These privacy policies are part of the General Conditions for the use of www.upads.com (hereinafter the “Website”), which are regulated in conformity with the provisions of Organic Law 15/1999 of 13 December on the Protection of Data of a Personal Nature (LOPD) and Royal Decree 1720/2007 of 21 December approving the Regulations for the Implementation of Organic Law 15/1999 (RLOPD).
All personal information provided to Upads, S.L. (hereinafter “Upads”) through the Website or through any other electronic means made available to users will be handled with the utmost confidentiality. We are committed to protecting and respecting the privacy of your data.
Upads commits itself to respecting and facilitating interested parties exercising their rights recognized by regulations in matters of data protection and, in particular, the rights to access, rectify, cancel and oppose data. Said rights may be exercised by sending a request by post to Avinguda de Fransesc Cambo 21 – Planta 9, 08003 Barcelona, or by email at firstname.lastname@example.org, attaching a photocopy of the DNI and specifying the right being exercised.
In compliance with the provisions of articles 5 and 6 of the LOPD, you are informed that the personal information you provide will be included in an automated file which is registered in the General Register of Data Protection, which Upads is responsible for, and the use of which is meant to manage the consultations received and/or the commercial relationship that we maintain with you. Moreover, Upads will use the information to send commercial information about the company, its products, services, offers and special promotions. You expressly consent to the use of your data for the purposes mentioned above, in conformity with the stipulations in the commercial communications section of these privacy policies.
In conformity with the provisions of Law 34/2002 of 1 July on Services for the Information Society and Electronic Commerce (LSSICE), the user may manifest the desire not to receive future commercial communication at any time by sending an email to email@example.com, also, by following the instructions at the end of each commercial communication through the “unsubscribe” link.
What are cookies?
Cookies are small files with text and numbers placed in the hard drive of your electronic device when you visit a website. Cookies allow for the identification of a user from the rest in order to provide a better experience while browsing the Website at the same time as helping to improve it. Cookies may be classified according to their duration in session and permanent cookies and according to their source as first-party or third-party.
While visiting our Website, said third-party cookies are generated. Buttons for social networks (third parties) have been enabled on our Website with the purpose of allowing you to share contents of interest with your contacts or to follow us on social networks. Said third parties may set their own cookies with the purpose of customizing the application and measuring its functionality. Because of how these cookies function, Upads cannot access them, in the same fashion that third parties cannot access the data of cookies used by us. Therefore, we recommend that you visit the websites of said third parties to understand their operation.
You have the ability to accept or reject cookies. Currently, all browsers allow you to adjust the configuration to activate or deactivate the storage or cookies or reject them from specific sites. Generally, said parameters may be found in the “options” or “preferences” menu of the browser of your choice.
At any rate, we provide links below containing instructions that will help you to better understand said configuration adjustments in the most important browsers. We also inform you that you may find further information in the “Help” menu of the browser you use and at the following link: http://www.allaboutCookies.org/.
These are those that are temporarily stored and expire immediately after leaving a website.
These are those that allow a website to remember you for subsequent visits, improving your experience while browsing through the functions you have installed.
These are those installed by the website you are browsing itself.
These are those installed by websites different from the one you are visiting.
SSID SID SAPISID PREF OTZ NID HSID APISID
These cookies are used to identified the requesting account, filling the web history folder and providing personalized search results and suggestions.
This Data Processing Agreement ( DPA) is between Partner and Upads (as defined under the Terms and Conditions) and forms an integral part of Terms and Conditions available at https://Upads.com/terms-and-conditions/ Partner and Upads are hereinafter jointly referred to as the “Parties”. In the event of any conflict between this DPA and the Terms and Conditions, the terms of this DPA shall prevail. This Agreement only applies to the extent that the EU Data Protection Law applies to the Processing of Personal Data under this Agreement, including if (a) the Processing is carried out in the context of the activities of an establishment of either Party in the European Economic Area (“EEA”), and/or (b) the Personal Data relates to Data Subjects who are in the EEA and the Processing relates to the offering to them of goods or services or the monitoring of their behaviour in the EEA.
DEFINITIONS: “Controller” or “Data Controller” means the entity that determines the purposes and means of the Processing of Personal Data. “Processor” or “Data Processor” means the entity which Processes Personal Data on behalf of the Data Controller. “Data Subject” means the individual to whom Personal Data relates, including End Users.“ End User” means the end user of an internet connected device, such as a visitor to a web page, a user of a mobile app, or a user of an IoT device, or a visitor on advertisement or campaign webpage. “GDPR” means Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (also known as “General Data Protection Regulation”).“Personal Data” means any information relating to an identified or identifiable person as defined in Article 4.1 of the GDPR.“Processing” means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction (“Process”, “Processes” and “Processed” shall have the same meaning).“Sub-Processor” means any Data Processor engaged by the Processor. “Services” means services provided by Upads in accordance with the general legal terms mentioned above.
RIGHTS OF DATA SUBJECTS: “Upads shall notify Partner via e-mail if he receives a request from a Data Subject in the subject of access to, correction, amendment, deletion of or objection to the processing of that Data Subject’s Personal Data. Upads shall not respond to any such Data Subject request without Partner’s prior written consent, except in order to confirm that the request relates to Upads. To the extent that Partner responds to any such Data Subject request, Upads shall provide Partner, to the extent required by law, with commercially reasonable cooperation and assistance in relation to handling of a Data Subject’s request, to the extent legally permitted. Upads reserves the right to charge additional fees in relation to the cooperation with the Partner in regard to this Upads shall ensure that its personnel engaged in the Processing of Personal Data is informed of the confidential nature of the Personal Data, has received appropriate training on their responsibilities and is subject to obligations of confidentiality. Such obligations shall survive the termination of that individual’s engagement with Upads. Upads shall ensure that access to Personal Data is limited only to those members of personnel who require that access in order to fulfil Upads’s obligations under the Terms and Conditions.
SECURITY: Pursuant to Article 28, Section 3(c) of the General Data Protection Regulation, Upads shall take the measures required by the Article 32 of the GDPR. Upads shall provide sufficient guarantees of implementation of the appropriate technical and organizational measures in a manner that the processing will meet the requirements of the GDPR and ensure the protection of the rights of the Data Subject. Upads imposes appropriate contractual obligations upon its personnel that engages in the Processing of Personal Data, including relevant obligations regarding confidentiality, data protection and data security. Upads ensures that its applicable personnel has been properly informed of the confidential nature of the Personal Data, has received appropriate training and has executed written confidentiality agreements. Upads will further ensure that such confidentiality agreements will survive the termination of employment or another form of engagement of its personnel.
AUDIT RIGHT To the extent that the applicable law requires Partner to be in a position to monitor the adequate Processing of Personal Data, Partner as the Partner have the right to request an audit from Upads to the extent necessary to review whether Upads and our Sub-Processors are compliant with the following regulations: (i) any provisions of the Law, (ii) the terms of this DPA, and (iii) Partner’s instructions. Upads may provide Partner with a copy of its most recent third-party audits or certifications issued by an independent, third-party auditor, as applicable, or any summaries thereof to fulfil Partner audit rights. If an audit is required by law and where its requirements cannot be fulfilled by the provision of such certification, Partner may conduct, either by Partner itself or through a third party independent contractor selected by Partner at Partner expense, an on-site audit of Upads Such audit may be conducted subject to the following terms: (i) the audit will be pre-scheduled in writing with Upads at least 30 days in advance and will be performed once a year at most; (ii) if applicable, all of Partner personnel performing the audit, whether employed or contracted by Partner, will execute a Upads s standard non-disclosure agreement prior to the initiation of the audit, and a third party auditor will in addition execute a non-competition undertaking; (iii) Partner will undertake all necessary measures to ensure and verify that the auditors do not access, disclose or compromise the confidentiality and security of Personal Data other than Partner Personal Data on Upads’s information and network systems; (iv) Partner will take all necessary measures to prevent any damage or interference with Upads or its service providers’ information and network systems; (v) Partner will bear all costs and assume responsibility and liability for the audit and for any failures or damage caused as a result thereof; and (vi) any audit activities on Upads’s third-party service providers’ information systems will be pre-scheduled and agreed on with the applicable providers; (vii) Partner will keep the audit results in strict confidentiality, use them solely for the specific purposes of the audit under this Section 6 and the GDPR will not use the results for any other purpose, or share them with any third party, without Upads s prior explicit written confirmation; (viii) If Partner are required to disclose the audit results to a competent authority, Partner will provide Upads with a prior written notice, explaining the details and necessity of the disclosure, as well as provide all further necessary assistance to prevent such disclosure.
SECURITY BREACH MANAGEMENT AND NOTIFICATION If Upads becomes aware of any accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to any Personal Data transmitted, stored, or otherwise Processed on Upads’s equipment or in Upads’s facilities (“Security Breach”), Upads will promptly: (i) notify the Partner of the Security Breach; (ii) investigate the Security Breach and provide Partner with all relevant information about the Security Breach; and (iii) take all commercially reasonable steps to mitigate the effects and minimize any damage resulting from the Security Breach.
SUBPROCESSING AND TRANSBORDER DATA TRANSFERS Partner authorizes Upads to appoint Sub-Processors in order to provide the Services. Upads may continue to use the Sub-Processors already engaged by the Upads according to this DPA. Upads may integrate the Partner’s services with external service providers’ platforms for the purpose of providing its Services, on Partner’s behalf and for the purposes of serving the Partner’s interests, where such external service providers may be Sub-Processors, which Partner hereby agrees to. A full list of such Sub-Processors is available upon the Partner’s written request directed to Upads. Notwithstanding the provisions above, Partner hereby authorize Upads to subcontract the Processing to the Sub-Processors based outside of the European Economic Area (EEA) to the extent necessary to duly perform the Service(s), under the condition that the Sub-Processors will provide sufficient guarantees in relation to the required level of data protection, e.g. through a Privacy Shield certification according to the EU Commission Decision 2016/1250, or a subcontracting agreement based on the standard contractual clauses launched by virtue of the EU Commission Decision on standard contractual clauses for the transfer of personal data to processors established in third countries under Directive 95/46/EC or GDPR (the “Model Contract Clauses”), or based on other applicable transborder data transfer mechanisms.
OTHERS Term: This Agreement shall become effective as of May 25, 2018. Partner authorizes Upads to retain Personal Data for a period of 3 months from the date of its collection on Partner’s behalf and for the purpose of serving its interests, including for fraud prevention, ad security services, reporting services, complaints or chargebacks handling. This data may be deleted from Upads servers after this retention period and/or after the termination of Agreement or earlier, at Partner written request. Notices: If Partner wish to make any inquiries about this Agreement, please contact firstname.lastname@example.org. Liability: Partner shall indemnify and hold Upads its officers, directors, employees, contractors, and agents harmless from and against all claims, liabilities, administrative fines, suits, judgments, actions, investigations, settlements, penalties, fines, damages and losses, demands, costs, expenses, and fees including reasonable attorneys’ fees and expenses, arising out of or in connection with any claims, demands, investigations, proceedings, or actions brought by data subjects, legal persons (e.g., corporations and organizations), or supervisory authorities under the data protection laws that apply to Upads in respect of processing of Personal Data on behalf of Partner through Services. The liability of each party under this Agreement shall be subject to the exclusions and limitations of liability set out in the legal terms. Governing law: This Agreement shall be governed by, and is construed in accordance with, the laws of the State of Spain, without giving any effect to any choice of law and provisions thereof that would cause the application of the laws of any other authority.