WHO WE ARE?
Xapsys is a registered trademark owned by Xapsys Ltd.
Xapsys is committed to protect the personal data of their customers, Xapsys products and services, as well as personal data in all situations in which a personal data treatment occurs, in this context, the present Policy is drawn up, which has underlying the their commitment to respect the rules for the protection of personal data.
WHY THIS PERSONAL DATA PROTECTION POLICY?
In this Policy, it is intended to inform the Customers of the general rules for the processing of personal data, which are collected and processed in strict compliance with the provisions of the personal data protection legislation in force at all times, namely Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (“RGPD”).
Xapsys respects best practices in the field of security and personal data protection by taking the necessary technical and organizational measures to comply with the RGPD and ensuring that the processing of personal data is lawful, fair, transparent and limited authorized purposes.
Xapsys is committed to the protection and confidentiality of personal data, and has taken the measures it deems appropriate to ensure the accuracy, integrity and confidentiality of personal data, as well as all other rights that the respective holders enjoy.
The rules foreseen in this Data Protection Policy complement the provisions on the protection and processing of personal data, provided for in the contracts that Customers celebrate with Xapsys, as well as the rules set forth in the terms and conditions that regulate the offer various products and services and are duly advertised on the website.
WHAT ABOUT THIS DATA PROTECTION POLICY?
This Data Protection Policy applies exclusively to the collection and processing of personal data in respect of which Xapsys is responsible for its treatment, within the scope of services and products made available to its Customers / Users and in all situations in which a treatment occurs of personal data by Xapsys.
Xapsys’s website may include links to other websites that are not linked to Xapsys. The availability of such links is made in good faith, and Xapsys can not be held liable for the collection and processing of personal data made through these websites, nor does Xapsys assume any responsibility for such websites, namely as to their accuracy, credibility and functionalities available in them.
WHAT ARE PERSONAL DATA?
Personal data is any information of any nature and regardless of its support, including sound and image, relating to an identified or identifiable natural person.
Any identifiable person, directly or indirectly, identified by reference to a name, identification number, location data, identifiers by electronic means or one or more specific elements of his or her physical, physiological, genetic, mental, economic, cultural or social.
WHAT IS THE PROCESSING OF PERSONAL DATA?
The processing of personal data consists of an operation or set of operations carried out on personal data or personal data sets, by automated means or not, namely collection, registration, organization, structuring, preservation, adaptation, retrieval, consultation, use, disclosure, dissemination, comparison, interconnection, limitation, erasure or destruction.
WHO IS RESPONSIBLE FOR DATA PROCESSING?
The entity responsible for the processing of personal data is Xapsys itself which determines the purposes and means of treatment of the same.
For this purpose, if the holder of the personal data needs to contact the data controller, he may do so through the means and contacts indicated below:
Through the Xapsys.co.uk site
Or, by written communication addressed to:
17 Boston Road,
Leicester LE4 1AW
WHO IS THE DATA PROTECTION SUPERVISOR?
The Data Protection Officer plays a relevant role in the processing of personal data, ensuring, among other aspects, the compliance of data processing with the legislation in force, verifying compliance with this Data Protection Policy and establishing clear rules of processing of personal data, ensuring that all those entrusted with the processing of their personal data are aware of how Xapsys treats them and what rights they have in this matter.
Therefore, the owners of personal data, if they wish, can address a communication to the Data Protection Officer, regarding matters related to the processing of personal data, using, for that purpose, the contacts in Xapsys.co.uk/contacts.
WHAT ARE THE TYPES OF PERSONAL DATA TREATED?
Xapsys, within the scope of its activities, processes the personal data necessary for the provision of services and / or supply of products, as well as, at the level of social intervention, processing data such as name, address, telephone number and the e-mail address, according to the most detailed information available to the holders of personal data.
Without prejudice to compliance with legal rules regarding the preservation and transmission of data for the purposes of investigation, detection, prosecution of serious crimes, as well as other treatments to which it is legally obliged, traffic data, geographical location, profile and / or consumption of the Client / Users will be treated by Xapsys, insofar as they are necessary for the respective provision of the services. In this way, based on the location, profile and / or consumption, the Client will have access, in particular, to the specific functionalities of the services, to suggestions of contents and to information services of proximity.
Location information may also be recorded and transmitted to organizations legally entitled to receive emergency calls for the purpose of responding to incoming calls.
Xapsys’s personal, traffic, geographic location, profile and / or consumption data are also processed for the purpose of marketing or disseminating Xapsys’s offerings of goods or services, if the respective holder has authorized it.
Personal data will also be processed if the respective holder has authorized it for the purpose of disseminating information services and lists within the scope of the universal service, including transmission to third parties for the publication of such lists and provision of information services..
In case of prior consent of the Client, this may be withdrawn at any time, without, however, the lawfulness of the treatment made based on the prior consent given is compromised.
WHEN AND HOW DO WE COLLECT YOUR PERSONAL DATA?
Xapsys collects your personal data, in particular via telephone, in writing and through the website, guaranteeing, where necessary, the prior consent of the holder of the personal data.
Some personal data are indispensable for the execution of the contract and, in case of lack or insufficiency of the same, Xapsys can not make available the product or service in question.
If the data subject is not a Xapsys Customer, their personal data will only be processed when they are made available, namely by subscribing to the newsletters, in which case the rules of this Data Protection Policy will apply.
The personal data collected can be processed in a computerized and automated or non-automated way, guaranteeing in all cases the strict compliance with the legislation of protection of personal data, being stored in specific databases, created for this purpose and, in any case, the data collected will be used for a purpose other than that for which it was collected or given the consent of the data subject.
WHO ARE THE DESTINATORS OF PERSONAL DATA?
Without prejudice to the addressees indicated throughout this Data Protection Policy, Xapsys may communicate the personal data of the Client, for the purpose of complying with legal obligations in particular to police, judicial, tax and regulatory entities.
WHAT ARE THE PURPOSES OF THE TREATMENT OF PERSONAL DATA?
In general, the personal data collected are based on the management of the contractual relationship, the provision of contracted services and the adequacy of the services to the needs and interests of the Customer. Xapsys may also, if legally permissible, use the personal data provided by the holder for other purposes, such as sending suggestions, disseminating institutional information of the brand, publicizing campaigns, promotions, advertising and news about the products and / or Xapsys services, as well as for carrying out market research or evaluation surveys.
ADDITIONAL REQUIREMENTS THAT APPLY TO INFORMATION COLLECTED THROUGH OUR GMAIL INTEGRATION AND GOOGLE APIS.
Our Platform enables you to read, create and modify messages in your Gmail account. In order to provide you with this service, we obtain, process and store a copy of the Google user data contained in or associated with messages in your Gmail account, such as the email addresses of persons to whom you send or from whom you receive messages in your Gmail account, electronic copies of the files attached to those messages, and the contents of those messages.
We refer to the Google user data described in the immediately preceding paragraph as “Google User Data.” Google User Data is subject to the additional limitations on its use, transfer and accessibility set forth below:
We will use Google User Data only to provide or improve user-facing features of the Services that are prominent in the Services’ user interface.
We will only transfer Google User Data to unaffiliated third parties (a) if necessary, to provide or improve user-facing features that are prominent in the Services’ user interface, (b) as necessary to comply with applicable law or (c) as part of a merger, acquisition or sale of assets with notice to you.
We will not use or transfer your Google User Data for serving ads, including retargeting, personalized or interest-based advertising.
We will not allow humans to read your Google User Data unless:
- We have first obtained your affirmative agreement for specific messages;
- It is necessary for security purposes (such as investigating a bug or abuse);
- It is necessary to comply with applicable law; or
- Our use is limited to internal operations and the data (including derivations) have been aggregated and de-identified.
Our use and transfer to any other application of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.
HOW LONG DO WE GET YOUR PERSONAL DATA?
The length of time during which personal data are stored and stored varies according to the purpose for which the information is processed.
Effectively, there are legal requirements that require you to retain the data for a minimum period of time. Therefore, and whenever there is no specific legal requirement, the data will be stored and kept only for the minimum period necessary for the pursuit of the purposes that led to its collection or subsequent processing, under the terms defined by law.
WHAT ARE YOUR RIGHTS AS A HOLDER?
As holders of personal data, Clients are guaranteed, at any time, the right to access, rectify, update, limit and erase their personal data (except as to the data that are indispensable for the provision of the services by Xapsys duly identified in Form as being mandatory supply or compliance with legal obligations to which the controller is subject), the right to oppose the use of the same for commercial purposes by Xapsys and withdrawal of consent, without this compromises the lawfulness of the treatment effected consent, as well as the right to portability of data.
HOW CAN I ACCESS, RECTIFY, UPDATE, LIMIT, DELETE, OPPOSE TO THE TREATMENT OF YOUR PERSONAL DATA, OR REMOVE CONSENT?
Without prejudice to the provisions of the RGPD, the holder of the personal data may do so, directly or through a written request, addressed to the person responsible for the treatment, through the contacts made available for this purpose in this document, as well as other contacts made available by Xapsys.
HOW CAN YOU OPPOSE TO RECEIVE CONTACTS FOR MARKETING PURPOSES?
Xapsys may promote actions to disseminate to its Customers new products or services, namely by telephone, e-mail, SMS, MMS or any other electronic communications service, if the holder of the personal data has given the respective consent.
If the holder of personal data does not intend to continue to receive such communications, he may at any time withdraw his consent to the use of his data for marketing purposes.
HOW CAN YOU CLAIM?
Without prejudice to being able to submit complaints directly to Xapsys, through the contacts made available for this purpose, the Customer can directly complain to the Control Authority, which is the National Data Protection Commission (CNPD), using the contacts made available by this entity for this purpose.
WHAT ARE THE MEASURES ADOPTED BY Xapsys TO ENSURE THE SAFETY OF YOUR PERSONAL DATA?
Xapsys is committed to ensuring the protection of the personal data that is available to it, and has adopted and implemented strict rules in this regard. Compliance with these rules is an obligation of all those who legally access them.
Bearing in mind Xapsys’s concern and commitment to the defense of personal data, a number of technical and organizational security measures have been adopted in order to protect the personal data made available to it against its dissemination, loss, misuse, unauthorized access, alteration, treatment or access, as well as against any other form of illicit treatment.
Additionally, third parties that, in the scope of the provision of services, process the personal data of the Client in the name and on behalf of Xapsys, are obliged, in writing, to carry out adequate technical and security measures that, in each comply with the requirements of current legislation and ensure the protection of the rights of the data subject (in particular, the protection of the privacy and personal data of the Customers).
In this sense, on the Xapsys website, personal data collection forms require encrypted sessions of the Browser and all personal data transferred are safely stored in Xapsys’s systems, which are in turn on Xapsys’s server. covered by all the physical and logical security measures that Xapsys understood to be indispensable for the protection of personal data.
In respect of the safety measures adopted by Xapsys, Xapsys warns all those who surf the Internet that they should take additional security measures, namely to ensure that they use a PC and Browser updated in terms of properly configured security patches, with an active firewall, antivirus and antispyware, and to ensure the authenticity of the sites they visit on the internet, and avoid websites they do not trust.
WHERE DOES CIRCUMSTANCES EXIST COMMUNICATION OF DATA TO OTHER ENTITIES (THIRD AND SUBCONTRACTED)?
Xapsys, in the scope of its activity, may use third parties to provide certain services. Sometimes the provision of these services implies access by these entities to the personal data of the Customers. Where this is the case, Xapsys takes the appropriate measures to ensure that entities with access to the data are reputed and offer the highest guarantees at this level, which is duly enshrined and contractually contracted between Xapsys and the third party (ies).
Therefore, any entity subcontracted by Xapsys will treat the personal data of our Customers, in the name and on account of Xapsys and adopting necessary technical and organizational measures in order to protect the personal data against the destruction, accidental or illicit, accidental loss, alteration, dissemination or unauthorized access and against any other form of illicit treatment.
In any case, Xapsys remains responsible for the personal data made available to it.
IN WHICH CIRCUMSTANCES DO WE TRANSFER YOUR PERSONAL DATA?
The provision of certain services by Xapsys may involve the transfer of your data outside of the United Kingdom, including outside the European Union or to International Organizations.
In such a case, Xapsys shall comply strictly with the applicable legal provisions, in particular as regards the determination of the suitability of the country (ies) of destination as regards the protection of personal data and the requirements applicable to such transfers, including, where applicable , the conclusion of the appropriate contractual instruments and that guarantee and respect the legal requirements in force.
HOW CAN YOU KNOW ANY CHANGES TO Xapsys PERSONAL DATA PROTECTION POLICY?
Xapsys reserves the right at any time to make adjustments or changes to this Personal Data Protection Policy, and these changes are duly publicized in the various communication channels of Xapsys.
WHAT ARE COOKIES?
“Cookies” are small labels of software that are stored in the access equipment through the browser, retaining only information related to the preferences, not including the personal data.
WHAT ARE COOKIES FOR ?
Cookies help determine the usefulness, the interest and the number of uses of the websites, allowing for faster and more efficient navigation, eliminating the need to repeatedly enter the same information.
WHAT KIND OF COOKIES DOES IT EXIST?
There are two cookie groups that can be used
Permanent cookies – are cookies that are stored at the browser level in the access devices (PC, mobile and tablet) and are used whenever you make a new visit to the Xapsys website. They are generally used to direct navigation to the user’s interests, allowing a more personalized service.
Session cookies – These are temporary cookies that remain in your browser’s cookie file until you leave the website. The information obtained by these cookies serves to analyze patterns of web traffic, allowing you to identify problems and provide a better browsing experience.
Strictly needed cookies – Allows website navigation and application usage, as well as access to secure areas of the website. Without these cookies, the services required can not be provided.
Analytical Cookies – Used anonymously for the purpose of creating and analyzing statistics, in order to improve the functioning of the website.
Functional Cookies – Saves user preferences regarding site usage so you do not have to reconfigure your site each time you visit.
Third-party cookies – Measure application success and third-party advertising effectiveness. They can also be used to customize a widget with user data.
Advertising Cookies – Directs advertising according to the interests of each user, in order to target the advertising campaigns taking into account the tastes of users, and also limit the number of times you see the ad, helping to measure the effectiveness of advertising and the success of the organization of the website.
HOW CAN YOU MANAGE THE COOKIES?
All browsers allow the user to accept, reject or delete cookies, and also inform the user whenever a cookie is received, namely by selecting the appropriate settings in their browser. The user can configure cookies in the “options” or “preferences” menu of his browser.
Note, however, that by disabling cookies, you can prevent some web services from working properly, affecting, in part or in full, navigation on the website.