1. Identification and Contact Details of the Controller
The controller of your personal data is the company SiO2 Systems, S.L.U., hereinafter referred to as SiO2 Systems or the Company.
This privacy policy provides information on the use and processing of your personal data by the Company in your capacity as a user of the website or in your communications with SiO2 Systems by any electronic means.
It also provides information on the applicable legal framework regarding the processing of your data by SiO2 Systems and on the rights you are entitled to under the law.
The Company’s full contact and registration details can be found on the Legal Notice page.
2. General Information
The general principles of data processing and the privacy policy of SiO2 Systems are as follows:
- data will be processed in accordance with current Spanish and European legislation (GDPR - EU Regulation 2016/679 and LOPD - Organic Law 3/2018)
- only the minimum and essential personal data will be collected and processed for each purpose (principle of data minimization)
- no personal data will be shared with third parties without the express consent of the data subjects (except for legal obligations duly justified and documented by the authorities)
This privacy policy includes a table identifying, for each of the different data processing activities carried out by the Company: the purposes of the processing, its legal basis, recipients, international transfers, and data retention period.
3. Detailed Information on Data Processing
| Purpose of Processing | Legal Basis | Recipients | International Transfers | Retention Period |
|---|---|---|---|---|
| Managing inquiries submitted through forms or email | the Company’s legitimate interest in responding to requests for information (GDPR art. 6.1 f) | SiO2 Systems, S.L.U. | Not carried out for this processing | For 1 year from the last interaction with SiO2 Systems or until the data subject exercises their rights of rectification or erasure |
| Sending advertising and newsletters about SiO2 Systems’ products and services | the data subject has given consent for the processing of their personal data for one or more specific purposes (GDPR art. 6.1 a) (*) | SiO2 Systems, S.L.U. | Not carried out for this processing | For 1 year from the last interaction with SiO2 Systems or until the data subject exercises their rights of rectification or erasure |
| Managing customer relationships, including pre-sales processes, project management, handling incidents and technical inquiries, and other general reasons for contacting companies or professionals who are clients of the Company | processing is necessary for the performance of a contract to which the data subject is a party or in order to take pre-contractual steps at the request of the data subject (GDPR art. 6.1 b) | SiO2 Systems, S.L.U. | Not carried out for this processing | For the duration of the contractual relationship with SiO2 Systems, and for three years after such relationship has ended, or until the data subject exercises their rights of rectification or erasure once the contractual relationship has ended |
| Managing invoicing and payments from clients | processing is necessary for compliance with a legal obligation applicable to the controller (GDPR art. 6.1 c) | SiO2 Systems, S.L.U. | Not carried out for this processing | For the duration of the contractual relationship with SiO2 Systems and for as long as there is a legal obligation to retain the data to meet legal requirements |
(*) Conditions for Consent
For newsletter subscriptions and advertising information, the user is asked to confirm that they have read the privacy policy and to give consent for the processing of their data. The user accepts as valid consent communication the checking of the box labeled “I accept the processing of my personal data” or similar wording.
4. Exercising Your Rights
To exercise your rights under the GDPR and LOPD legislation, the data subject may contact SiO2 Systems by email at info@sio2.systems or through any of the contact methods indicated on the Legal Notice page.
Below is a brief and clear list of some of the rights that the data subject may exercise, without prejudice to SiO2 Systems’ obligation to comply with all applicable legislation:
- Right of information and access (Arts. 13, 14, and 15 GDPR): The data subject may consult the details of their personal data, purposes of processing, transfers, retention periods, as well as the identity and contact details of the controller.
- Right to rectification (Art. 16 GDPR): The data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning them.
- Right to erasure (Art. 17 GDPR): The data subject shall have the right to obtain from the controller without undue delay the erasure of personal data concerning them.
- Right to data portability (Art. 17 GDPR): The data subject shall have the right to receive the personal data concerning them, which they have provided to a controller, in a structured, commonly used, and machine-readable format.
5. Cookies
SiO2 Systems will use browser data storage and retrieval files ('Cookies') when the user has given prior consent.
To collect this consent, a pop-up window is used in the user’s browser, which appears when accessing the website for the first time. More detailed information about the use of cookies can be found on the corresponding page: Cookies
6. Security Measures
SiO2 Systems adopts the GDPR-required security levels appropriate to the nature of the data being processed. In particular, SiO2 Systems uses:
- encrypted communications via SSL on the sio2.systems website and across all information systems that support this method
- redundancy across all systems that support this technical measure
- authentication and appropriate security measures for access to information systems, which may include multi-factor authentication (MFA)
- use of backups
Furthermore, SiO2 Systems is committed to proactively investigating and gradually adopting technological and organizational advances that improve data security and, in general, all company operations.
7. Minors
Minors are not allowed to use the services of the sio2.systems website without authorization from their parents, guardians, or legal representatives, who shall be responsible for the use of the website by the minors in their care, including the provision of personal data.