Privacy Policy

In compliance with the provisions of the General Data Protection Regulation 2016/679 (“GDPR”) and Organic Law 3/2018, of 5 December, on the Protection of Personal Data and Guarantee of Digital Rights (“LOPDGDD”) and other applicable provisions, hereinafter “LAW”, it is made available to interested parties (hereinafter the “USER”) who for any reason and/or means provide IDFINANCE INVESTMENTS, S.L.U. (hereinafter referred to as “IDFINANCE”) provides personal information, the following:

PRIVACY POLICY

This Privacy Policy details how IDFINANCE uses and collects personal data through the website https://idfinance.com/, cookies, hiring requests and the different service and contact channels enabled for this purpose.
 
 

Data Controller IDFINANCE INVESTMENTS, S.L.U.
Purpose
  • Contact & Customer Service
  • Sending communications and information electronically
  • Management of personnel selection processes
  • Management of the ethics and whistleblowing channel
  • Comply with other legal obligations that apply to IDFINANCE.
  • Analysis of the use, operation and improvement of the website
  • Study possible improvements to the website to optimize the usability experience and implement them.
  • Data processing for internal administrative purposes of the IDFinance Group.
Lawfulness The processing of your data may be based on the consent of the data subject, the
performance of a contract, legitimate interest and/or compliance with a legal obligation.
Recipients Personal data may be communicated to third party recipients and processors when
such communication is necessary for the proper provision of their services and the
achievement of the purposes described.
Data Protection Rights Access, rectification, erasure, objection, limitation of processing, data
portability, not to be subject to automated individual decisions, to revoke the consent
given, as well as to file a complaint with the Spanish Data Protection Agency, if deemed
appropriate.
More information Detailed information on the protection of your data can be found below.

 

DETAILED INFORMATION ON DATA PROCESSING

  1. DATA CONTROLLER
    1.  Who is the Data Controller?
      ID FINANCE INVESTMENTS, S.L. (hereinafter IDFINANCE) with CIF: B66862442 and address at C/ Tuset 5-11, 3rd floor. 08006 – Barcelona, contact telephone number 934617231.
    2.  Data Protection Officer
      IDFINANCE It has a designated Data Protection Officer with whom you can contact, through the address [email protected], for the exercise of your data protection rights (regulated in clause 5 of this Privacy Policy) and to resolve any doubts you may have regarding them.
  2. PURPOSE
    1. Purpose of the processing of the requested data.
      IDFINANCE processes the USER’s personal data for the following purposes:

      1. Contact & Customer Service
        1. Provide customer service by answering questions and responding to your queries and requests for information.
      2. Sending communications and information electronically
        1. Sending communications in order to keep you informed about news related to IDFINANCE and its services.
      3. Management of personnel selection processes
        1. To process your job application, your participation in the personal selection processes and/or the sending of the CV sent by you as an applicant/candidate.
        2. Send you information by electronic or telephone about new selection processes, employment opportunities and/or vacancies at IDFINANCE, if you have requested it.
      4. Management of the ethics and whistleblowing channel
        1. To process the complaints received and to investigate the veracity of the facts denounced.
        2. Propose resolutions on communications and complaints related to possible criminal acts or breaches of regulations and ethics received through this channel.
        3. To inform you of the outcome of the procedure, as well as, where appropriate, to adopt disciplinary measures and/or to file legal or other actions before the corresponding bodies.
      5. Comply with other legal obligations that apply to IDFINANCE.
      6. Analysis of the use, operation and improvement of the website
        1. Recognize your username when you access the website again
        2. Adapt the website to the type of device used
        3. Adapt the website to the personalization criteria chosen by the user and remember them
      7. Study possible improvements to the website to optimize the usability experience and implement them.
      8. Data processing for internal administrative purposes of the IDFinance Group.
    2. Data retention periods or criteria
      The use of the USER’s Personal Data will be governed and limited by this Privacy Policy, keeping them for the entire term of the contractual relationship or until the deletion is requested, until the transactions are fully settled, and for the time indicated by the applicable legal provisions.

      Likewise, we inform you that once the contractual relationship has ended, your data will remain blocked until its deletion in order to deal with possible judicial, administrative or tax claims, as well as to make them available to the competent authorities and for the periods legally determined by each applicable regulation.

      For job applications, we inform you that we keep your personal data for a maximum period of twelve (12) months, in view of possible future selection processes, provided that you do not state otherwise or exercise your right to erasure or become part of our workforce.

      In relation to the data provided through the complaints channel, and in compliance with the provisions of article 24 of the LOPDGDD, they will be kept in the complaints system only for the time necessary to decide on the admissibility of initiating an investigation into the reported facts.

      In any case, three (3) months after the data was entered, it will be deleted from the reporting system, unless the purpose of the retention is to provide evidence of the operation of the model for the prevention of the commission of crimes established by IDFINANCE. Complaints that have not been followed up will be recorded in an anonymised form, without the blocking obligation provided for in article 32 of the LOPDGDD being applicable.

      Thus, we inform you that the retention period may reach up to ten (10) years, in compliance with the obligations established in the regulations on the Prevention of Money Laundering and Financing of Terrorism; six (6) years, in compliance with accounting and commercial obligations; and five (5) years pursuant to the statute of limitations for actions arising out of a loan agreement.

    3. Automated Decisions, Profiling, and Applied Logic
      IDFINANCE does not make automated decisions based solely on the processing of your data, including profiling, that produce legal effects on you or similarly significantly affect you.
  3. LEGITIMATION
    1. Legitimacy for data processing
      IDFINANCE will process Users’ data based on the following legal bases:

      1. Fulfilment of the pre-contractual and contractual relationship
        The legal basis for the processing of your data is that it is necessary for the correct management, administration and execution of the contract (job application) requested, or for the application of pre-contractual measures in order to process and manage the application.
      2. Consent
        Both the sending of communications and information by electronic means, and the management of personnel selection procedures are based on the consent that is expressly requested by ticking the box that appears in the forms on the website. We inform you that you can withdraw your consent at any time, without affecting the lawfulness of the processing based on consent prior to its withdrawal.

        Consents can be revoked at any time by sending an email to [email protected].

      3. Compliance with a legal obligation
        The legal basis for the processing in the case of the management of the whistleblowing channel is compliance with a legal obligation established by Directive (EU) 2019/1937 of the European Parliament and of the Council of 23 October 2019 on the protection of persons who report breaches of Union law, with the aim of knowing possible criminal acts or regulatory and ethical breaches, as well as acts or conducts that could be contrary to the general or sectoral regulations that are applicable to IDFINANCE, by virtue of the provisions of article 24 of the LOPDGDD.
      4. IDFINANCE’s legitimate interest
        The legal basis for the processing of your data is the satisfaction of IDFINANCE’s legitimate interests, provided that these prevail, after analysis of the legitimate interest, over the interests or fundamental rights and freedoms of the Users.

        Thus, IDFINANCE’s legitimate interest prevails for Data processing for internal administrative purposes of the IDFinance Group.

  4. RECIPIENTS
    Your personal data may be communicated to third parties when such communication is necessary for the proper provision of their services, including:

    • Entities of the IDFINANCE group of companies for internal administrative purposes.
    • Judges and Courts, Public Treasury, Government and Public Administration Bodies, State Security Forces and Corps, etc. when there is a legal obligation.
    • Data processors with whom IDFINANCE has signed the corresponding data processor contracts that include the necessary guarantees.

    International transfers of your personal data may be made to IDFINANCE service providers. These providers may be located in states outside the European Economic Area. Where they have not been declared to have a level of protection equivalent to that of Europe, IDFINANCE will adopt the corresponding standard contractual clauses.

    IDFINANCE contracts its virtual infrastructure according to a Cloud Computing model through Amazon Web Services (AWS) whose servers are located within the European Economic Area.

    IDFINANCE guarantees that the companies receiving your personal data have the same security measures and have signed the corresponding data processing contract.

  5. RIGHTS
    1. USER Rights
      The USER may exercise the following personal rights:

      1. Access
        The right of access to your personal data in order to know which data is being processed and the processing operations carried out with it; for what purposes, to whom we can communicate them, the period of storage of your data, as well as to obtain a copy of the data we are processing.

        This copy will be free of charge, as long as it is not manifestly unfounded or excessive, especially due to its repetitive nature, in which case we may request the payment of a fee based on administrative costs. As a result, we will respond to you by sending you all this information.

      2. Rectification
        Right to rectification of any personal data of the User that is inaccurate or incomplete. You can correct this data directly through your IDFINANCE personal area or ask us to modify the data contained in our databases, when they are inaccurate or incomplete.

        As a consequence, your data will be modified and kept duly updated by sending you the corresponding response.

        In the event that the requested data is rectified, IDFINANCE will proceed to block them while the rectification is being processed, adopting technical and organizational measures to prevent their processing, except when required by judges and courts.

      3. Suppression
        Right to erasure of your personal data, when you consider that the processing we are carrying out is unlawful, because the purpose for which it was collected or processed has disappeared, because you want to withdraw your consent, or because you oppose the processing of your personal data. whenever possible.

        However, please remember that we have certain legal obligations that prevent us from proceeding with its immediate deletion.However, we will keep them properly blocked when required to do so by law. As a consequence, your data will be deleted or duly blocked as applicable by sending you the corresponding response.

        In the event that the requested data is deleted, IDFINANCE will proceed to block them by adopting technical and organisational measures to prevent their processing, except when required by judges and courts, until the end of the legal period provided.

      4. Restriction of processing
        The right to request the restriction of the processing of your personal data when you consider that the data we are processing is not accurate, while we verify the accuracy of the same; when you understand that the processing we are carrying out is unlawful and you oppose the deletion of the same; and when you consider that we no longer need your personal data and you need it for the exercise, formulation or defence of claims.

        As a result, we will take appropriate action and you will receive the corresponding response.

      5. Opposition
        Right to object to the processing of your personal data, when the legal basis that enables us to process it is legitimate interest. IDFINANCE will no longer process your personal data unless it has an overriding legitimate interest or for the establishment, exercise or defence of legal claims.
      6. Portability
        Right to the portability of your data, the right of the interested party to receive personal data concerning him/her, which he/she has provided to IDFINANCE, in a structured, commonly used and machine-readable format, and/or to transmit them to another data controller.
      7. Objection to being subject to exclusively automated decisions:
        IDFINANCE does not make automated decisions based solely on the processing of your data.

        But, in any case, you would have the right to object to being subject to automated decisions by requesting human intervention in the decision, to express your point of view, and to challenge the decision in the event that these decisions have a legal impact or similarly significantly affect you.

        As a consequence, you will have the right to have the decisions reviewed with human intervention by sending you the corresponding response.

    2. Right to withdraw consent
      Without prejudice to the fact that the USER has given his/her consent to carry out the processing of his/her data, he/she may withdraw it at any time.

      The right to revoke the consent given at any time, the consent given to process your data, without affecting the lawfulness of the processing based on the consent prior to its withdrawal.

    3. How can I exercise these rights?
      In all cases, the USER may exercise the rights indicated by sending an email, indicating name, surname, address for notification purposes and indication of the right to be exercised, to the following email address [email protected] or the physical address Calle Tuset 5, piso 3º 08006, Barcelona; clearly indicating the right you wish to exercise and attaching a copy of your DNI, REF “Data Protection”, being able to request a copy of your DNI when necessary to verify your identity.

      IDFINANCE will respond to the request and inform the USER of the measures taken within one month of receipt. This period may be extended, after notifying the USER, for a maximum of two additional months if necessary, taking into account the complexity and number of requests received, in which case, we will inform the USER.

    4. Right to lodge a complaint with the Supervisory Authority
      We inform you that you can file a complaint with the Spanish Data Protection Agency (AEPD) as the competent supervisory authority in the matter, at the following address C/ Jorge Juan, 6 – 28001, Madrid; or via the following link https://sedeagpd.gob.es.
  6. ORIGIN
    1. Source of the data
      IDFINANCE may obtain information about the USER, by the means permitted by the LAW, including obtaining it directly by the USER himself or from third parties through electronic platforms, applications and mobile devices and/or its own or third-party websites.

      In particular, IDFINANCE may obtain information through the following channels:

      1. Directly from the data subjects through/from:
        1. Online forms located on the IDFINANCE homepage
        2. web browsing and the use of cookies;
        3. emails,
        4.  phone calls;
        5.  sending the CV in the job application
        6.  whistleblowing channel available on the IDFINANCE website

      The USER, by entering his/her Personal Data on the Website, guarantees that the information is accurate, true and free of bad faith or vices.

      In compliance with the principle of accuracy, IDFINANCE will update the information in its database with the information collected directly from the owner or from third parties.

    2. Categories of data processed Personal data that will be processed accordingly
      IDFINANCE may process the following personal data.

      1. Identification data and personal characteristics:
        Name; Surnames; gender; Date of birth; Place of birth; marital status; DNI/NIE; number of children, personal description.
      2. Contact details:
        E-mail address; personal mobile phone number; personal landline phone number; physical address of residence.
      3. Economic and financial data:
        Bank details; bank account number.
      4. Employment Data:
        Employment status, registration/deregistration with social security, company where you currently work, last level of studies, position, start date of last employment, work address, business sector; work mobile phone number; Work landline phone number.
  7. Security Measures
    IDFINANCE adopts the security levels required by the GDPR appropriate to the nature of the data that is processed at any given time by its activity. In this regard, it uses encryption techniques that do not allow a third party to trace the identity of the User who interacts with our services. Likewise, it may also carry out secure anonymisation techniques of the personal data it processes in order to carry out its activity. However, technical security in a medium such as the Internet is not impregnable and there may be fraudulent actions by third parties, although IDFINANCE provides the means to prevent such actions.
  8. User Consent
    The User declares to have read and expressly accepted this Privacy Policy, when the legal basis for the processing is his/her consent. You can withdraw consent at any time. The withdrawal of consent will not affect the lawfulness of the processing prior to its withdrawal.

    The User undertakes to hold IDFINANCE harmless from any possible claim, fine or sanction that it may be obliged to bear as a result of the User’s failure to comply with the duty described in this paragraph.

  9. Links to Other Websites
    This website contains links to other websites not managed by IDFINANCE, so that IDFINANCE does not exercise any control over them, nor is it responsible for the information to which they have access. Please visit these websites directly to obtain information about their privacy policy, which provides information on the protection of your data, security, data collection and provisions regarding the transmission of data.

    If you follow us on our social networks, please review their privacy policies for information on how they process and share your personal data, as IDFINANCE does not exercise any control over it and has no responsibility for the information to which these websites have access.

  10. Changes to the Privacy Policy
    We will only use personal data as set out in the Privacy Policy in effect at the time the data is collected.

    IDFINANCE reserves the right to modify this Privacy Policy at any time with effect from the date of publication of such modifications on this website, so it is recommended to visit it each time it is accessed. In any case, if at any time we decide to process personal data in a different way than what was declared at the time of collection, the User will be informed of this, collecting their consent if necessary.

    In the event that any clause of this Privacy Policy is annulled or considered null and void, the rest of the conditions will not be affected, fully preserving their validity and validity, in accordance with the current regulations applicable at any given time.

  11. Governing Law
    The privacy of all the information provided, both by the User through the different personal data request forms, and that accessible through this website, is regulated by the data protection regulations in force, in particular, by the GDPR and the LOPDGDD.
  12. Cookies
    Access to this website may involve the use of cookies. Cookies are small amounts of information that are stored in the browser used by each user so that the server remembers certain information that it can later use. This information allows us to identify you as a specific user and allows us to save your personal preferences as well as technical information about the use and operation of this website.

    For more information, please consult our Cookies Policy.

 

Last Updated: May 2025