Privacy Policy

Who is responsible for your data?

Web Site Owner: System One NOC & Development Solutions, S.A. (hereinafter, “SONOC”)
Address: Edificio Cines Goya, Josefa Amar y Borbón 10, 4th Floor, 50001 Zaragoza, Spain
VAT: A-50981489
Data Protection Officer: Mr. Álvaro Villacampa – Lawyer (hereinafter, “DPO”)
Contact Email: dataprotection@sonoc.io

What is a personal data?

SONOC takes protecting your information very seriously. Your personal data is therefore processed with great care and in strict compliance with applicable data protection law.

In this context, “personal data” means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Organizational and technical security measures have been taken to protect all of our websites against the risks present in processing personal data. Our partners who support us in the provision of this website must comply with these provisions as well.

For what purposes do we process your data?

SONOC will treat your personal data for the following specific purposes:

  • For the management and rendering of the contracted services, as well as its later invoicing, all this based on the contractual or pre-contractual relationship previously established between you and SONOC.
  • In order to attend and respond to any query regarding privacy or any request for the exercise of data protection rights and which have been sent through the channels indicated, always in compliance with our legal obligations.
  • In the event that you are subscribed to our newsletter, to periodically send you electronic communications about our services, as well as news, legislative changes or events related to our professional activity, all unless you indicate otherwise or oppose or revoke your consent.
  • To periodically send you commercial and/or promotional information related to previously contracted services, unless you indicate otherwise, oppose, or revoke your consent.
  • In the event that you have sent us your CV, to evaluate your application and manage the corresponding selection processes, present and future, in relation to jobs that fit your profile.
  • For research and development. We are constantly looking for ways to improve our services, to make them more reliable, secure, and useful to you and our users generally and we may use the Personal Data and other information we collect to help us do so. For instance, we use data regarding our users’ communications on our platform to understand how our services are performing and how they are being used in order to identify areas where we can do better. For instance, we may use message delivery and call connection information to gauge the effectiveness of our routing to ensure that your messages are delivered and your calls are connected. We and our service providers may use your information, including information obtained through customer surveys, to assess the level of interest in, and use of, our services, our communications to our customers, and our other messaging campaigns, both on an individual basis and in the aggregate. Surveys are optional and customers can opt-out from receiving such surveys via opt out links in survey invitations. We also use information about your use of our websites to understand how our website visitors are using our websites. Among other things, this usage information, along with tracking technologies, enables third-party analytics companies to generate analytics reports on the usage of our services.
  • To improve our services and develop new services. We use your data in the provision of the services. We also use data we collect in existing services to improve and develop new services.
  • To market, promote, and drive engagement of our products and services. We use Personal Data and other information about you to send promotional communications, such as e-mail messages, text messages, phone calls, faxes and postal mail, and for marketing when we have an adequate legal ground to do so. When prior opt-in consent is required by applicable laws, we will obtain such consent. We do not send marketing communication to our customers’ customers who are end users. Based on information we collect about you, we may decide whether and how to promote certain of our products or services to you over others. These communications are to drive your engagement and maximize the value of our services to you, and to help you receive more relevant information from us. To perform the above functions and others described in this Privacy Policy, we may match information collected from you through different means or at different times, including Personal Data and usage information, and use such information along with information obtained from other sources (including third parties) such as contact information, demographic information, and personal interest information. Where local law permits, an auto-dialer and/or artificial or pre-recorded message may be used to make calls to you. Consent on behalf of someone else or provide someone else’s contact information will not be accepted. You are not required to agree to promotional communications in order to purchase goods or services from us. You can control whether you receive these kinds of communications as described below in Opt out of communications.

What categories of data do we process?

According to these purposes, SONOC process the following categories of data:

  • Identifying data: name, surname, ID, nationality, address, e-mail, postal code, telephone.
  • Traffic and location data: see our Cookie Policy for more information.
  • Electronic communications metadata.

These personal data are essential and, therefore, essential in order to be able to provide the services we offer, so the refusal to provide them will mean the impossibility for SONOC to carry out the provision of contracted services.

You guarantee that the data provided are true, exact, complete and updated, assuming consequently the responsibility for any damage or harm, direct or indirect that could be caused as a consequence of a breach of this obligation.

What about AI and Biometric Data Processing?

At SONOC, we value and respect the privacy of our users. As part of our commitment to transparency and data protection, we wish to inform you about the processing of Artificial Intelligence (AI) data and Biometric data within our services.

  1. Artificial Intelligence Data Processing:
  • We utilize artificial intelligence technologies to enhance our services and provide personalized experiences. Artificial Intelligence data refers to information generated, processed, or utilized by our AI systems to learn, adapt, and perform specific functions. We are committed to providing clear and understandable information on how this data is used, as well as the types or data collected, how they are used, and with whom they are shared.

  • We adhere to all applicable national and international laws and regulations concerning data processing, including but not limited to the General Data Protection Regulation (GDPR), Spanish Data Protection Regulation, the recommendations issued and approved by the Spanish Data Protection Agency and any other relevant legislation.

  • Evaluation and testing. Prior to deploying any artificial intelligence system, we conduct rigorous evaluations and testing to ensure its accuracy, fairness, and security. We pledge to regularity review and update these systems to maintain compliance and effectiveness.
  1. Biometric Data Processing: we acknowledge the sensitivity of biometric data, which includes unique physical, physiological, or behavioral characteristics of an individual. When we collect biometric data, we do so with the explicit consent of the user and only for specific and legitimate purposes. We inform our users about the type of biometric data we collect, how it is used, and with whom it is shared.
  • We comply with all applicable laws and regulations regarding the processing of biometric data, including but not limited to privacy and data protection laws governing the collection, storage, and use of such data.

  • We implement appropriate technical and organizational security measures to safeguard biometric data against unauthorized access, disclosure, alteration, or destruction.

By accepting our privacy policy, users acknowledge and accept the processing of their artificial intelligence data and biometric data according to the principles and procedures outlined above. For any questions or concerns regarding the processing of this data, users can contact us through the means provided in our privacy policy.

What about log data?

For technical reasons, each time your Internet browser accesses our website it automatically sends information to our web server (i.e. log data). We store some of this information in log files, such as:

  • The date of the access.
  • The time of the access.
  • The URL of the linking website.
  • The files accessed.
  • The volume of data transferred.
  • The browser type and version.
  • The operating system.
  • The IP address (anonymized).
  • Your Internet access provider.

Nevertheless, log data does not contain personal data. As a general rule, SONOC only analyses log data in order to remedy faults in the operation of the website or clarify security incidents.

It is sometimes necessary for SONOC to collect additional personal information as well as log data in order to remedy faults or preserve evidence relating to security incidents. In these cases, SONOC is permitted to process the log data by law (Article 6 (1f) of Regulation (EU) 2016/679). SONOC will delete this data once the fault has been remedied or the security incident has been clarified in full, or if the original purpose of the processing no longer exists due to other factors. In the event of a security incident, SONOC will transmit log data to the investigating authorities on a case-by-case basis, to the extent permitted.

What web analytics tools do we use?

1. Google Analytics

In order to carry out marketing and market research and tailor our website appropriately, SONOC use analytics cookies and/or JavaScript to collect and process usage data relating to your visit to our website. Your usage data is collected and a usage profile is generated from this data on a pseudonymised basis, using a cookie ID. Your IP address is either not recorded or is anonymized immediately after recording as part of this.

SONOC website uses Google Analytics, a web analysis service of Google, Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, www.google.com (“Google Analytics” or “Google”). Google Analytics employs cookies that are stored to your computer in order to facilitate an analysis of your use of the site. The information generated by these cookies, such as time, place and frequency of your visits to our site, including your IP address, is transmitted to Google’s location in the US and stored there. In using Google Analytics our website employs the extension “anonymizeIp”. In doing so, Google abbreviates and thereby anonymizes your IP address before transferring it from EU/EEA member states.

Google uses this information to analyze your use of our site, to compile reports for us on Internet activity and to provide other services relating to our website.

Google may also transfer this information to third parties where required to do so by law or where such third parties process this data on Google’s behalf. Google states that it will in never associate your IP address with other data held by Google. You can prevent cookies from being installed by adjusting the settings on your browser software accordingly as noted elsewhere in this Privacy Policy. You should be aware, however, that by doing so you may not be able to make full use of all the functions of our website.

Google Analytics services are ruled by their own policies, accordingly we suggest you to visit its Privacy Policy to get more information about the information and data they use: https://www.google.es/intl/es/policies/technologies/cookies/

Moreover, if you accepted the use of Google Cookies related to Google Analytics you could also uninstall them from your Browser or by using an specific software: https://tools.google.com/dlpage/gaoptout?hl=en

For the cases in which personal data is transferred to the US, Google has self-certified pursuant to the EU-US Privacy Shield (https://www.privacyshield.gov/EU-US-Framework).

2. Display of SONOC Locations Using Google Maps

One feature available to you as a user of our website is a map showing SONOC locations worldwide. We use Google Maps to display this map. Google Maps is a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. You can find details on how personal data is processed when Google Maps is used via the following link: https://policies.google.com/privacy.

How long do we keep your data?

SONOC will only keep your personal data for as long as it is necessary to carry out the purposes for which they were collected and/or to attend to possible responsibilities, as well as to defend claims, all this as long as you do not revoke the consents granted. In this case, or after this period, your data may be kept and blocked during the legally established periods.

When it comes to job applications, SONOC will delete your personal data on completion of the application process, or after one year if you did not get that job but you may be an interesting applicant for some other position.

What is the legitimacy for the processing of your data?

The legal bases for the processing of your personal data are the following:

  • With regard to the management and provision of contracted services, as well as their payment and invoicing, the processing of your data is legitimized by the execution of the contract itself.
  • As regards the sending of electronic, commercial and/or promotional communications, the treatment is based on the legitimate interest of SONOC.
  • In relation to the data contained in your CV for the management of your application for an offer or selection process, the legitimacy for this treatment is your consent.
  • For any other treatment of your personal data, SONOC will obtain for each specific case your express consent, in which case this will constitute the legitimate basis of the treatment.
  • Finally, your personal data may also be used to comply with the different legal obligations that SONOC must observe in which case this will be the legitimate basis.

Data Storage, transfer and accuracy

We take steps to ensure that data is processed according to this Policy and to the requirements of applicable law of your country and of the additional countries where the data is subsequently processed.

Data we collect may be processed and stored in Spain or in other countries where we or our affiliates or service providers process data.

When we transfer personal data from the European Economic Area to other countries, we use a variety of legal mechanisms to help ensure all applicable laws, rights and regulations continue to protect your data.

To whom will your data be communicated?

From SONOC it is possible that we communicate your personal data to the following entities, attending at all times to the previously mentioned purposes:

  • To Public Administrations in compliance with the legal obligations that are applicable to us in accordance with current legislation.
  • To the State Security Forces by virtue of what is established in the applicable legislation.
  • To banks and financial institutions for the collection of services rendered.
  • To other entities of SONOC Group.
  • To our suppliers of auxiliary services, which are essential for the correct provision of the contracted services (among others, hosting providers, messaging providers, providers of tax management and/or consultancy services, sales and marketing services).

What rights can you exercise and how can you do it?

At any time and free of charge, you may exercise the following rights:

  • Access your personal data to know which are being processed and for what purpose.
  • Rectify any inaccurate personal data.
  • Request the deletion of your personal data, when this will be possible.
  • Request the limitation of the treatment of your personal data when the accuracy, legality or necessity of the treatment of the data is doubtful, in which case, we will be able to conserve the data for the exercise or the defense of claims.
  • Oppose the processing of your personal data when the legitimate basis of the same is the legitimate interest
  • Request the portability of your data.
  • To revoke the consent granted.
  • Right to Avoid Automated Individual Decision-Making. SONOC´s Processing of Personal Data generally does not include automated decision-making that produces legal effects concerning the Customer Data Subject. In the event SONOC implements such automated-decision making, SONOC will provide meaningful information about the logic involved and the significance and the envisaged consequences of such Processing for the Customer Data Subject.

In order to exercise these rights, you may write to SONOC at the following address: Paseo de la Independencia, 8, 8ºC, 50.004, Zaragoza; or send an e-mail to dataprotection@sonoc.io, in any case specifying the reference “Personal Data” and attaching a copy of your ID card or alternative identification document and indicating the specific right you wish to exercise.

We also inform you that you have the right to contact the Spanish Data Protection Agency and file a complaint in the event of infringement of data protection legislation with regard to the processing of your personal data.

Are your data protected?

SONOC has a firm commitment with the protection of the personal data and the privacy of our users, so to guarantee the security and to protect the personal data obtained in accordance with the exposed thing in this policy of privacy, we guarantee that we carry out all the technical safety measures necessary to prevent their loss, manipulation, diffusion or alteration.

We work hard to safeguard your data using a range of technological and organizational security controls.

We maintain and protect the security of computer storage and network equipment, and we use security procedures that require employees to authenticate themselves to access sensitive data. We also limit access to personal information only to those with jobs requiring such access. We require callers and online users to authenticate themselves before providing account information.

Date of last update: 14/03/2024

Up