Privacy Policy

1. Identity of the responsible party

In compliance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data (hereinafter, RGPD) and by the Organic Law 3/2018, of December 5, 2018 on the Protection of Personal Data and Guarantees of Digital Rights (hereinafter, LOPDGDD) guarantees the due protection of the personal data of users and for this purpose has developed this Privacy Policy.

The use of this Web site implies the acceptance of this Privacy Policy, as well as the conditions included in the Legal Notice.

Owner: VALIDATED ID SL

  • Owner: VALIDATEDID SL
  • NIF: ESB65750721
  • Address: Calle Sepúlveda, 143, 4º 2 08011 Barcelona
  • Registration data: Barcelona Commercial Registry, Volume 43051, Folio 30, Section 8, Sheet B419604
  • Email: dpo@validatedid.com
  • Telephone: (+34) 900 828 948

2. Purpose of the processing of personal data

When you enter the VALIDATED ID website to make a technical, commercial, or contracting query, you are providing personal information for which VALIDATED ID is responsible for processing. This information may include personal data such as your first and last name, email address, telephone number or other information. By providing this information, you are giving your consent for it to be treated as described in the LegalNotice and this Privacy Policy.

The purpose of collecting this personal data is none other than to respond to your queries or process service contracts. In addition, there are other purposes, such as guaranteeing compliance with the conditions included in the Legal Notice and the applicable regulations.

For more information about the processing of personal data by VALIDATED ID, you can consult the following link: Treatment Activity Log

3. Legitimation

The processing of your data is carried out for compliance with legal obligations on the part of VALIDATED ID, as well as when the purpose of the processing requires your consent, which must be given through a clear affirmative action.

The legal basis for the processing of your data, as well as other additional information, can be consulted in our Treatment Activity Log.

4. Conservation of personal data

The personal data you provide to VALIDATED ID will be kept according to its purpose, as established in current regulations or until its deletion is requested, within the legally established limits. You can consult the retention periods in our Treatment Activity Log. 

5. Data communication

 In general, personal data will not be communicated to third parties, except under legal obligation, which may include communications to Public Entities, Tax Agency, Judges and Courts.

You can consult the recipients for each of the processing activities carried out by the VALIDATED ID in the Treatment Activity Log.

6. Technical and organizational measures for data processing

VALIDATED ID has adopted the technical and organizational measures in accordance with the provisions of current regulations, with the security levels being appropriate to the data provided and, in addition, all the technical means and measures at its disposal have been installed to avoid loss, alteration, disclosure or destruction of information of the data provided to us.

This includes internal reviews of our information collection, storage and processing practices, as well as physical and logical security measures to protect against unauthorized access to the systems on which information is stored.

The technical and organizational measures for data processing, as well as the security measures implemented can be found in the following link Technical and organizational measures for data processing and security measures implemented in VIDsigner.

7. Personal data collection processes as processor or sub-processor of treatment

Due to the nature of the electronic signature services provided by VALIDATED ID S.L, this has to perform accesses to information provided by the Customer containing personal data, being considered DataProcessor under art. 28 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation or GDPR)and consequently this Privacy Policy specifies the conditions relating to such processing of personal data.

VALIDATED ID S.L., as Data Processor, informs the recipient Users whose data are processed, that it will process the personal data of Users or signatories provided by its Clients (Data Controller or Data Processor) for the provision of services in accordance with the order received and will keep them only for the time necessary to fulfill the legal and contractual obligations with its customers.

The data processed by VALIDATED ID under the order received will in no case be used for a purpose other than the provision of the signature service set out in this policy, in the contract for the provision of services or in the contract for the commissioning of processing, nor will they be transferred to third parties, except to the administrative or judicial authority that requests them and in cases where there is a legal obligation, committing to store and treat them by applying the technical and organizational measures necessary to comply with what is agreed in this contract and in the legislation in force. You can consult in the following the Register of Processing Activities as a data processor.

In the following cases, the interested party or recipient User must ensure that they read and accept the Privacy Policy of the Data Controller.

a) By collecting the User's handwritten electronic signature

The handwritten electronic signature service provided by VALIDATED ID collects as evidence of the authorship of the signature, among others, the data relating to the handwritten signature on a tablet type electronic device, which allows to capture data relating to the behavior of the signer's handwriting on a tablet type electronic device, such as pressure, speed, tilt or acceleration. Therefore, when a signatory signs a document using our handwritten electronic signature, we will be collecting this data on be half of our customers (Data Controller) after obtaining the express consent of the signatory.

b) Through data collection by a third-party Primary Service Provider

It is possible that a company (Controller or Processor) that provides services or has another relationship with the recipient User has subcontracted the services offered by VALIDATED ID toper form them. In this case, VALIDATED ID will collect your data, as Data Processor, for the purpose of providing the service contracted by that company, pledging not to use them for any purpose other than that for which they were collected.

8. Cookie Policy

The VALIDATED ID website uses cookies for its correct functioning. Cookies are files with information that are stored in your browser when you visit our website and in which the user's settings and preferences or the state of the browsing session are usually saved.

At our Cookie policy you can consult all the information related to the policy of collection, purpose and treatment of cookies.

9. Exercise of rights

VALIDATED ID informs you that regarding your personal data you have the right to:

·      To know if they are processed: Any person has, first of all, the right to know if we process their data, regardless of whether a previous relationship has existed.

·      To be informed at collection: when personal data is obtained directly from the person, at the time of providing it, the person has the right to have clear information about the purposes for which it will be used, who will be responsible for the processing, the recipients and other derived aspects of the same.

·      Regarding access: Any person has the right to know what personal data is processed, the purpose for which it is processed, the communications that will be made to other people or the right to obtain a copy or to know the expected retention period.

·      Regarding rectification: Any person has the right to rectify inaccurate data that is the subject of our processing.

·      Regarding the deletion: Any person has the right, in certain circumstances, to request the deletion of data when, among other reasons, they are no longer necessary for the purposes for which they were collected, and which justified the processing.

·      Regarding requesting the limitation of treatment: also, in certain circumstances any person has the right to request the limitation of data processing. In this case, the data will no longer be processed and will only be kept for the exercise or defense of claims, in accordance with the General Data Protection Regulation.

·      Regarding portability: Any person has the right to obtain their own personal data in a structured and readable format and to transmit it to another entity responsible for data processing.

·      Regarding opposition to treatment: Any person has the right to allege reasons related to their situation that cause their data to stop being processed to the extent that they may imply harm, except for legitimate reasons or the exercise or defense of claims.

·      Regarding not receiving information from VALIDATED ID SL: Any person has the right to no longer receive information from VALIDATED ID SL

The above rights can be exercised by sending a written request to VALIDATED ID SL to the postal address indicated in the heading, or by sending an email to dpo@validatedid.com.

If a satisfactory response is not obtained in the exercise of rights, it is possible to file a claim with the Spanish Data Protection Agency, through the contact forms or other means.

VALIDATED ID SL will respond to the interested party regarding the exercise of the requested right within a period of one month from receipt of the request. This period may be extended by another two months if necessary, considering the complexity and number of applications received. VALIDATED ID SL will inform the interested party of said extensions within a period of one month from receipt of the request, indicating the reasons for the delay.

10. Modification of the privacy policy

VALIDATED ID reserves the right to modify this Privacy Policy and data protection to adapt legislative developments, so we recommend reading it before each access and browsing the website. Notwithstanding the foregoing, the relationships established with users, prior to the modification of the Privacy Policy, shall be governed by the rules provided at the time the user accessed the website for its establishment, without prejudice to the provisions of the General Data Protection Regulation.

11. Communication and support channel

Interested parties may communicate any questions about the processing of their personal data or interpretation of our policy at the following address: dpo@validatedid.com.

10. Legislation and jurisdiction

The content of this policy is governed by the Spanish and European regulations applicable to the processing of personal data. For any matter relating to the interpretation or application of this Privacy Policy are subject, expressly and waiving their own jurisdiction, to the jurisdiction of the Courts and Tribunals of Barcelona.

11. Links of interest

  • Registry of Personal Data Processing Activities.
  • Security Policy.
  • Certification Policy.
  • Certificate of Information Security Management SystemISO 9001.
  • Information Security Management System Certificate ISO27001.
  • ENS Certificate.
  • QTSP Certificate.
  • HDS Certificate.