PRIVACY POLICY

We take your privacy very seriously. Please read this privacy policy carefully as it contains important information on who we are, how and why we collect, store, use, and share your personal information. It also explains your rights in relation to your personal information and how to contact us or supervisory authorities in the event you have a complaint.

Your Privacy Is Important to Us!

We, at Naolito, value your trust and confidence. This privacy statement is applicable to the information we collect on all our websites. We created this privacy statement to inform you of our global commitment to you.

Naolito is committed to safeguarding privacy worldwide. An internal Data Control Organization of employees trained in personal data protection, is in place within Naolito, worldwide. 

 

PROVISION OF SERVICES BY NAOLITO

The provision of the Services by Naolito and its subsidiaries may require collecting some personal data. All information we collect is collected for a specific purpose and is necessary for this purpose and will not be used subsequently for another purpose. We don’t sell any personal data collected on our websites, and we explicitly forbid anyone to commercially use any personal data present on our websites.

Why and How do we collect personal data

To the extent Naolito obtains possession of or collects any Personal Data, the relevant Personal Data shall be:

– Processed fairly and lawfully.

– Processed for specified purposes only.

– Not kept longer than necessary.

– Processed and held securely.

– Adequate, relevant, and not excessive.

– Accurate and up to date

We may collect and use the following personal information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular user, consumer, or household.
We collect most of this personal information directly from you—in person, by telephone, text or email, and/or via our website and apps. However, we may also collect information from publicly accessible sources (e.g., property records), from a third party (e.g., sanctions screening providers, banking accounts, credit reporting agencies, or customer due to diligence providers), or via our IT systems.

Under data protection law, we can only use your personal information if we have a proper reason for doing so, to comply with our legal and regulatory obligations, for the performance of our contract with you or to take steps at your request before entering into a contract, for our legitimate interests or those of a third party, or where you have given consent.

A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.

Sensitive Data

On a general basis Naolito does not collect any sensitive data concerning you. Yet, depending on the definition used in regulations, some data considered as sensitive under certain regulations may be collected. For instance, we may collect the birth date, or marital status for hiring purposes, while this information gives age, which is protected under CCPA. For security reason, while hiring, we may collect criminal records in certain countries, while this is considered as sensitive under GDPR.

KEEPING YOUR INFORMATION SECURE

Keeping the personal information, we collect about you secure is one of our most important responsibilities. We value your trust and handle personal information with care. Our employees access information about you for lawful purpose.

We may also access information about you when responding to requests as required by law. This personal data is accessible on a need-to-know basis to the teams involved with the Services (marketing, IT, security, finance, and to any subcontractor working with those departments).

We safeguard information according to established security standards and procedures, and we continually assess new technology for protecting information. Our employees are trained to understand and comply with these information principles. Naolito and its subsidiaries use reasonable administrative, physical, and managerial measures to safeguard your personal information against loss, theft and unauthorized access, use, and modification.

 

How—and why—information is shared

Your information is collected and stored for a limited duration necessary for the purpose of the processing (please see subsequent). We limit who receives information and what type of information is shared. We share information to the extent it is necessary to process the information for its intended purpose.

 

Sharing information within Naolito. In processing information, Naolito leverages Corporate systems where the personal information we have about you may be shared among the family of Naolito companies as permitted by law and our agreement with you, as well as to process your notifications of illegal content when you decide to submit it to us.

Naolito and its subsidiaries have offices in several countries, including some countries outside the European Union. The client’s personal data may be transferred or made accessible outside of the European Union and such access and transfers are governed by an intragroup agreement that secures transfers and access. In case of transfer to subcontractors outside the European Union, we ensure that the Standard Contractual Clauses approved by the European Commission are signed with these subcontractors.

 

Sharing information with companies that work for us. To handle the support, for employment purposes or to assist us in offering you goods and services and our agreement with you, we may occasionally share information with companies that work for us, such as companies specialized in hiring, or maintenance services. In such case, Data Processing Agreements are in place with third parties (EC Standard Contractual Clauses – Controller to Processor)

 

Sharing information with others. We may provide your personal data as required by law or legal process or accreditations or the audit of our accounts; to maintain our accreditations, to comply with our legal and regulatory obligations, to protect and defend the rights of Naolito and its subsidiaries and under circumstances, we believe reasonably necessary to protect the personal safety of users, Naolito its subsidiaries, its sites, or the public.

How Long Your Personal Information Will Be Kept

We may keep your details on record for as long as is reasonably necessary for the purposes for which it may use your personal data, as set out above and as allowed in accordance with applicable data protection law.

The criteria we use to determine data retention periods for your personal data includes the following:

  • retention in case of queries – for example, where you contact us to receive further information about the way we handle your data;
  • retention for the period in which you might legally bring claims against us;

  • retention in accordance with legal, tax-related and regulatory requirements – after your agreement with us has come to an end; and

  • to stay in touch about your requirements on an ongoing basis, where you have selected to receive these.

Please note that we reserve the right to retain certain information for our own record-keeping (for example, to ensure that you do not receive marketing communications that you have opted out of receiving) and to defend ourselves against any claims.

 

YOUR RIGHTS AND OFFERING CHOICES

You will be offered an opportunity to express your preference regarding the use and dissemination of information about you. That opportunity may be made available at the time you register on our website, when you subscribe to our newsletters, or when you fill in a form (if one of those is applicable). While the specific preferences offered may vary from region to region across the world due to local law and/or practice, it is Naolito and its subsidiaries’ goal to listen and honor our customers’ preferences. Your continued trust and confidence depend upon it.

 

 

How To Exercise Your Rights?

To exercise any of the above rights, or any similar right that your local regulation may provide you with, please contact our DPO following the contact instructions at the end of this Policy. As a Data controller, we will confirm Data subject identity before fulfilling the rights request. To do so, any request must:

– Provide enough information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.

– Describe your request with enough detail that allows us to properly understand, evaluate, and respond to it.

– We endeavor to respond within 30 days of receiving a verifiable request. We do not charge a fee to process or respond to your request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

 

GENERAL

Cookies

Naolito may use cookies on our websites to ease your navigation and to analyze your use of the website. Each website should provide information to better understand how cookies work and how to use the available tools to configure them. 

 

Privacy Notice for California Residents

This Privacy Notice for California Residents supplements the information contained in our privacy policy above and applies solely to all visitors, users, and others who reside in the State of California (”consumers” or “you”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 (CCPA) and any terms defined in the CCPA have the same meaning when used in this notice.

Revisions

We reserve the right to amend this Privacy Policy at our discretion and at any time. When we make changes to this Privacy Policy, we will post the updated policy on the Website and update its effective date. Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.

  • Effective date: September 27nd, 2021.

  • Last review: September 29nd, 2021.

CONTACT

Privacy – Data Protection Officer

Requests to exercise your right under this Policy, or any questions regarding our Privacy Policy and practices can be addressed to our DPO:

– By using the dedicated webform: https://www.naolito.com/contact/

– By email: contact@naolito.com

– By postal mail: Doña Enriqueta, 12, 6B, 29007, Málaga (Spain)