1. Who Is The Data Controller Of Your Data Processing?
The Data Controller of the personal data and the owner of the website https://nemi.mobi is NEMI MOBILITY SOLUTIONS SL, company with CIF number B02988582, with its registered office address at Plaça d’Ausiàs March 1, 08195 Sant Cugat del Vallès, Barcelona. It is registered in the Commercial Registry of Barcelona, T 47650, F 150, S 8, H B 556626, I/A 5 (09/11/2022) (hereinafter “NEMI”, “our” or “we”).
NEMI’s contact details in relation to data protection are:
NEMI’S general contact details:
This Privacy Policy explains who we are, why and how we process personal data collected in the managing of our business and if you are the subject of any of the personal data concerned, what rights you have and how to get in touch with us if you need to.
When you supply any personal data to us, we have legal obligations towards you in the way we use that data. We must collect the information fairly and explain to you how we will use it.
2. Personal Data We Process Ans Purposes
Types and categories of personal data we process
We can collect and process these categories of personal data:
a. Related to our clients: Contact details of representatives or contacts: name, email address, telephone number, position.
b. Related to the users of our App services: Name, email address, geolocation, routes etc.
c. Related to our employees: identification data, social security data, banking information and all the necessary data to carry with the labor relationship.
d. Identification data of our providers (contact people in case of companies).
e. Collected information from your browse in our website and App.
In case of using our website, we will be able to register your IP address, the type of browser, the operating system, the original website and the browsing behavior, length of time on the website and time spent within certain sections; response times etc.
f. Related to subscription to Newsletter: email address.
Your personal data will only be used for the following purposes:
a. Register you in our database if you register in our Website / App
b. To carry out the necessary commercial and administrative procedures with the users of our Website/App and our clients or potential clients.
c. NEMI process the information you provide us with to respond to the request for information you send us, provide you with information about our services, internally and externally manage the provision of our services, as well as the purchases we make from our suppliers, and comply with the legal obligations arising from these activities.
d. To communicate with you to answer your queries and deal with your complaints or obtain your opinion on the quality of our Services.
e. Likewise, the data that may be collected during your browsing will be processed in order to provide access to the online content of the Website/App, as well as to attend to the requests of the users of the website, keep a statistical record of visits (IP addresses, browser data, country, page accessed, etc.) in order to enable us to develop better services, optimize our Services and provide a more efficient customer service and improve the design and content of our Website/App.
f. The data of our customers and suppliers will be processed, within the contractual relationship that binds them to us, in compliance with administrative, Tax and accounting obligations and, where appropriate, in compliance with the law on public safety.
g. To send you our Newsletter if you register in the Newsletter form of our website. You will receive marketing messages from us if you have filled any of the forms on the Website or if you are our client.
h. NEMI process the employee’s data to manage the labor relationship and compliance with legal obligations.
In accordance with the current Regulations, we inform you that NEMI does not carry out SPAM practices, therefore, it does not send commercial mail by e-mail if it does not have the necessary legitimacy. In any case, you will always have the possibility of withdrawing your consent to receive our communications.
We will not process your personal data for any purpose other than those described in this Policy, except by legal obligation or court order.
Your personal data will not be subject to decisions based on automated processing that produce effects on you.
3. What Is The legal Basis For The Processing Of Your Data?
The legal basis that legitimizes the processing of your personal data is your express consent given to carry out the purposes described above, which will be requested at the time you request information through our forms or register in our App.
In the event of a commercial relationship between you, whether as a client, supplier, user or employee and NEMI, the legal basis that legitimizes the processing of your personal data will be the execution of the contractual relationship that will have been generated, as well as, where appropriate, compliance with the corresponding legal obligations.
The legal basis for the processing of your personal data when you subscribe to our newsletter is your express consent.
The legal basis for the processing of your geolocation data and your trips is your express consent when you accept the Privacy Policy of our App.
The legal basis for the transfer of your personal data to public authorities is compliance with current legislation.
4. Data retention. How long shall we keep your personal data?
We will hold your personal information on our systems only for as long as required to provide you with the products and services you have requested, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
In some circumstances you can ask us to delete your data: see ‘Your Rights’ below for further information.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Once the data has met the needs for which it was collected, we will delete it permanently. However, we will keep your data longer, if necessary, to comply with legal obligations. Likewise, it may be necessary to keep them for the time necessary until the prescription of the legal responsibilities that are generated.
If we have your email in our database for the sending of commercial information, it will be kept if the necessary legal basis that legitimizes its conservation and use is maintained. You have the right to erasure of personal data concerning your data at any time in order not to receive commercial information.
The personal data you provide us shall be kept for the time necessary to manage the information you request, or as long as there are contractual obligations deriving from services or content requested by users and subsequently until the expiration of legal, contractual or professional responsibilities that require its retention.
5. Data Recipients
NEMI may process the personal data processed, for organisational, administrative and management purposes. Within our organisation, your personal data will be processed by duly authorized personnel and, if necessary or practical to fulfill the purposes indicated above, may be processed by third parties.
The categories of recipients to whom your personal data may be communicated from NEMI are as follows:
a. We share the data of the users of our Apps with the Clients that manage our Apps and that are integrated into the NEMI portal.
b. Third party processors, such as IT providers, consultants and advisors and other companies providing ancillary services. We may transfer, in certain cases, your data to technology companies based in the USA, but NEMI guarantees the security and legality of these transmissions because, in any case, these companies have adhered to the corresponding protocols of approval with the European data protection regulations.
c. Public entities and bodies, exclusively for the purpose of complying with the corresponding legal obligations.
d. Other providers to whom, where appropriate, your personal data may be transferred to financial institutions, fraud detection service providers, where appropriate, etc.
In any case, all the aforementioned third parties will have previously signed the corresponding confidentiality commitment following our instructions in accordance with the current personal data protection regulations, will be subject to the duty of professional secrecy or will be acting in compliance with a legal obligation.
The information that you provide to us through this website will be hosted on the servers of NEMI.
6. Your rights. what are your rights when you provide us with your data?
As a data subject you have several rights in relation to your personal data. Below, we have described the various rights that you have as well as how you can exercise them.
If you wish to exercise the rights that the data protection regulations grant you, please send us an e-mail to the following address gdpr@nemi.mobi putting in the subject the right you want to exercise and attaching a copy of your national identity document or passport.
It will help us to process your request if you clearly state which right you wish to exercise and, where relevant, why it is that you are exercising it. The clearer and more specific you can be, the faster and more efficiently we can deal with your request. If you do not provide us with sufficient information, then we may delay actioning your request until you have provided us with additional information (and where this is the case we will tell you).
The Rights that the current regulations recognize and that, where appropriate, may be exercised are:
Right Of Access
You may, at any time, request access to the personal data that we hold which relates to you (you may have heard of this right being described as a “subject access request”).
You can exercise this right at any time by writing to us using the contact details set out here and telling us that you are making a subject access request. You do not have to fill in a specific form to make this kind of request.
Right To Rectification And Erasure
You may, at any time, request that we correct personal data that we hold about you which you believe is incorrect or inaccurate. Please note that we may ask you to verify any new data that you provide to us and may take our own steps to check that the new data you have supplied us with is right.
You may also ask us to erase personal data that we control if you do not believe that we need to continue retaining it (you may have heard of this right described as the “right to be forgotten”). Although we will do everything to respect your request and personal data it may not always be possible to erase all of your personal data as there may be legal requirements to keep certain personal data or technical limitations to the data we can delete.
If erasure is not technically possible or we believe that we have a good legal reason to continue processing personal data that you ask us to erase we will tell you this and our reasoning at the time we respond to your request.
You can exercise this right at any time by writing to us using the contact details set out here and telling us that you are making a request to have your personal data rectified or erased and on what basis you are making that request. If you want us to replace inaccurate data with new data, you should tell us what that new data is. You do not have to fill in a specific form to make this kind of request.
Your Right To Restrict Processing
Where we process your personal data on the basis of a legitimate interest you are entitled to ask us to stop processing it in that way if you feel that our continuing to do so impacts on your fundamental rights and freedoms or if you feel that those legitimate interests are not valid.
You may also ask us to stop processing your personal data (a) if you dispute the accuracy of that personal data and want us verify that data’s accuracy; (b) where it has been established that our use of the data is unlawful but you do not want us to erase it; (c) where we no longer need to process your personal data (and would otherwise dispose of it) but you wish for us to continue storing it in order to enable you to establish, exercise or defend legal claims.
Please note that if for any reason we believe that we have a good legal reason to continue processing personal data that you ask us to stop processing, we will tell you what that reason is, either at the time we first respond to your request or after we have had the opportunity to consider and investigate it.
You can exercise this right at any time by writing to us using the contact details set out here and telling us that you are making a request to have us stop processing the relevant aspect of your personal data and describing which of the above conditions you believe is relevant to that request. You do not have to fill in a specific form to make this kind of request.
Your Right To Portability
Where you wish to transfer certain personal data that we hold about you, which is processed by automated means, to a third party you may write to us and ask us to provide it to you in a commonly used machine-readable format.
Because of the kind of work that we do and the systems that we use, we do not envisage this right being particularly relevant to most individuals with whom we interact. However, if you wish to transfer your data from us to a third party, we are happy to consider such requests.
Your Right To Object To Processing
You may object to processing of your personal data where we rely on legitimate interest for processing that personal data. We will comply with your request unless we have a compelling overriding legitimate interest for processing or we need to continue processing your personal data to establish, exercise or defend a legal claim.
Your Right To Stop Receiving Communications
For details on your rights to ask us to stop sending you various kinds of communications, please contact us.
Your Right To Object To Automated Decision Making And Profiling
You have the right to be informed about the existence of any automated decision making and profiling of your personal data, and where appropriate, be provided with meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing that affects you.
Withdrawal Of Consent
Where we are relying on consent to process your personal data you may withdraw consent at any time. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
To unsubscribe from marketing emails at any time, please contact us at gdpr@nemi.mobi to inform us if you do not wish to receive any marketing materials from us.
7. Supervisory Authority
If you consider that NEMI has violated any of your rights protected by the personal data protection regulations or that it has violated any obligation regarding the protection of Personal Data, you have the right to submit a claim to the competent Supervisory Authority which in Spain is the Spanish Agency for Data Protection located at Calle Jorge Juan, 6. 28001 – Madrid. Tel. 901 100 099 – 912 663 517
You can also submit an electronic claim through the electronic address that is available on their website https://www.aepd.es/
8. Governing Law And Jurisdiction
This privacy policy is governed in each and every one of its aspects by Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016, on the protection of natural persons in regard to the processing of personal data and the free circulation of this data.
It is also governed by Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights. Likewise, our website is governed by Law 34/2002, of July 11, on Information Society and Electronic Commerce Services.
Any dispute arising from matters relating to our Website shall be exclusively subject to the jurisdiction of the courts of the city of Barcelona.
9. Additional Information
SECURITY MEASURES:
The data you provide will be treated confidentially. NEMI has adopted all the technical and organizational measures and all the necessary levels of protection to guarantee the security in the treatment of the data and avoid its alteration, loss, theft, treatment or unauthorized access, according to the state of technology and nature of the stored data. Likewise, it is also guaranteed that the processing and registration in files, programs, systems or equipment, premises and centers comply with the requirements and conditions of integrity and security established in current regulations.
SSL CERTIFICATE (SECURE SOCKETS LAYER):
We use reasonable safeguards to protect personal information against loss and theft, including encryption technology, restricted access, “firewalls,” and Secure Socket Layers (SSL). The SSL CERTIFICATE provides authentication, privacy, and information security between NEMI and the user. NEMI has a SSL security certificate certificates secure internet connections by encrypting data sent between your browser, our website you’re visiting, and our website server.
However, security over the internet cannot be guaranteed. Our Company does not assume any responsibility for any harm, loss, or damage you may experience or incur by the sending of personal or confidential information over the internet, and you should take your own measures to protect your sensitive information. If you have any questions about the security of our Site, contact us through gdpr@nemi.mobi
SOCIAL NETWORKS:
We inform you that NEMI may have a presence on social networks. The processing of the data of the people who become followers on the social networks (and/or carry out any link or action of connection through the social networks) of the official pages of NEMI will be governed by this section, as well as by those conditions of use, privacy policies and access regulations that belong to the social network applicable in each case and previously accepted by the user.
NEMI will process your data for the purposes of correctly administering its presence on the social network, informing of activities, products or services of the provider, as well as for any other purpose that the regulations of the Social Networks allow.
The publication of content is prohibited:
– That are allegedly unlawful by national, community or international regulations or that carry out allegedly unlawful activities or contravene the principles of good faith.
– That infringe on the fundamental rights of persons, lacking in courtesy on the network, that annoy or could generate negative opinions in our users or third parties and in general any content that NEMI considers inappropriate.
– And in general, that contravene the principles of legality, honesty, responsibility, protection of human dignity, protection of minors, protection of public order, protection of private life, consumer protection and intellectual and industrial property rights.
Likewise, NEMI reserves the right to remove, without prior notice, from the website or the corporate social network any content that is considered inappropriate.
In any case, if you send personal information through the social network, NEMI shall be exempt from liability in relation to the security measures applicable to the present platform and the user, should he/she wishes to know them, should consult the corresponding particular conditions of the network in question.
LANGUAGE:
The language applicable to this Privacy Policy is English. Therefore, in case there is any contradiction in any of the versions we could provide in other languages, the English version will prevail.
10. Update
This Privacy Policy was last updated in April 2024 but may be updated at any time. We recommend that you check it every time you access our website in case it has suffered alterations.
