We will always process your personal data based on one of the legal basis provided for in the GDPR.
We may collect and process your personal data for the purposes detailed below, which are required so that we can pursue our legitimate interests and provide you with adequate products and services:
The use of personal data is necessary for us to provide TCLOUD Services to You. This means that you cannot object to us processing your personal data altogether and still require us to provide our services to you.
However, you are entitled to object to certain use of your personal data, and to opt-out of some kinds of processing.
Subject to obtaining your express prior consent, we may also collect and process your personal data for the following purposes:
Please be aware that you are entitled to withdraw your consent at any time, and this without affecting the lawfulness of processing based on your consent before withdrawal thereof.
We will process your data for these specified, explicit and legitimate purposes, and will not further process the data in a way that is incompatible with these purposes. If we intend to process personal data originally collected for one purpose in order to attain other objectives or purposes, we will ensure that you are informed of this. We will keep your personal data for as long as it is necessary for us to comply with our legal obligations, to ensure that we provide an adequate service, and to support its business activities.
We can obtain such personal data either directly from you when you decide to communicate such data to us (i.e., when you sign up for and use our TCLOUD Services or when you fill in forms displayed on our Website) or indirectly where such personal data is provided to us by your electronic communication terminal equipment or your Internet browser. We ensure that the personal data processed is adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
We may share your personal data with third parties as described below:
We will only transfer your personal data if:
We maintain administrative, technical and physical safeguards designed to protect the personal data you provide against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. Service providers and contractors who might have access to your data in order to provide services on our behalf will be contractually obliged to keep such data in confidence, provide adequate data security measures, and may not use that data for any other purpose.
Our cloud infrastructure service providers AWS have signed the CISPE Data Protection Code of Conduct. CISPE Code of Conduct provides a framework to ensure that the data processing activities carried out by Cloud Infrastructure Service Providers (CISPs) are compliant with the current Data Protection Directive and the General Data Protection Regulation (GDPR)
We will retain your personal data only for as long as is necessary. We maintain specific records management and retention policies and procedures, so that personal data are deleted after a reasonable time according to the following retention criteria:
You are entitled (in the circumstances and under the conditions, and subject to the exceptions, set out in applicable law) to:
To exercise your rights as set out above or to make a complaint or submit an inquiry about our privacy practices, please contact us at info at twave.io
In the unlikely event that you wish to lodge a complaint about our collection, transfer or processing of your personal data, you can lodge a complaint with the Agencia Española de Protección de Datos which is the Public Supervisory Authority of TWAVE, SL or the Supervisory Authority in your country of residence.