ES EN
ES EN

In accordance with article 10 of Law 34/2002, of 11 July, on Information Society Services and Electronic Commerce, we inform you that MELOPHONE CONSULTORES E SERVIÇOS LTD, holder of VAT NUMBER: MT23077827

and whose registered address is at Integritas bussines Centre, Suite C. Office 11. 114/3 The Strand GZR1027 – Gzira – GZR 1027 – Malta   

is responsible for managing and operating the website www.melophone.org If you wish to contact us, you may do so by writing to the foregoing address or by emailing gb@melophone.org  

PRIVACY POLICY

This privacy policy describes how we process your personal data (e.g., collection, use, communication, preservation and protection of your personal information) and provides information about your rights as a data subject.

MELOPHONE CONSULTORES E SERVIÇOS LTD is responsible for the processing, as well as the collection, use, communication, preservation and protection of your personal data, according to the General Data Protection Regulations, internal rules and policies or any applicable national regulations.

 

MELOPHONE CONSULTORES E SERVIÇOS LTD we work to offer you the best possible experience while using our services. In some cases, it is necessary to collect information to do so. We care about your privacy and we believe that we are bound to be transparent about it.

 

Therefore, and for the purposes of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (hereinafter, “GDPR”) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and of Law 3/2018, of 5 December, on data protection and guarantee of digital rights LOPDGDD, and Law 34/2002, of 11 July, on the Information Society Services and Electronic Commerce (hereinafter, “LSSI”). MELOPHONE CONSULTORES E SERVIÇOS LTD informs the user that, as the data controller, it shall include the personal data provided by the users in an automated processing system.

 

 

Our commitment begins with the following explanation:

  • Your data are collected to improve the user experience, according to your interests and needs.
  • We are transparent about the data we collect about you and why we do so.
  • Our goal is to offer you the best possible experience. Therefore, when we are going to use your personal information, we will always do so according to the regulations and, where necessary, we will ask for your consent.
  • We understand that your data belongs to you. Therefore, if you decide not to authorise us to process them, you can ask us to cease processing them.
  • Our priority is to guarantee your security and to process your data according to EU regulations.

If you wish more information about the processing of your data, consult the privacy policy below:

The data controller’s identity and contact details

Our identifying information:

MELOPHONE CONSULTORES E SERVIÇOS LTD

You can contact us

  • By post: Integritas bussines Centre, Suite C. Office 11. 114/3 The Strand GZR1027 – Gzira – GZR 1027 – Malta   
  • By email: gb@melophone.org
  • Website: melophone.org
  •  

 

Categories of personal data


We process the following categories of personal data:

 

  • Identification data – Name and surname(s), National ID Card or equivalent
  • Administrative data – Company name, address, bank details and contact persons
  • Contact information – Email address, telephone number and address
  • Digital data – cookies, IP address, websites and social networks and other data publicly accessible on the Internet, etc.
  • Business details – Clients, suppliers and collaborators.
  • Collaborator data – Name and Surname(s), National ID Card or equivalent, Address, bank details, Email address, Telephone number, company name, Tax ID Code
  • Browsing Data – Day and time our website is used. URLs visited on our website or URL prior to connection.

 

How do we collect your data?


We collect information about you from the following sources:

 

  • When we communicate or interact with you by telephone, email or through another of our company’s means of contact.
  • From our internal databases.
  • By publishing comments on social networks and the blog
  • Through the contact and registration forms on our website, where you give us your data and consent to their processing.
  • Subscription to our Newsletter.
  • Directly from the user who gets in touch with us.
  • By accepting the cookie policy.
  • From third parties (including, for example, business partners, providers of technical or payment services, suppliers of data analysis and supply services and credit information companies, etc.) and we may receive information about you from said third parties. We use this information to monitor and improve our websites, products and services.
  • We will be able to obtain information from the records of our web servers, for example, information about your computer, such as your IP address, operating system and type of browser. We may also collect information about the searches you make on our website and your interaction with the communications we send you; for example, when you open emails. (“Device use and data”). We use this information for system administration and to analyse how our websites and platforms are used. It also helps us to offer the best infrastructure for your online experience.

 

How long do we keep your data?

 

  • The data shall be preserved as long as there is a commercial, contractual or professional relationship with the data subject and, subsequently, for as long as may be necessary to comply with the corresponding legal obligations in each case. Notwithstanding the foregoing, they shall be kept for as long as necessary for the processing and while the data subject does not request their erasure.
  • Regarding accounting and tax documentation, for tax purposes, accounts and other records that are mandatory according to the applicable tax regulations (personal income tax, VAT, Corporation Tax, etc.), as well as the documentary evidence supporting the records (including computer programs and files and any other supporting document relevant to tax), must be kept for at least as long as the Authorities are entitled to inspect and investigate and, therefore, to settle tax debt which, according to articles 66 to 70 of the General Tax Law, shall be 4 years.
  • Regarding accounting and tax documentation, for commercial purposes, books, correspondence, documentation and supporting documents concerning your business, properly from the last entry made in the books, except as set out in general or special provisions (This commercial obligation applies to both the mandatory books (income, expenses, investment goods and provisions, as well as the documentation and other documents supporting the notes recorded in the books (invoices issued and received, receipts, rectifying invoices, bank documents, etc.), according to Article 30 of the Commercial Code, it shall be 6 years.
  • As for CVs received, we keep them for a maximum of 1 year.
  •  Data collected by the contact forms: The preservation period for the data collected by the contact forms shall be a maximum of 2 years or until the user revokes their consent.
  • User data uploaded to pages and profiles on social networks: From when the user offers their consent until they withdraw it.
  • The personal data provided to manage any request for information, complaint, suggestion, claim, exercise of data protection rights, etc., shall be preserved for as long as may be necessary to process the request, and at all events for the period set out in law, as well as for the period necessary to make, exercise or defend claims.
  • The data processed to send commercial communications shall be preserved until the data subject revokes the consent and/or exercises their rights to object and/or of erasure.

To whom do we transfer your data?


Depending on the purpose of the processing, your personal data may be transferred to different categories of recipients:

 

  • Collaborators (employment and tax consultancies)
  • External service providers.
  • External Professionals (Freelancers who occasionally have access to data due to their work)
  •  
  • Public authorities and bodies with competences.
  • Hired transport company.
  • The company where the website is hosted 10DENCEHISPAHARD, S.L.
  • Website maintenance Rende Proyectos S.L.

 

 

At all events, we transfer your data only to the extent strictly necessary and as required to carry out the purposes described in this privacy policy and only to entities with which we have signed agreements to protect your rights and freedoms in relation to your personal data; these entities and/or professionals considered the Data Processors shall be governed by art. 28 of the GDPR and this entity is responsible for taking all security measures necessary according to art. 32 of this GDPR.

Where do we process your data?


To carry on our business we have to process your personal data according to the conditions set out in this policy. We process your personal data in the EU.

 

For what purposes do we process your personal data?

 

Your data shall be collected for relevant processing operations for the following purposes:

 

  • To receive contact information or other requests made by you through any of our communications channels and/or contact forms on our website.
  • To send you notifications about certain changes to our Services.
  • To comply with current laws and regulations.
  • To publish comments on social networks and the Blog.
  • Administrative tasks derived from the provision of our services.
  • To carry out internal filing procedures.
  • Execution and maintenance of contractual relationships to which MELOPHONE CONSULTORES E SERVIÇOS LTD a party with its clients and suppliers.
  • To prevent crime, including theft and fraud
  • To carry out product testing, research, analysis and development.
  • To carry out statistical studies.
  • Packaging and shipping your order
  • To market our products and services, or other products related to them, which includes giving you information about our company.
  • To undertake commercial actions and maintain and manage the list of services through the website and the work to provide information; automatic assessments may be made, profiles may be made and segmentation work may be carried out on the clients to customise the processing according to their characteristics and needs and to improve the client’s online experience
  • To be able to handle, manage and respond to user queries, complaints, claims and suggestions.
  • To analyse, develop, improve and optimise the use, operation and provision of our services.
  • To analyse the users’ browsing.
  • To guarantee the proper functioning of our website and to manage its technical and functional aspects.
  • To ensure that the presentation of the content of the services is as most appropriate for you and your device.

 

In general, we will delete the personal data you provide to us when it is no longer necessary to fulfil the purposes for which they were original collected. However, we may be required by law to preserve your personal data for longer.

 

You can withdraw your consent at any time for free by exercising your rights, sending your properly-identified written request through any supporting document, to our address Integritas bussines Centre, Suite C. Office 11. 114/3 The Strand GZR1027 – Gzira – GZR 1027 – Malta    or by emailing gb@melophone.org

 

 

Why can we process your data?

 

The use of your data according to the foregoing conditions is permitted by EU and Spanish data protection regulations in accordance with the following legal bases:

 

Art.6. GDPR

 

  • Consent of the interested party for the contracting of services and products, for the contact forms, requests for information or registration for the newsletter.
  • Legitimate interest for processing our clients’ data in direct marketing actions and the data subject’s express consent for everything concerning automatic assessments and creation of profiles.
  • Fulfilment of legal obligations concerning fraud prevention, communication with authorities and third-party claims.

 

What rights do you have?

 

Data protection regulations allow you to exercise before the data controller your rights of access, rectification, to object, of erasure (“the right to be forgotten”), restriction of processing, portability and to not be subject to individualised decisions.

 

Any data subject has the right to be provided, BEFORE his/her data are collected, with basic first-level information, in summary form, at the same time and in the same medium as that in which his/her personal data are collected and, on the other hand, to be sent the rest of the information, in a more appropriate medium for presentation and compression.

 

The information to be provided by layer or level shall be as follows:

 

1st Layer Information

 

  • The identity of the data controller.
  • What data will be processed.
  • For what purpose.
  • Where and how they were obtained.
  • The legal basis of the processing
  • If they will be communicated, transferred or processed by third parties
  • The reference to the procedure for Exercising the Rights

 

2nd Layer Information

 

  • The data controller’s contact details. Identity and details of the representative (if there is one). The data protection officer’s details (if there is one)
  • Extended description of the purposes of the processing Time limits or criteria for data preservation Automated individual decision-making, profiling and logic applied.
  • Details of the legal basis of the processing, where there is a legal obligation, public interest or legitimate interest. The obligation or otherwise to provide data and the consequences of not doing so.
  • Recipients or categories of recipients. Decisions on adaptation, safeguards, binding corporate rules or applicable specific situations.
  • How to exercise the rights of access, rectification, erasure, data portability, restriction of processing or to object.
  • The right to withdraw consent given.
  • The right to complain to the Supervisory Authority.

 

(The following table sets out your rights).

 

Right of access

To know which of your data are being processed, for what purpose they are processed, where the data were obtained and whether they are going to communicate or have communicated them with anyone

Right of rectification.

To amend your inaccurate or incomplete data

Right of cancellation

To cancel your inadequate or excessive data

Right to object

To prevent your data from being processed or from ceasing to be processed, but only where provided in law.

Right to restriction on processing

To request that the data processing be suspended where provided in law.

Right to data portability

To be able to receive your data provided in a structured, commonly-used electronic format and be able to transfer them to another controller.

Right not to be the subject of individualised decisions

In order that no decision be made about you with legal consequences or affects you based only on the processing of your data.

 

As a data subject, you have specific legal rights concerning the personal data we collect from you. This is applicable to all the processing activities stipulated in this Policy. We will respect your individual rights and respond to your concerns appropriately.

 

  • Right of access: you have the right to ask us for information about the personal data we hold on you; for example, about the types of personal data in our possession or under our control, what they are being used for, where we collected them (if you did not provide us with them directly) and to whom they have been communicated (where appropriate). Moreover, you can ask us for a free copy of all the personal data we hold about you. We reserve the right to charge a reasonable sum for each further copy you request.

 

  • Right of rectification: you can ask us to rectify the personal data concerning you. We will make reasonable efforts to ensure that the data in our possession or under our control and which are used constantly are accurate, pertinent, complete and up-to-date, based on the most recent data we hold. Where applicable, we shall have self-service online portals in which the users may review and rectify their personal data.

 

  • Right of erasure (“to be forgotten”): you can ask us to delete your personal data if: either your personal data are no longer necessary regarding the purposes for which they were collected or processed; or you have the right to object to the subsequent processing of your personal data (see the following paragraphs) and to execute said right to object to the processing; or your personal data were processed illicitly (unless the processing were strictly necessary); or it is necessary to meet a legal requirement and that requires said processing on our part; or, in particular, they are subject to legal requirements to preserve data; of you need them to make, exercise or defend claims.

 

  • Right to restriction of processing: you can ask us to restrict the processing of your personal data if: either you refute the accuracy of your personal data during the period we need to verify their accuracy; or the processing is illicit and you request restriction on the processing rather than the erasure of your personal data; or, even if we no longer need your personal data, you need them to make, exercise or defend claims; or you object to the processing, until we verify whether our legitimate reasons prevail over yours.

 

  • Right of portability: if requested, we will transfer your personal data to another controller, where it is technically feasible to do so, as long as such processing is based on your consent or is necessary to execute a contract. Rather than receiving a copy of your personal data, you can request that we transfer it directly to another controller nominated by you.

 

  • Right to object: you have the right to object at any time to the processing of your personal data on grounds related to your particular situation, as long as said process is not based on your consent but on our legitimate interests or those of a third party. In that case, we will cease processing your personal data, unless we can prove legitimate and overriding reasons and legitimate interests for such processing or making, exercising or defending claims. If you object to the processing, you must specify whether you with to erase your personal data or have us restrict their processing.

 

  • Right to complain: in the event of an alleged infringement of applicable privacy law, you can submit a complaint to the relevant authorities responsible for monitoring data protection in your country of residence or of the place where the alleged infringement took place. We will attempt to respond to your request within 30 days at most. However, this period could be extended for specific reasons related to the legal right in question or the complexity of your request. In certain situations, we may not be able to give you access to all or some of your personal data for legal reasons. If we deny your request to access the data, we will notify you of the grounds for such refusal. In some cases, we may not be able to clearly identify you on the basis of your personal data due to the identity details you provide in your application. Where we cannot identify you as a data subject, we will not be able to satisfy your request to execute your legal rights described in this section, unless you provide further information that makes it possible to identify you.

 

These rights are characterised as follows:

 

  • It is free to exercise them
  • You may exercise your rights directly or through a legal representative
  • If the request is submitted by electronic means, the information will be provided by these means where possible, unless the data subject requests that it be otherwise
  • Before you exercise your rights, we must identify you to protect your personal data from fraudulent attempts.
  • Your request will be resolved within one month.

 

 

If the requests are evidently groundless or excessive (e.g., repetitive), the controller may:

 

  • The controller is bound to inform you of the means to exercise these rights. These means must be accessible and this right cannot be refused simply because you choose other means.
  • If the controller does not process the request, it shall, within at most one month, state the reasons for its inaction and the option of complaining to a Supervisory Authority.

If you wish to exercise any of the rights described, you can get in touch us through our Internal Data Protection Controller:

MELOPHONE CONSULTORES E SERVIÇOS LTD you can contact us:

  • By post: Integritas bussines Centre, Suite C. Office 11. 114/3 The Strand GZR1027 – Gzira – GZR 1027 – Malta   
  • By email: gb@melophone.org
  • Website: melophone.org

 

Social networks

 

MELOPHONE CONSULTORES E SERVIÇOS LTD is present on different media and social networks, such as: Facebook and Instagram, the purpose of processing personal data being as per the conditions to which the service are subject. If registration for certain services is done using personal data associated with a user account, it you are informed that it will share certain information contained in your account. You are reminded that you must know the privacy policies of these media or social networks in which you are registered to avoid sharing unwanted information. You have the privacy settings and account management on social networks to manage the privacy, identity, advertising and other relevant preferences. If registration for certain services is done using personal data associated with a user account, it you are informed that it will share certain information contained in your account.

 

Such social networks offer tools that many of our clients use and enjoy and we include links to various social networks on our website. For your convenience and information, our sites may contain links to other sites, including social networks, that may have privacy policies different from ours.

 

We are not responsible for the content or practices or any linked site. We recommend you read the privacy policy of any site you access through our sites. The privacy settings you have chosen on these sites shall determine the extent to which your information is used, shared or published

 

Data extraction: Under no circumstances shall data be extracted from social networks, unless the user’s specific, express consent were obtained to do so.

Publications

Once the user has joined the page, www.melophone.org may publish on the latter comments, links, images or photographs or any other kind of multimedia content supported by the Social Network. The user must, at all times, be their owner, hold copyright and enjoy intellectual property rights or have the consent of the affected third parties. It is strictly prohibited to post anything, whether in form of texts, graphics, photographs, videos, etc., that harm or are likely to harm morality, ethics, good taste or decency, and/or that infringe, violence or breach intellectual or industrial rights, the right to one’s image or the law. In these cases, the right is reserved to immediately withdraw the content; a permanent ban for the user may be requested.

The data controller MELOPHONE CONSULTORES E SERVIÇOS LTD shall not be liable for the content that a user has freely published. The user must bear in mind that their publications shall be known to other users, hence they themselves are the main party responsible for their privacy.

The images that may be published on the page shall not be stored in any processing system, but they will remain on the Social Network itself.

Competitions and promotions

MELOPHONE CONSULTORES E SERVIÇOS LTD reserves the right to hold competitions and promotions, in which users who have joined its page may participate. The basis for each, when the Social Network’s platform is used for it, shall be published thereon. This shall always be in compliance with the LSSI-CE and any other applicable regulations. The Social Network does not sponsor, endorse, or administer any of our promotional actions, nor is it associated with any of them.

Advertising

MELOPHONE CONSULTORES E SERVIÇOS LTD shall use the social network to publish its products and services; at all events, if it decides to process your contact data to carry out direct market research actions, it shall always be in compliance with the legal requirements of the LOPD and the LSSI- EC.

Recommending the page www.melophone.org to other users so that they, too, may enjoy the promotions or be informed of its activity shall not be considered advertising.

  • Detailing each of the social networks, in Facebook, when a user becomes a fan of the official Fan Page through the “Like” button, they authorise the use of their personal data only on this Facebook platform to manage the “Fan Page” and the communications made in both directions with said followers through the chat, publications, comments, messages or other media that the social network allows now and may allow in the future. This processing shall be subject to this social network’s privacy policies, which the user can consult at the following link https://www.facebook.com/privacy/explanation By becoming a fan, you will have access to the list of members or followers who have joined the Fan Page. You are also informed that when a user becomes a fan, the news that is published will also appear on their home page and that, if the fan user makes comments on these publications, both their comment and their profile name and, where appropriate, the photograph they have thereon or according to their privacy settings, or biography and tagging, will be accessible to the other fans. At all events, the user is responsible for how he/she uses the social network.
  • Regarding Instagram , when a user follows our profile by clicking on the “Follow” button, they will have access to the profile page of the people who follow it, specifically, the username, photographs (if the user has uploaded a photograph on the profile), and publications made by the user, as well as to the rest of the information that may have been published on the user’s profile, such as the users they follow or their followers. The data of the users who follow our Instagram profiles are only used to manage the information exchanged between them. The privacy policy governing this social network can be consulted at the following link: https://help.instagram.com/519522125107875
  • Regarding WhatsApp, when a user adds us as a contact, we will have access to the public data he/she has included and his/her status updates. In addition, we can communicate with them through it. The privacy policy can be consulted at https://www.whatsapp.com/legal/

Minors

 

In principle, our services are not aimed specifically at minors. However, if any of them are aimed minors aged under fourteen years, according to article 8 of the GDPR and article 7 of LO 3/2018, of December 5 (LOPDGDD), the valid, free, unequivocal, specific and informed consent of their legal guardians shall be required to process the minors’ personal data. In this case, your National ID Card or another form of identification of the person giving the consent shall be required.

In the case of those aged fourteen and over, their data may be processed with the user’s content, except where the Law requires the assistance of those holding the parental rights or guardianship.

Image Processing

Article 7.5 of Organic Law 1/1982, of 5 May, on civil protection of the right to honour, personal and family privacy and to one’s own image, provides as follows: “The following shall be considered illegitimate interferences: The capture, reproduction or publication in photograph, film or by any other procedure, of the image of a person at places or at moments of their private life or beyond.”

 

This is why MELOPHONE CONSULTORES E SERVIÇOS LTD informs you that may take professional photographs and/or videos, always with your express consent, which could be published on social networks on which MELOPHONE CONSULTORES E SERVIÇOS LTD has an account or on its website, with the prior consent of the Data Subject.

If you do not consent to such processing and/or publication, MELOPHONE CONSULTORES E SERVIÇOS LTD will pixelate said image, always taking into account and putting the legitimate interest and the will of the data subject first at all times.

The images shall be protected with serious respect for the person, according to Organic Law 1/1982, of 5 May, on civil protection of the right to honour, personal and family privacy, and to one’s own image, eliminating any capture or filming that may infringe these fundamental rights; the images shall not be used for purposes other than those set out.

 

Regarding the foregoing, MELOPHONE CONSULTORES E SERVIÇOS LTD shall process the images if they are used for the foregoing purposes, and shall be included in the Company’s own processing system and comply with the security, technical and organisational measures, according to the New General Data Protection Regulation (EU) 2016/679 and the provisions of Organic Law 3/2018 of 5 December, on Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD)

At all events, the professional, employee or client may revoke the consent or object to the processing of the image, or exercise the rights of access, rectification, restriction on processing, erasure, portability, by sending a written request, accompanied by a photocopy of your National ID Card to the email address gb@melophone.org

 

Security

 

All the personal data we collect about you is stored in a secure system and managed by us with the support of external suppliers as described in section 5 of this Policy. We take the security of your data very seriously.

 

We apply an appropriate level of security and we have therefore implemented reasonable physical, electronic and administrative procedures to guarantee the security of the information we collection and to prevent all accidental or illicit means of destruction, loss, alteration, unauthorised dissemination or access that may affect the personal data transferred, stored or processed in any way.

 

Our information security policies and procedures closely follow the most widely-accepted international standards, and they are periodically reviewed and updated as necessary to bring them into line with business needs, technological changes, and regulatory requirements.

 

Access to your personal data is granted only to those employees, service providers or affiliated companies who need to know them for business purposes or to perform their work.

 

Among other things, to optimise the security of your personal data:

  • We use encryption techniques where appropriate
  • We protect them with a password.
  • We request contractual guarantees from third parties
  • We limit access to your personal data on the “need to know” principle (for example, only those employees who need your personal data for the purposes set out hereinabove shall have permission to access them).
  • We tall all kinds of reasonable preventative measures to guarantee that those of our employees and associates who have access to your personal data receive training on data protection requirements and that they process your personal data exclusively in accordance with this Policy and our legal obligations concerning privacy.

 

The website has a security certificate, ESET SSL Filter CA

The website is hosted on a virtual server in Cdmon, owned by 10DENCEHISPAHARD, S.L. For more information https://www.cdmon.com/es/contratos/aviso-legal-y-politica-de-privacidad- data

Updates


We keep our privacy policy under review and may change it from time to time (mainly to comply with legal and data protection practices). The up-to-date versions will be posted on our website.

 

  • Last updated: 28 January 2021

 

 

Activity Log

 

  • For more information on the various mechanisms of data collection, preservation period, transfers, rights, etc. in carrying out our activity, you can request our Activity Register.

 

We value your collaboration

On our website we seek to control, as far as possible, proper use of the personal data for which we are responsible by third parties to whom we have had to provide them. We therefore ask, if you become aware of or suspect that any of our aforementioned suppliers is improperly using your personal information, that you notify us of such without delay to be able to take appropriate action.

Likewise, to guarantee that the data we have is correct and up-to-date, we ask, if there is any change in your data, or if, for any reason, you discover that we have any incorrect data of yours, that notify us of such as quickly as possible to be able to amend them.

Applicable Legislation and competent courts

The terms and conditions that govern this website, as well as the relationships that may arise therefrom, are protected by and subject to Spanish law. To resolve any kind of dispute, litigation or discrepancy that may arise between the user and MELOPHONE CONSULTORES E SERVIÇOS LTD due to using this website, they agree to subject to Maltese legislation and Courts and Tribunals of Gzira.