchase our products and/or contract our services, it will be necessary to process your data to manage all operational, logistical and administrative actions and activities related to the provision of the service itself, including its implementation, support, billing and collection.
- Delivering communications.
When the case arises and the provision of the contracted service requires it, we may send you information regarding the contracted service or product purchased.
4.3. SITUATIONS OF LEGAL NATURE
- Compliance of a legal obligation.
In certain cases, it may be necessary to process our customer’s data in order to comply with a legal obligation, for example, to comply with court orders, requests or orders from law enforcement agencies or other supervisory authorities or public and governmental administrations, even when they are outside the customer’s country of residence. We may also provide our customer’s contact information to respond to requests from them for the prevention, detection or investigation of a crime or other violation of the law.
4.4. SAFEGUARDING OF EXTERNAL DATA
All data information is safeguarded in Tiaxa’s private site, based on the services provided through its platforms, with access restricted by profiles and controlled through the use of authentication means and mail and repository management tools, with security measures provided by Tiaxa’s technological support unit.
The data under Tiaxa’s custody is as follows:
- Customer Database:
Its purpose is to use the data for the proper provision of the service by Tiaxa, as well as the strengthening of communication channels to allow management and safeguarding of the data according to the purposes for which it has been provided. In the same way, all the specific data that the customer shares with Tiaxa will be protected, for the exclusive purposes of the provision of services, in which case the owners of the data have given consent to its use by the customer who contracts the Tiaxa service.
- Supplier Database:
Its purpose is to maintain updated, robust and sufficient information on the contacts of companies that are suppliers or would like to become suppliers.
- Contractor Database:
Its purpose is to store the register of contacts of persons or companies contracted by Tiaxa through civil or private contracts.
5. DEADLINES AND DATA RETENTION CRITERIA
The data provided will be kept in accordance with the following criteria:
- The time necessary to comply with the processing for which they were initially collected in relation to customers who hire our services, our collaborators, suppliers, contractors, independent advisors, consultants, collaborators and in general all data received as indicated in section 4 of this policy.
- Reasonable time to demonstrate compliance with our duties and obligations.
- The prescription periods established in the laws, within which any type of claim can be filed extrajudicially or judicially.
- The deadlines that customers of services contracted to Tiaxa expressly request to be kept for a specific period of time.
- Once the data is no longer necessary for the processing or request in question, it may be blocked, remaining available only to meet the requirements of public authorities or deleted due to obsolescence or instructions from Tiaxa’s customers.
6. DELETION OF DATA
Tiaxa is concerned about the privacy of data beyond the life cycle of the contracted services or obsolescence of contact information, according to the commercial, operating and contractual agreements signed in a particular way with each of the customers.