Data Privacy Policy

By virtue of the obligations established in current regulations on data protection, especially Regulation (EU) 2016/679, April 27, 2016, and the free flow of this data and the Spanish and Argentine data protection regulations, the contact information of the Data Controller is shown below.

Data Controller of personal data:
Extend IT S.R.L. (hereinafter “Data Controller of personal data” or “Controller”), which holds Argentine tax identification number 30-71027669-9.

The registered office of the Controller is domiciled at Avenida Congreso 2157 Piso 5 Dept. 3, City of Buenos Aires, the email address is: compliance@extendit.com

The Purpose of the processing of personal data carried out or may be carried out by the Controller, or the Processor designated by the Controller.

Personal data may be collected and processed by the Controller or the Processor designated by the Controller, for below purposes:

  • Data provided through the contact channels found on the website (through the “Schedule time with us” option or any other channel enabled for this purpose):
    • Management of, process of and respond to requests, incidents or queries from the user.
  • Data provided for the submission of a job application, both through the enabled mail, and the web:
    • Referral of the details of the offer to the candidate and evaluation of their profile.
    • Management of the recruiting process.
  • Data related to the computer control of the website:
    • The Controller, directly or through a Processor, will carry out those actions to monitor and control the use of the website in order to prevent and detect any fraudulent use (such as technical manipulations, code modifications, etc), in order to avoid, prevent and/or detect any unauthorized access, alteration or loss of information related to third parties other than the user which may generate civil, criminal and/or administrative responsibilities for the Controller.

Which personal data is the Controller or the Processor processing about the user?
The Controller or Processor will process below categories of personal data:

  • Data provided through the contact channels available on the website (through the “Schedule time with us” option or any other channel enabled for this purpose):
    • User´s basic personal data: name, surnames, email;
    • Information that user provides to process their request, such as: company in which user works, legal information of the company, position, postal address, email and phone number;
      • Information about academic training and professional experience;
      • Payment information, such as credit or debit card number;
      • Interests and preferred communication mean.
  • Data provided for the submission of a job application, both through the available email address, and the web:
    • User´s basic personal data: Name, surnames and email address;
    • Information about academic training and professional experience
  • Data collected for the technical maintenance purposes of the website:
    • Internet Protocol (“IP”) address used to connect user´s device to the internet;
    • Information about user´s device, connection, browser type and version, operating system, mobile platform, and unique device identifier (“UDID”) and other technical identifiers;
    • Uniform Resource Locator, clickstream data (including date and time), URLs of reference and exit, search terms, and visited and surfed pages;

If the user provides personal data of third parties, such as photographs of minors or contact information of collaborators, user declares to have obtained the consent of said third party and accepts to provide this third party with the information described in the Privacy Policy, exempting the Controller from any responsibility. However, the Controller may often verify this fact, adopting the appropriate diligence measures in accordance with data protection regulations.

On which legal basis does the Extend IT process your personal data?
User´s personal data will be processed based on below legal basis:

  • Data provided through the contact channels available on the website (through the “Schedule time with us” option or any other channel available for this purpose):
    • Consent to manage, process and respond to requests, incidents or queries from the user.
  • Data provided for a job application, both through the available mail, and the web:
    • Consent to manage the recruiting process in relation to the position applied;
    • Our legitimate interests, or those of a third party, in those cases in which they do not conflict with user´s interests or fundamental rights and freedoms, for the purpose of the recruiting process.
  • Technical support of the web:
    • Legitimate interest of Controller with the purpose of guaranteeing a safe navigation of the users in the web environment.

All the consents collected for the aforementioned purposes are independent from each other and the user can revoke only one of them without affecting the others. In addition, when the processing of personal data is based on our legitimate interest, the user can oppose the processing of personal data, as well as exercise any of their rights recognized by the current legal framework, as detailed in the section of this policy dedicated to the rights of users.

Other potential uses of personal data provided by user.
In addition to what is described above, Extend IT may use user´s personal data to:

  • Provide product or other technical support and help keep the service running securely.
  • Reinforce, evaluate and improve the service, and be able to develop new products or services.
  • Notify users of changes or updates to Extend IT products and services.

The legal basis for these potential uses will be consent obtained in accordance with the current regulatory framework and, where appropriate, the execution of a contract between user and Extend IT or our legitimate interest. User can oppose any of the aforementioned types of processing of personal data as detailed in the section on user´s rights.

How long does Extend IT retain your personal data?
User´s personal data will be process as long as this processing is necessary to maintain the professional relationships between Extend IT and the user.

Users´personal data will be retained as long as necessary to provide users with our services and products, or users request for its removal as a client, whichever is the sooner.
The necessity for the personal data is determined on a case-by-case basis and is driven by factors such as the nature of the data, the purpose for the collection and processing, and any applicable legal or operational retention needs. For instance, if the individual sends a copy of their identity document to exercise any of their data protection rights, that personal data will be deleted once the request has been correctly addressed.

Besides, once user´s personal data is deemed as no longer necessary and/or once individual requests for their removal as a client, Extend IT will maintain personal data blocked during the limitation period of any legal actions that may derive from the relationship with the user or for the compliance with the requirements of public authorities. With this blocking, the controller will not have access to user´s personal data and will only process it to make it available to the relevant Public and Judicial Authorities for exercising the possible responsibilities related to the processing of the data. Personal data will remained blocked for the periods set forth in the applicable provisions, proceeding with the physical deletion of such personal data once said periods have elapsed.

Who has access to your personal data?
Users´personal data may be accessed by:

Public Authorities, in the situations set forth by law or in compliance with a judicial order.

Suppliers and service providers, including our providers of email services, postal services and information technology services, among others.

All companies linked to Extend IT around the world, to help us develop our services, systems and applications; process payments, and provide customer support.

The Controller undertakes to select suppliers that comply with the current regulatory framework regarding the protection of personal data in the European Economic Area, as well as the Argentine regulatory framework.

Any information that users publicly disclose may be collected and used by others, may be indexed by search engines, and may not be able to be removed. Please, be careful when disclosing personal information in these public areas.

Protection of personal data of minors
We do not collect, use or disclose personal data of children under the age of 18, nor do we direct our site or services to children under the age of 18.

International Transfer of Personal Data
The user is informed that the Controller may hire technological services with entities whose headquarters are located outside the territory of the European Economic Area; nonetheless, the Controller will verify that said entities are adequate to the current regulations on data protection in the European Economic Area, as it is the most demanding regulatory framework in the market.

Additionally, it is possible that user´s data will be transferred to Argentina, a country that has been declared with an adequate level of protection by the European Commission in 2003, which is the reason why these potential transfers are based on the Adequacy Decision 2003/490/CE.

In any case, Extend IT operations are adapted to the local frameworks of those countries where Extend IT operates; besides, Extend IT operations are also in compliance with the European regulatory framework on the protection of personal data.

How does Extend IT protect your personal data?

The Controller will always process the user’s personal data in an absolutely confidential manner and will keep the due duty of secrecy with respect to them, in accordance with the provisions of the applicable regulations, adopting for this the necessary technical and organizational measures to guarantee the security of the user’s personal data and avoid its alteration, loss, processing or unauthorized access, taking into account the type of technology, the nature of the data stored and the risks to which this personal data is exposed.

Which rights do users have concerning their personal data?

In accordance with the provisions of Law No. 25 326 on Data Protection of the Republic of Argentina, all users have the following rights:

  • Request for prior information about what your data is requested for.
  • Object the usage or recording of their personal data without prior consent.
  • Request information about what personal data is registered in public or private data banks.
  • Request for the rectification or update of their personal data.
  • Request for the erasure of their personal data, where appropriate.
  • Require the Controller to keep the data confidential.
  • Initiate legal proceedings to request portability of their personal data or demand its rectification, deletion, confidentiality or updating.

In addition, given that our organization is committed to the highest standards in terms of personal data protection, in accordance with the framework of rights set forth in the European regulation on the matter, the user has the following rights:

Rectification of their personal data. This right entitles users to have their personal data be corrected or modified, if inaccurate or incomplete.

Erasure of their personal data. This right entitles user to request the erasure of their personal data, where any of the situations set forth in the regulations is found; for instance, where the proceeding is illegal, or the processing or collection of such personal data will no longer be necessary to achieve the purposes.

Objection to the processing of their personal data. This right entitles user to request that Extend IT no longer processes their personal data, when, for reasons related to their personal situation, the processing of their personal data must cease unless a legitimate interest is proven, or it is necessary for the exercise or defense of claims; or, when the purpose of the processing is direct marketing.

Restriction of processing their personal data. This right entitles users to request that Extend IT only processes their personal data in certain circumstances; for instance, if:

– The accuracy of the data is contested (and only for as long as it takes to verify that accuracy);
– The processing is unlawful, and the user requests restriction (as opposed to exercising the right to erasure);
– Extend IT no longer needs the data for their original purpose, but the data is still required by the data subject to establish, exercise or defend legal rights;
– Verification of overriding grounds is pending in the context of an erasure request for the fulfillment of a mission in the public interest or for the satisfaction of a legitimate interest.

Portability of your personal data. This right entitles users to receive a copy, in an electronical format, of personal data that users have provided to Extend IT, or request Extend IT to transmit such personal data to another entity.

Exercising these rights is free of charge.

User, in order to exercise their rights, can contact the representative for the protection of personal data of Extend IT at Avenida Congreso 2157 Piso 5 Dpto. 3, City of Buenos Aires, or compliance@extendit.com

Requestors may be required supporting documentation such as the National Identity Document Number to verify their identity.

If requestor considers that Extendi IT has processed their personal data in an inappropriate manner which is not in accordance with the regulations regarding the processing of personal data or is not satisfied with how Extend IT has processed their request for the exercise of their rights, requestor can file a claim with the Argentine Agency of Protection of Personal Data if residing in Argentina or before the Spanish Data Protection Agency (www.aepd.es) if residing in the European Economic Area.

Users may raise the issues related to this Policy, as well as exercise their rights within the legally established terms, for which they must send a message by email or postal mail to the Controller describing the request and provide a copy of the identity number or national document, in order to verify their identity.

Changes
The Controller reserves the right to revise its Privacy Policy at any time. For this reason, data subjects are asked to regularly review this privacy statement for the latest version of Extend IT’s Privacy Policy.