IMPORTANT NOTICE: The translated versions of the contracts and legal policies are provided solely as a convenience to facilitate reading and understanding of the Spanish versions. The objective of providing translations of contracts and legal policies is not to create a legally binding contract, and not be a substitute for the legal validity of the Spanish versions. In the event of any dispute or conflict, the Spanish versions of the contracts and legal policies will under all circumstance govern our relationship and prevail over the terms in any other language.
The protection of your personal information is very important to us. This document is intended to inform you about what personal data we process, the purposes for which we process it, how it is processed, who has access to your personal information, how long we process it and how you can exercise your rights with respect to the data processing we carry out in connection with INWX's business.
Our external Data Protection Delegate is:
IITR Datenschutz GmbH
Phone: +49 89 189 173 60
1. WHO IS RESPONSIBLE FOR PROCESSING YOUR DATA?
We are responsible for the processing of your data:
1. INTERNETWORX S.L.U., a company that operates in Spain in the provision of domain registration services, data processing, web hosting and related activities, with registered office at Avda República Argentina, 31 - 07200 Felanitx - Illes Balears (Spain) and NIF: B16663502 and registered in the Mercantile Registry of the Balearic Islands: T 2847 , F 220, S 8, H PM 88434, I/A 1 (26.02.20).
2. INTERNETWORX GROUP GMBH, a German limited liability company with registered office at Prinzessinnenstr. 30, 10969 Berlin, (Germany) and registration no. HRB 211904 B Amtsgericht Berlin (Charlottenburg).
In accordance with national and European regulations on the protection of personal data, both INTERNETWORX S.L.U and INTERNETWORX GROUP GMBH (hereinafter jointly referred to as "We" or "the Processing Parties") are responsible for the processing. This means that we have regulated and are jointly responsible for the processing and protection of your personal data.
For all other data processes where we do not control the process itself, in particular for domain registration services, the data controller is the registration operator of the respective TLD and the ICANN as common data controller with the registration operator.
What personal data do we process?
When you use our services, we collect personal information/data that we process. Personal data is any information related to an identified or identifiable natural person. Depending on the products, services or functionalities you want to request at any given time, we will need to process some data or others, which in general will be
- If you create an account with us and use our services: your name, e-mail address, telephone number and (if available) fax number, your full personal address, the organization you work for (if necessary for the transaction), your preferred language, the IP addresses you use to connect to our systems, your account name, the services you request, your financial information including banking or credit card information, and your login information. We may also request additional personal information if it is required for the service you are requesting.
- If you require assistance from our support: your phone number, your email address, your customer number.
- If you request newsletters from us: Your email address.
- If you are applying for any recruitment/employment process: Your name, title, resume, graduations, professional qualifications, general qualifications.
Remember that, when we ask you to provide your personal data to give you access to some functionality or hire a service, we will mark some fields as mandatory, since they are data we need to be able to provide the service or give you access to the functionality in question. Please note that if you decide not to provide us with this data, you may not be able to complete your registration as a user or you may not be able to enjoy these services or functionalities.
2. FOR WHAT PURPOSE DO WE PROCESS YOUR PERSONAL DATA?
The data that you transmit to us when requesting a service (or for the correction, renewal or updating of service requests) are necessary to establish a contractual relationship between you and us, to be able to provide you with the requested services, as well as for the auxiliary or related services to your request, for the adequate and safe management of your client account, to avoid the abusive use of our services, to allow us to provide information about the expiration and necessary renewals of the services and to allow us to comply with the applicable legal obligations. Some personal data may be transmitted to service providers outside of us whose intervention is necessary to provide you with certain services (such as domain name registration operators, certification authorities, ICANN).
The purposes for which these third parties may process such data include limiting and/or preventing abuse and/or fraud, verifying compliance with applicable eligibility requirements and/or acceptable use policies of the services provided by them, centrally managing a service registry, ensuring data accuracy and providing continuity of service.
The transmission of your personal data may also be required in certain cases by data controllers in order to comply with their applicable legal obligations.
We may also process your personal information for the satisfaction of our legitimate interests or those of a third party, provided that such interests are not overridden by your interests or fundamental rights and freedoms.
3. WHAT IS THE LEGITIMACY FOR THE PROCESSING OF YOUR DATA?
The legal basis that allows us to process your personal data also depends on the purpose for which we process them,
- Art. 6.1.a) RGPD, insofar as we obtain your explicit consent to the processing of your personal data in relation to the sending of advertising or newsletters related to our services.
- Art. 6.1.b) of the RGPD serves as a legal basis, insofar as the processing of your personal data is necessary to fulfil a contract to which the interested party (you) is a party. The same applies to processing operations necessary to carry out pre-contractual measures. This legal basis is applicable to your request for information about our services or your contract.
- Art. 6.1.c) of the RGPD serves as a legal basis insofar as the processing of your personal data is necessary for the fulfilment of a legal obligation to which we are subject under the national or European regulations applicable to us, including any international rules or protocols with which we must comply, such as ICANN regulations.
- Article 6.1.f) of the RGPD serves as a legal basis insofar as the processing is necessary to safeguard our legitimate interests or those of a third party, provided that the interests or fundamental rights and freedoms of the data subject which require the protection of personal data do not prevail over these interests.
4. WILL WE SHARE YOUR DATA WITH THIRD PARTIES?
- We may provide your personal information to third party service providers, provided that they are directly involved in providing our services that you request from us, such as a registration operator of a top level domain for which you have requested registration (please refer to the registration conditions of any TLD to find the registration operator and its registration conditions). This communication of data may require the transfer of data to organizations and/or servers outside the European Union (so-called third countries). To find out whether this transfer is to a third country with an adequate level of data protection, please consult our price list or the registration conditions.
- Financial entities or payment services: We may transfer personal information to third parties that are directly involved in providing payment services according to the payment options you have selected to pay for our services, such as: Banks, Paypal and others. This may require the transfer of your personal information to organizations and/or servers outside the European Union.
- International registrations: your personal data may be provided to operators of registration database services (formerly whois) and users of such services if so required and if such provision and use is necessary for the purposes of the legitimate interests pursued by the data controller or a third party, as permitted by Art. 6.1.f) of the RGPD.
- Technology service providers: In order to guarantee the continuity of the activities, your personal data may be provided to providers of escrow or storage services, as well as to providers of backup storage.
- Public bodies and fraud detection and prevention entities: We may disclose your personal information to public administrations or bodies, as well as to the competent courts and tribunals, to the extent permitted or required by law.
5. HOW LONG WILL WE KEEP YOUR INFORMATION?
The length of time your data is kept depends on the purposes for which we process it, as explained below:
Personal information derived from the provision of services we perform for you will be retained for as long as it is in effect or you cancel the service for at least one year after completion of the service for which it was collected, or longer if required by law, such as in the case of tax and commercial law.
Personal information derived from the request or sending of commercial communications by electronic means will be kept until you unsubscribe or cancel your subscription to the newsletter or communication.
Data processed for other purposes will not be processed longer than required for the purposes for which they were collected, or until all applicable legal requirements have been met.
Regardless of whether we process your data for the time strictly necessary to fulfil the corresponding purpose, we will subsequently keep it duly stored and protected for as long as any liabilities arising from the processing, in compliance with the regulations in force at any given time, for example, tax or commercial/accounting regulations. Once the possible actions in each case are prescribed, we will proceed to the deletion of the personal data.
6. WHAT ARE YOUR RIGHTS WHEN YOU PROVIDE US WITH YOUR DATA?
We undertake to respect the confidentiality of your personal data and to ensure that you can exercise your rights. The Correspondents have agreed that you can exercise them free of charge by writing to us at a single email address firstname.lastname@example.org, or to our Data Protection Officer, simply indicating the reason for your request and the right you wish to exercise. In case we consider it necessary to identify you, we may ask you for a copy of a document proving your identity.
In particular, regardless of the purpose or legal basis on which we process your data, you are entitled to
- To ask us for access to the data we have about you. Remember that if you are a registered user or customer you can also access your data through access to your account.
- Ask us to rectify the data we already have. Remember that if you are a registered user or customer you can also access the section corresponding to your personal details in your account to modify or update your personal details. In any case, bear in mind that by providing us with your personal details in any way, you guarantee that they are true and accurate and you undertake to notify us of any change or modification to them. Any loss or damage that we or any third party may suffer as a result of incorrect, inaccurate or incomplete information on the registration forms will be the sole responsibility of the user.
- Please ask us to remove your data to the extent that they are no longer necessary for the purpose for which we need to process them as we have informed you above, or that we no longer have the legitimacy to do so.
- To ask us to limit the processing of your data, which means that in certain cases you may ask us to temporarily suspend the processing of the data or to keep it beyond the time necessary when you may need it. If you have given us your consent to process your data for any purpose, you also have the right to withdraw it at any time.
When our legitimation for the processing of your data is your consent or the execution of the contract, you also have the right to
- request the portability of your personal data. This means that you have the right to receive the personal data you have provided in a structured, commonly used and machine-readable format, so that it can be transmitted to another entity directly, whenever technically possible.
Furthermore, where the processing of your data is based on our legitimate interest, you are also entitled to
- oppose the processing of your data.
Finally, we inform you of your right to file a complaint with the relevant data protection supervisory authority, in particular the Spanish Data Protection Agency (https://www.agpd.es/portalwebAGPD/index-ides-idphp.php).
7. MAKING THE WEBSITE AVAILABLE AND CREATING LOG FILES
Each time our website is accessed, the following data is automatically collected by the server:
- Information about the type of browser, the language and the version used. The user's operating system.
- The user's Internet service provider.
- The user's IP address.
- Date and time / time zone of access.
- Content of the requirement (specific page).
- Access status / HTTP status code
- Websites accessed by the user's system through our website.
- The volume of data transmission.
This data is stored in the corresponding log files. They are only evaluated in the event of technical and/or maintenance errors.
8. COOKIE INFORMATION
- Necessary: These help make a website usable, allowing basic functions such as page navigation and access to secure areas of the website. The website may not function properly without these cookies.
- Preferences: Preference cookies allow a website to remember information that changes the way the site behaves or looks; for example, your preferred language or the region you are in.
- Statistics: Statistics cookies help website operators understand how visitors interact with websites by collecting and reporting information anonymously.
Similarly, the cookies we use may be own: generated by our information systems, or from third parties: served by other service providers, in particular Google and Cloudflare.
In particular, on our website, the following own cookies are used:
ixsess: On our website, we set a cookie that carries a randomly generated identifier (session ID). It is needed to store an authentication in multiple page views. The cookie does not contain any personal information. Its validity is limited to the current browser session, which means that it is automatically deleted when the browser is closed. (required)
lang: remembers the language selected on the website. (Preferred).
The following cookies are set by Google Analytics:
- ajs_group_id, ajs_user_id, ajs_anonymous_id: These three cookies come from segmentio's Analytics.js and are used to simplify the use of Google Analytics.
- dc_gtm_UA- #: used by Google Tag Manager to control the loading of a Google Analytics script tag. (Statistics).
- _ga: Records a unique ID that generates statistical information about how visitors use the site. (Statistics).
- _gat: Used by Google Analytics to reduce the query rate (Statistics)
- gid: Records a unique ID that generates statistical information about how visitors use the site. (Statistics).
The following Cookies can be managed by Cloudflare:
- __cfduid: This cookie is used to identify individual clients behind a shared IP address and apply security settings to each individual client. It does not store personal data. The expiration date is one year (required)