We are very pleased about your interest in our services.
The protection of your personal data during your visit to our website is important to us. We protect your privacy and your private data. We collect, process and use your personal data in accordance with the content of these data protection provisions and the applicable data protection rules, in particular the General Data Protection Regulation, the Federal Data Protection Act and the Telemedia Act.
These data protection regulations regulate which personal data we collect, process and use about you. We therefore ask you to read the following carefully.
In the following, we inform you about the collection of personal data when using our website. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behaviour.
The responsible party pursuant to Art. 4 (7) of the EU General Data Protection Regulation (DS-GVO) is SHILO TECNOLOGICAL DEVELOPMENTS S. L., PQ. Empresarial Abra Industrial, Vial E – Parcela 1.2.2., Edificio 1 – 1ª Planta, 48500 Abanto y Ciérvana – Vizcaya (España), E-mail: hola@shilo.es, www.shilo.es
When you contact us by e-mail or via a contact form, the data you provide (your e-mail address, name and telephone number, if applicable) will be stored by us in order to answer your questions. We delete the data accruing in this context after the storage is no longer necessary or restrict the processing if there are legal retention obligations.
If we use commissioned service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail about the respective processes below. In doing so, we will also state the defined criteria for the storage period.
We only process your data if at least one of the following conditions applies:
Further conditions such as the performance of recordings in the public interest and the exercise of public authority as well as the protection of vital interests do not generally occur with us. If such a legal basis should be relevant, it will be indicated at the appropriate place.
To ensure fair and transparent processing, you have the following rights under Article 13 of the GDPR:
Right of information
In accordance with Article 15 of the GDPR, you have the right of information about whether we are processing data about you.
Right of rectification
You have a right to rectify data under Article 16 of the GDPR, which means that we must correct data if you find an error.
Right of deletion (right to be forgotten)
According to Article 17 of the GDPR, you have the right of deletion ("right to be forgotten"), which specifically means that you may request the deletion of your data.
Right to restrict processing
According to Article 18 of the GDPR, you have the right to restriction of processing, which means that we may only store the data but not use it any further.
Right of data portability
According to Article 19 of the GDPR, you have the right of data portability, which means that we will provide you with your data in a common format upon request.
Right of objection
According to Article 21 of the GDPR, you have a right of objection, which, once enforced, entails a change in processing.
If the processing of your data is based on Article 6(1)(e) (public interest, exercise of official authority) or Article 6(1)(f) (legitimate interest), you may object to the processing. We will then check as soon as possible whether we can legally comply with this objection.
If data is used to carry out direct marketing, you can object to this type of data processing at any time. We are then no longer allowed to use your data for direct marketing.
If data is used to carry out profiling, you can object to this type of data processing at any time. We are then no longer allowed to use your data for profiling.
Right of confirmation
Every data subject shall have the right, granted by the European Directive and the Regulation, to obtain confirmation from the controller as to whether personal data concerning him or her are being processed. If a data subject wishes to exercise this right, he or she may, at any time, contact any employee of the controller.
Automated decisions in individual cases including profiling
You may have the right under Article 22 of the GDPR not to be subject to a decision based solely on automated processing (for example profiling).
If you wish to exercise your rights in relation to automated decisions, you can contact us at any time.
Right to revoke consent under data protection law
Any person affected by the processing of personal data has the right granted by the European Directive and Regulation to withdraw consent to the processing of personal data at any time.
If you wish to exercise your right to withdraw your consent, you can contact us at any time.
You can contact us at any time to assert your rights.
Competent supervisory authority
If you believe that the processing of your data violates data protection law or your data protection rights have been violated in any other way, you can complain to the supervisory authority.
We only store personal data for as long as it is absolutely necessary for the provision of our products and services.
We therefore delete your data as soon as the reason for the data processing no longer exists. In some cases, we are legally obliged to store certain data even after the original purpose has ceased to exist, for example for accounting purposes.
Should you wish your data to be deleted or revoke your consent to data processing, the data will be deleted as soon as possible and as far as there is no obligation to store it.
We will inform you about the specific duration of the respective data processing below, provided we have further information on this.
We only transfer or process data to countries outside the EU (third countries) if you consent to this processing, if this is required by law or contractually necessary and in any case only to the extent that this is generally permitted.
Your consent is in most cases the most important reason for us to have data processed in third countries. Processing personal data in third countries such as the US, where many software vendors provide services and have their server locations, may mean that personal data is processed and stored in unexpected ways.
We expressly point out that according to the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. Data processing by US services (such as Google Analytics) may result in data not being processed and stored anonymously. Furthermore, US government authorities may be able to access individual data. In addition, it is possible that collected data may be linked to data from other services of the same provider, provided you have a corresponding user account. Where possible, we try to use server locations within the EU, if this is offered.
We will provide you with more detailed information about data transfers to third countries, where applicable, at the appropriate points in this privacy policy.
To protect personal data, we have implemented both technical and organisational measures. Where possible, we encrypt or pseudonymise personal data. In this way, we make it as difficult as possible for third parties to infer personal information from our data.
To protect personal data, we have implemented both technical and organisational measures. Wherever possible, we encrypt or pseudonymise personal data. In this way, we make it as difficult as possible for third parties to infer personal information from our data.
Article 25 of the GDPR speaks of "data protection through technical design and through data protection-friendly default settings" and thus means that both software (e.g. forms) and hardware (e.g. access to the server room) should always be designed with security in mind and that appropriate measures should be taken. In the following, we will go into more detail on specific measures, if necessary.
Encryption: We use HTTPS (Hypertext Transfer Protocol Secure) on our website to transmit data in a tap-proof manner. In this way, we use an additional layer of security and comply with Data Protection by Design Article 25(1) GDPR). By using TLS (Transport Layer Security), another encryption protocol for data transmission, we ensure the protection of confidential data.
Communication: When you contact us and communicate by phone, email or online form, personal data may be processed. The data is processed for the handling and processing of your question and the related business transaction. The data is stored for the same period of time or as long as required by law.
When you visit our website, personal data may be processed. On the one hand, your computer stores data and on the other hand, the web server must also store data for a while to ensure proper operation.
Why do we process personal data?
The purposes of data processing are: Professional hosting of the website and securing its operation, to maintain operational and IT security and Anonymous Evaluation of access behaviour to improve our offer and, if necessary, for law enforcement or prosecution of claims.
What data is processed?
In the case of mere informational use of the website, i.e. if you do not register or otherwise transmit information to us, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure its stability and security (legal basis is Art. 6 para. p1. 1 lit. f GDPR):
How long is data stored?
As a rule, we store the above data for a fortnight and then delete it automatically. We do not pass on this data, but we cannot rule out the possibility that this data may be viewed by the authorities in the event of unlawful conduct.
Legal basis
The lawfulness of the processing of personal data in the context of web hosting results from Art. 6 para. 1 lit. f GDPR (protection of legitimate interests), because without the use of professional hosting with a provider, a secure and simple use of the Internet is hardly possible.
We do not collect cookies.
In addition to the purely informational use of our website, we offer various services that you can use if you are interested. For this purpose, you usually have to provide further personal data which we use to provide the respective service and for which the aforementioned data processing principles apply.
In some cases, we use external service providers to process your data. These have been carefully selected and commissioned by us, are bound by our instructions and are regularly monitored.
If our service providers or partners are based in a country outside the European Economic Area (EEA), we will inform you of the consequences of this circumstance in the description of the offer.
If you have given your consent to the processing of your data, you may revoke this consent at any time. Such a revocation will affect the permissibility of the processing of your personal data after you have expressed it to us.
Insofar as we base the processing of your personal data on the balance of interests, you can object to the processing. This is the case if the processing is in particular not necessary for the performance of a contract with you, which is shown by us in each case in the following description of the functions. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will review the merits of the case and either cease or adapt the data processing or show you our compelling legitimate grounds on the basis of which we will continue the processing.
Of course, you can object to the processing of your personal data for purposes of advertising and data analysis at any time. SHILO TECNOLOGICAL DEVELOPMENTS S. L., GV/don Diego Lopez de Haro, 74-1 D, 48011 Bilbao - Bizkaia (España) E-mail: hola@shilo.es, www.shilo.es
The data processed by us will be deleted in accordance with the legal requirements as soon as their consents permitted for processing are revoked or other permissions cease to apply (e.g. if the purpose of processing this data has ceased to apply or it is not required for the purpose).
If the data are not deleted because they are required for other and legally permissible purposes, their processing is limited to these purposes. I.e. the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law or whose storage is necessary for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person.
Further information on the deletion of personal data can also be found in the individual data protection notices of this data protection declaration