Last updated 22nd November 2018
NTT COM MANAGED SERVICES, S.A.U. (“NTT CMS”, “we”, or “us”) is a company with registered office at Av. Diagonal nº 575 5ª planta 08029 Barcelona, Spain, holder of tax/VAT registration number A62396908 and registered in the commercial registry of Barcelona, section 8, sheet 227240.
- Services we provide, which may include IT outsourcing, application management, infrastructure management and cloud services as described here.
- Our social media pages located at LinkedIn and Twitter (“Social Media Pages”).
- Corporate events, such as conferences, trainings, fairs, networking events and other venues.
Collectively, we refer to these activities as the “Services”.
You may contact our Data Protection Officer at the following e-mail address: firstname.lastname@example.org
Personal Information we collect or obtain includes:
- Contact details, including first name, last name, email, telephone number, company name and country.
- Personal and professional details and preferences, including date of birth, education, nationality, job description and company name.
- Account information if you have an account with or through us.
- Other information relating to the Services and your interactions with them and us, including requests and support handling, activity and usage, and social media account ID.
Collection of Personal Information
We -directly or by means of our service providers- collect Personal Information in a variety of ways, including:
- Through the Services – We collect Personal Information through the Services, for example, when you use an application that we manage, sign up for a newsletter, register an account with us, visit our websites or offices, attend a corporate event, or contact our support services.
- From other sources – We receive your Personal Information from other sources, for example:
- Strategic or joint marketing partners, social media pages and platforms, your referrals or contacts, when they share the Personal Information with us.
Use of Personal Information
We -directly or by means of our service providers- use Personal Information for the following business purposes:
- Providing the functionality of our Services and related support.
- To provide the Services’ functionality to you, such as arranging access to the Services, create and administer accounts, fulfil and record transactions, and provide related support.
- To respond to inquiries and requests relating to you, for example, when you send us questions, suggestions, compliments or complaints.
- To send administrative information, such as changes to our terms, conditions and policies.
We will engage in these activities to manage our contractual relationship with you.
- Providing you with marketing and promotional materials and opportunities, and facilitating social sharing.
- To deliver marketing emails and other messages and content that we believe may be of interest to you, with information about our services, new products and other news about our company.
- To share information with other marketers (and their service providers) to permit them to send you marketing communications consistent with your choices.
- To facilitate social sharing functionality that you choose to use.
We will engage in these activities with your consent or when applicable, under a legitimate interest.
- Business reporting, trending and providing personalized services.
- To analyze and predict your preferences in order to prepare aggregated trend reports on how our Services are used, so we can improve our Services.
- To better understand you, so that we can personalize our interactions with you and provide you with information and/or offers tailored to your interests.
- To better understand your preferences so that we can deliver content via our Services that we believe will be relevant and interesting to you.
We engage in these activities with your consent or when applicable, under a legitimate interest.
- Accomplishing our business purposes.
- For accounting, bookkeeping and audits, to verify that our internal processes function as intended and are compliant with legal, regulatory or contractual requirements.
- For fraud and security monitoring purposes, for example, to detect and prevent cyberattacks or attempts to commit identity theft.
- To prepare or execute a business transaction, such as a reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings) (“Business Transaction”).
- To protect our rights and to defend against lawsuits.
- To respond to legal duties, such as requests from public and government authorities.
We engage in these activities to comply with a legal obligation or because we have a legitimate interest.
Data retention policy
We will only keep your Personal Data as long as we maintain our contractual relationship, and once ended, for a maximum period of six (6) years unless legally or contractually required for more time.
Regarding, the commercial communications we will keep your data as long as you do not withdraw your consent and withdrawn unless legally or contractually required for more time.
Disclosure of Personal Information
We disclose Personal Information:
In such cases in which the affiliates are located out of the European Economic Area, we have covered such international data transfer by signing the corresponding model clauses approved by the European Commission. You may obtain a copy of these measures by following this link.
This disclose is necessary since the affiliates would be the entities providing the Services and/or engaging into business. Therefore, this disclosure will be based on the legitimate interest they have to be able to provide you an offer and, if you accept it, provide you with the Services engaged.
- To our third-party service providers, who can be located around the world, to facilitate services they provide to us.
These can include providers of services such as data hosting, data analysis, order fulfillment, information technology and related infrastructure provision, customer service, email delivery, auditing, and other services.
In such cases, we will cover such international data transfer by any of the means foreseen in data protection applicable laws, depending on the particular country to which such Personal Data might be transferred (e.g. Privacy Shield, model clauses of the European Commission, etc.)
Other Uses and Disclosures
We also use and disclose your Personal Information as necessary or appropriate, especially when we have a legal obligation or legitimate interest to do so:
- To elaborate profiles.
- To comply with applicable law and regulations.
- This can include laws outside your country of residence.
- To cooperate public and government authorities.
- To respond to a request or to provide information we believe is important
- These can include authorities outside your country of residence.
- To cooperate with law enforcement.
- For example, when we respond to law enforcement requests and orders or provide information we believe is important.
- For other legal reasons.
- To enforce our terms and conditions; and
- To protect our rights, privacy, safety or property, and/or that of our affiliates, you or others.
- In connection with a sale or business transaction.
- We have a legitimate interest in disclosing or transferring your Personal Information to a third party in the event of a Business Transaction. Such third parties may include, for example, an acquiring or target entity and its advisors.
COOKIES & SIMILAR TECHNOLOGY
NTT CMS seeks to use reasonable organizational, technical and administrative measures to protect Personal Information within our organization. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Contacting Us” section below.
CHOICES AND ACCESS
Your choices regarding our use and disclosure of your Personal Information
NTT CMS gives you choices regarding our use and disclosure of your Personal Information for marketing purposes. You may opt-in from:
- Receiving electronic communications from us: If you want to receive marketing-related communications such as emails from us on a going-forward basis, you may opt-in by requesting information from our services in the webforms. You may also opt-out in any moment by sending an email to email@example.com
- Our sharing of your Personal Information with unaffiliated third parties for their direct marketing purposes: If you allow us to share your Personal Information with unaffiliated third parties for their direct marketing purposes you may opt-in by requesting information from our services in the webforms. If you would prefer that we discontinue sharing your Personal Information on a going-forward basis with unaffiliated third parties for their direct marketing purposes, you may opt-out of this sharing by sending an email to firstname.lastname@example.org
We will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt-out of receiving marketing-related emails from us, we may still send you important administrative messages, from which you cannot opt-out.
Access, correction, restriction, deletion, objection and portability
If you would like to request to review, correct, restrict or delete Personal Information that you have previously provided to us, object to the processing of Personal Information, or if you would like to request to receive an electronic copy of your Personal Information for purposes of transmitting it to another company (to the extent this right to data portability is provided to you by applicable law), you may contact us at email@example.com. We will respond to your request consistent with applicable law.
In your request, please make clear what Personal Information your request relates to. For your protection, we may only implement requests with respect to the Personal Information associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request according with the regulation. Please note that we may need to retain certain information for recordkeeping purposes and/or to complete transactions initiated prior to the request. Also, please note that your request does not ensure complete or comprehensive removal of the content or information, as, for example, some of your content may have been reposted by another user.
Moreover, you have the right to present a claim directly before the competent supervisory authority, in Spain the Spanish Data Protection Agency (Agencia Española de Protección de Datos – AEPD).
THIRD PARTY SERVICES
In addition, we are not responsible for the information collection, use, disclosure or security policies or practices of other organizations, such as LinkedIn, Twitter, or any other platform provider, operating system provider, wireless service provider, or device manufacturer, including with respect to any Personal Information you disclose to other organizations through or in connection with our Social Media Pages.
Use of Services by MINORS
The Services are not directed to individuals under the age of eighteen (18), and we do not knowingly collect Personal Information from individuals under 18.
Jurisdiction and CROSS-BORDER TRANSFER
Your Personal Information may be stored and processed in any country where we have facilities or in which we engage service providers, and by using the Services you understand that your information will be transferred to countries outside of your country of residence, which may have data protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Information.
Some of the non-European Economic Area (“EEA”) countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available here. For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place adequate measures, such as standard contractual clauses adopted by the European Commission to protect your Personal Information. You may obtain a copy of these measures by following this link.
Unless we request it, we ask that you not send us, and you not disclose, any sensitive Personal Information (e.g., information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the Services or otherwise to us.
NTT Com Managed Services, S.A.U.
Av. Diagonal, 575,
08029 Barcelona, Spain
Because email communications are not always secure, please do not include credit card or other sensitive information in your emails to us.
You may also lodge a complaint with a data protection authority for your country or region or where an alleged infringement of applicable data protection law occurs. A list of data protection authorities is available here.