1-WHO IS THE DATA CONTROLLER OF YOUR DATA PROCESSING?
The Data Controller and owner of the QOOB brand, of the website https://www.qoobers.com and of the QOOB App is QOOBERS SMART SOLUTIONS SL (hereinafter QOOB), a Company with registered office at Calle Numancia , 120 - P. 1 PTA. 3, Barcelona, 08029, Barcelona with tax identification number B67522748 and registered in the Commercial Registry of Barcelona.
2-WHICH IS THE PURPOSE OF YOUR PERSONAL DATA PROCESSING?
In QOOB we use your personal data collected when you contact us to request for information, to provide you information about our services or products, internally and externally manage the registration and use of our App/Website and the services we offer, as well as comply with the legal obligations arising from such activities.
We collect user data like email, encrypted password, user name, user tokens to limit the access to the user account and grant a personalized experience with the QOOB parking station. We also collect geolocation data to filter the parking stations near the user, show near sharing vehicles and locate the user. The application is transmitting the data with https://api.qoobers.de, which is an internal organization url.
The data that you provide us through our interactive Chat tool (chatbot) will be used to manage your requests, as well as to, if you give us your express consent, include them in a database to segment them and create profiles according to your interests and to be able to proceed later to carry out actions or commercial communications, as well as to improve our solutions or services.
The data collected during your browsing is processed with the aim of providing access to the online content of the App/ Website, as well as responding to the requests of App/Website users, keeping a record of visit statistics (IP addresses, browser data, country, page accessed, etc.) for statistical purposes or to apply measures aimed at improving the security of the App/Website.
If you fill in any of the contact forms that you will find on the App/web, it will be necessary to provide certain personal data, which will be processed for the purpose for which they are requested.
3-WHAT IS THE LEGAL BASIS FOR THE PROCESSING OF YOUR DATA?
The legal basis for the processing of your personal data is:
Performance of a contract: this is when the processing of your personal information is necessary in order to perform our obligations under a contract. that is generated when you register Through our App or request any of our services.
Your express consent by voluntarily providing them to us to request information, through our forms, Chatbot or register through our App.
Legal obligation: this is when we are required to process your personal information in order to comply with a legal obligation, such as keeping records for tax purposes.
Legitimate interests: we shall process information about you where it is in our legitimate interest in running a lawful business to do so in order to further that business, so long as it doesn’t outweigh your interests.
4. DATA RETENTION. ¿How long shall we keep your personal data?
The personal data you provide us shall be kept for the time necessary to manage the information you request, or as long as there are contractual obligations deriving from services or content requested by Users and subsequently until the expiration of legal, contractual or professional responsibilities that require its retention.
Once the data has met the needs for which it was collected, we will delete it permanently. However, we will keep your data longer if necessary, to comply with legal obligations. Likewise, it may be necessary to keep them for the time necessary until the prescription of the legal responsibilities that are generated.
5. DATA RECIPIENTS
Your Personal Data will be processed by duly authorized personnel, and, if necessary or practical to fulfill the purposes indicated above, they may be processed, in certain cases, by third parties.
The categories of recipients to whom your Personal Data may be communicated are the following:
a. Data processors, such as IT providers, consultants and consultants and other companies.
b. Public entities and Authorities, exclusively for the purpose of complying with legal and regulatory obligations, as well as the requirements of the police authorities if is requested.
c. Other suppliers to whom, where appropriate, your personal data may be transferred, when is necessary for our normal operation, as financial institutions, insurers, among others.
All of them are subject to the duty of professional secrecy.
6. RIGHTS ¿what are your rights when you provide us with your data?
If you wish to exercise the rights that the data protection regulations grant you, please send us an e-mail to the following address firstname.lastname@example.org putting in the subject the right you want to exercise and attaching a copy of your national identity document or passport.
The Rights that the current regulations recognize and that, where appropriate, may be exercised are:
Right of access to data:
You have the right to be informed by the Data Controller if your personal data is being processed or not, and if the process is confirmed, you shall be able to access it by providing the following information:
-The purposes of processing.
-The categories of data.
-The term or criteria for data retention.
Right to rectification:
You will have the right to order the Data Controller to rectify your data when they are inaccurate or incomplete by means of an additional rectifying statement.
Right to Erasure:
The data subject shall have the right to Data Controller erasing their data, when:
-The processing is illegal.
-The data subject has withdrawn their consent.
-They are no longer necessary in relation to the purposes for which they were collected or processed.
-The data subject has exercised the right of opposition and other legitimate reasons for the processing do not prevail.
-The data must be erased to fulfill a legal obligation of the Data Controller.
The data subject shall not have the right for the Data Controller to erase their data when the processing is necessary:
-To exercise the right to freedom of expression and information.
-To fulfill a legal obligation of the Data Controller.
-For the preparation, exercise or defense of claims.
-For public interest based on current legislation for public health reasons or for historical, statistical or scientific research purposes.
Right to data portability:
You have the right for the Data Controller to transfer your data to another Data Controller or to the same data subject, through a structured format of habitual use and mechanical reading, when the processing is carried out by automated means and is based on:
-The consent of the data subject for specific purposes.
-The execution of a contract or pre-contract with the data subject.
The right to data portability will not apply when:
-The transmission is technically impossible.
-It can negatively affect the rights and freedoms of third parties.
-The processing has a public interest mission based on current legislation.
Right to restriction of processing:
1.The data subject shall have the right to obtain from the Data Controller restriction of processing where one of the following applies:
the accuracy of the personal data is contested by the data subject, for a period enabling the Data Controller to verify the accuracy of the personal data;
-the processing is unlawful, and the data subject opposes the erase of the personal data and requests the restriction of their use instead;
-the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims;
-the data subject has objected to processing, pending the verification whether the legitimate grounds of the controller override those of the data subject.
2. Where processing has been restricted under paragraph 1, such personal data shall, with the exception of storage, only be processed with the data subject's consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.
3. A data subject who has obtained restriction of processing pursuant to paragraph 1 shall be informed by the controller before the restriction of processing is lifted.
Right of opposition:
The data subject shall have the right to object to processing of personal data, on grounds relating to his or her situation, at any time. The controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims.
Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing, which includes profiling to the extent that it is related to such direct marketing.
Where the data subject objects to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.
Right not to be subject to profiling:
The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her, mainly when is referred to the following personal aspects:
-Preferences or personal interests.
-Location or movements of the person.
When profiling is based solely on automated processing:
-The data subject will have the right to be informed if the decision that can be taken could have legal effects that significantly affect him.
-The data subject will have the right to obtain human intervention from the Responsible, to express their point of view and to challenge the decision, if the processing has been authorized by:
-The explicit consent of the data subject.
-A contract between the Responsible and the data subject.
It will not apply to the right not to be subject to profiling when the decision that can be taken as a result of it is authorized by:
This right shall not apply if the decision:
is necessary for entering, or performance of, a contract between the data subject and a data controller;
is authorized by European Union or Member State law to which the controller is subject, and which also lays down suitable measures to safeguard the data subject's rights and freedoms and legitimate interests; or
is based on the data subject's explicit consent.
7. COOKIES POLICY
What are cookies?
A cookie is a file that is downloaded to your computer (computer or mobile device) in order to store data that can be updated and retrieved by the entity responsible for its installation.
The information collected through cookies may include the date and time of visits to the Website, the pages viewed, the time you have been on our website and the sites visited just before and after it.
TYPE OF COOKIES USED ON OUR WEBSITE.
These cookies are sent to your computer and managed exclusively by us for the best functioning of the Website. The information we collect is used to improve the quality of our service and your user experience.
These cookies remain in your browser for longer, allowing us to recognize you as a recurring visitor to the Website and adapt the content in order to offer you a content that fits your preferences. Specifically, we use the following cookies:
Cookie: _ga Duration:2 years Purpose: Used to distinguish users.
Cookie: _gat Duration:10 minutes Purpose: It is an analytical cookie, related to Google Analytics. It is used to differentiate between the different tracking objects created in the session.
Cookie:_gid Duration: session Purpose: Cookie that contains an anonymous identifier used to distinguish users.
Cookie: XSRF TOKEN Duration: session Purpose: This is an encrypted cookie that serves to control that all form submissions are made by the user currently in session, avoiding CSRF (Cross-Site Request Forgery) attacks.
Cookie: bSession Duration: session Purpose: Session information storage.
Cookie:_hs Duration: session Purpose: This cookie is used to determine and save if the chat widget is open for future visits.
Cookie: ssr-caching Duration: session Purpose: Technical cookie indicates how the site has been rendered. It is removed when the browser is closed.
Cookie: Sv Session Duration: 2 years Purpose: It is used in connection with the user's login.
2-Third party analytical or technical cookies.
Cookie: bSession Duration: session Purpose: Session information storage.
Cookie: AWSELBCORS Duration: session Purpose: Cookie of the Amazon domain that serves so that the web applications of the clients loaded in one domain interact with the resources of a different domain.
Cookie: JSESSIONID Duration: session Purpose: This cookie allows you to store a unique identifier per session through which it is possible to link the necessary data to enable current browsing.
In addition, if you interact with the content of our Website, third-party cookies may also be set (for example, by pressing social media buttons or watching videos hosted on another website).
We include below the links the websites where you can consult the description of the type of cookies used by the social networks that you can access from our Website:
DISABLING AND BLOCKING COOKIES OR WITHDRAWING MY CONSENT.
In any case, we inform you that since cookies are not essential for the use of our Website, you can block or disable them by activating the configuration of your browser that allows you to refuse the installation of all cookies or some of them. Most browsers allow you to warn of the presence of cookies or to reject them automatically. If you reject them you can continue using our Website, although the use of some of its services may be limited and therefore your experience on our Website less satisfactory. For more information on the deletion, disabling or blocking of cookies please visit:
You can also find information on how to do it in the following links depending on the browser you use:
If you wish, you can watch the videos developed by the Spanish Agency for Data Protection in order to explain how to configure the privacy options from different platforms and equipment. https://www.aepd.es/es/guias-y-herramientas/videos
CHANGES IN THE COOKIES POLICY
8- SUPERVISORY AUTHORITY:
If you consider that QOOB has violated any of your rights protected by the personal data protection regulations or that it has violated any obligation regarding the protection of Personal Data, you have the right to submit a claim to the competent Supervisory Authority which in Spain is the Spanish Agency for Data Protection located at Calle Jorge Juan, 6. 28001 - Madrid. Tel. 901 100 099 - 912 663 517
You can also submit an electronic claim through the electronic address that is available on their website https://www.aepd.es/
9. GOVERNING LAW AND JURISDICTION
It is also governed by Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights. Likewise, our website is governed by Law 34/2002, of July 11, on Information Society and Electronic Commerce Services.
Any dispute arising from matters relating to the Site shall be exclusively subjected to the jurisdiction of the courts of the city of Barcelona.