Last updated on November 15, 2022.
1. Who are we?
Caf-Corporation was born in 2021 and since then We deal With The Aspects of Professional Cost Engineering Services, providing collaborative solutions based on “Data Analysis” and “Learning Machine – Cost Benchmarking” technology for budgetary estimation of industrial projects. The availability of this type of information is vital in the decision-making exercises of industrial corporations.
- Company: CAF CORPORATION INGENIERÍA DE COSTES SL
- CIF: B67719633
- Address: Plaza de Colón 2 , 14001 Córdoba (Spain)
- E-mail: firstname.lastname@example.org
We have the objective and the legal obligation to inform you clearly and precisely of the way in which we process your personal information when you access the websites hosted under the domain names and subdomains dependent on our Website.
We also inform you that access to the Website is permitted whether you are an individual or a legal entity, provided that you have successfully completed registration and meet the following requirements:
- Individuals: access to the Website is permitted to the extent that you comply with our K12 User Policy, subject to any additional access requirements under the applicable laws of the country in which you reside:
- You must be at least thirteen (13) years of age and reside in the U.S. or have the express consent of your parent or legal guardian.
- You must be at least sixteen (16) years of age and reside outside the U.S. or, if you are under sixteen (16) years of age but have the consent of your parent or legal guardian.
- In order to ensure that the age criteria are met, Caf-Corporation reserves the right to make appropriate verifications and to prohibit access to those Users whom it knows or suspects do not meet these requirements.
- Download our DPA through the following link and send it to us signed at email@example.com.
- Access to the FERPA statement
- Access to the COPPA statement
- Access to our California AB 1584 Compliance Statement.
- Notwithstanding the foregoing, Schools and Educational Centers are informed that Genially processes the data of the K12 Users on the basis of the consent of their parents or legal guardians through the system validated by IkeepSafe “Email Plus”. Therefore, in accordance with FERPA, in no event, Genially is deemed as “School Official” and the data collected are not considered an “Educational Record”. If you are acting on behalf of a school, please contact us so that we can enter into an appropriate agreement if necessary.
3. Which data do we collect?
The provision of your data through the registration form and while browsing through our Website is voluntary. However, it is essential for the provision of our Services that you provide us with certain personal information, otherwise it would be impossible for us to provide them to you.
You also guarantee that the information you provide us is truthful, exact, current and authentic and you agree that Caf-Corporation reserves the right to exclude from the Web Site those Users that it considers that they are providing false, erroneous or incorrect information.
In this sense, Caf-Corporation processes the following personal data:
- Identifying information, such as first and last name.
- Contact data, such as email address and/or postal address.
- Sector and role data, such as the field in which the User works or studies and his/her position in the organization to which he/she belongs.
- Navigation data for purposes of improving the service and the available content.
- Data about Users’ preferences and interests in relation to the digital content offered on Caf-Corporation´s Website.
- Data that Caf-Corporation’s Web Site servers can automatically detect, such as the IP addresses of Users.
- Data about Users’ preferred language.
4. For what purposes do we process your data?
The processing that we carry out on your data corresponds to a purpose provided for by the law (legitimate basis), as detailed below:
- Genially’s legitimate interest
- To process, manage and resolve your possible complaints, suggestions or queries or those of other Users.
- To carry out studies to improve the quality of our Services, we use data on the preferences of the Users.
- In case you have completed the registration process, to send you commercial communications about products and services offered by Caf-Corporation that could be of your interest, related to the ones you have previously contracted, by any means including electronic.
- To manage a pre-contractual relationship
- To manage the reception of candidacies and the possible participation in Genially’s selection processes.
- To manage a contractual relationship
- For the provision of Services, such as making available to you different functionalities of Caf-Corporation so that you can elaborate in an easy and simple way the creations you need.
- To comply with a legal obligation
- For the purpose of communicating information to public authorities, regulators or governmental bodies in those cases where it is necessary to do so by law, local regulation or in compliance with regulatory obligations.
5. What is our K-12 User Policy?
- K-12 FERPA and COPPA Policy
- COPPA protects the online privacy of children under the age of 13 in the U.S. If more information about COPPA and the general protection of children’s privacy online, please visit Protecting Your Child’s Privacy Online at https://www.consumer.ftc.gov/articles/0031-protecting-your-childs-privacy-online
- How can a K12 User who resides in the U.S. register on the Website?
- If you are a K12 User residing in the U.S. to register on our Web Site you will need to enter your date of birth on the age verification screen and then introduce your parent’s or legal guardian’s email address so that they are informed of your registration on our Web Site and authorize us to grant you access. It is necessary that your parents or guardians provide us with their consent within seven (7) calendar days of receipt of the aforementioned email. If within this period we do not receive a response, all personal data provided, including parent’s or legal guardian´s email address, shall be deleted.
- What functionalities are limited for a K12 User residing in the U.S?
- Once we have received your parent’s or legal guardian’s authorization, you will be able to access the Website. However, if you reside in the U.S. the following functionalities will be restricted:
- You will only be able to publish their creations in private option (no google indexing)
- You will not be able to make your creations reusable
- You will not be able to add collaborators
- Your personal information will not be public
- You will not have options to share your creations on non-educational social networks.
- You will have all email notifications deactivated
- You will not be able to have a social profile
- You will not be able to access to the Website through social networks
- You will not be able to incorporate external content via script
- What rights do the parents of a K12 User have?
- Regarding COPPA, parents or legal guardians of the K12 Users will have a several rights in relation to the information that Caf-Corporation processes about their children. In this sense, parents will be able to manage, limit and prohibit the use of their children’s information. To do so, they only need to contact us at the following address: firstname.lastname@example.org If you are a parent or legal guardian of a K12 User, please note that you have the following rights:
- You will have the ability to review the personal information collected from your child
- You will have the ability to revoke your consent and refuse further use or collection of your child’s personal information at any time
- You may request deletion of your child’s personal information
- Please note that when you exercise any of these rights, we may request additional information to verify that you are the parent or legal guardian of the K12 User
- Regarding FERPA, Caf-Corporation will work with schools to provide parents access to information in School User accounts at the request and direction of the school. If you experience any difficulties in this process, please contact us as described below.
- How long do we keep a K12 User’s information?
- We will keep the information as long as the K12 User uses our Web Site. We consider that after one (1) year with no activity, the K12 User’s personal information will be deleted.
6. Which rights do California consumers have?
The CCPA provides consumers with specific rights regarding their personal information. You have the right to request that businesses subject to the CCPA (which may include our Users with whom you have a relationship) disclose certain information to you about their collection and use of your personal information over the past twelve (12) months. In addition, you have the right to ask such businesses to delete personal information collected from you, subject to certain exceptions. If the business sells personal information, you have a right to opt-out of that sale. Finally, a business cannot discriminate against you for exercising a CCPA right. Please see the information collection, use, disclosure, and individual rights sections above to learn about Caf-Corporation´s practices when Caf-Corporation acts as a “business” subject to the CCPA.
When offering services to its Users, Caf-Corporation acts as a “service provider” under the CCPA and our receipt and collection of any consumer Personal Information is completed on behalf of our Users in order for us to provide the Service. Please direct any requests for access or deletion of your Personal Information under the CCPA to the User with whom you have a direct relationship.
7. Why do we need to process your personal data?
Please note that in order you may enjoy our Web Site it is necessary for us to process your personal data so that, by registering on it, you declare that you have been informed of the privacy conditions and you authorize us to collect your data in accordance with the purposes that we have indicated above, otherwise we will not be able to provide you the Services.
In addition, you agree to inform us of any changes and/or updates to the data you have provided us, ensuring that they are true and accurate for as long as you are our User. For security reasons of our Web Site, Caf-Corporation reserves the right of admission of Users.
8. With whom do we share your data?
As we mentioned earlier, transparency is very important to us, consequently, we will not share the personal data you provide us with any third party for other purposes than to guarantee the functioning of our Web Site, that is, in order to provide you with our Services through our Web Site, certain suppliers need access to the personal data of our Users, so it is essential that we share certain information with them.
We also guarantee that we only share data with third parties within the framework established by law and for the purpose of receiving maintenance, support and operational services regarding our Web Site.
Please note that we only use third party services whose policies are aligned with ours, therefore, we make available to you the privacy policies of each of our providers in order you can understand how your information will be processed within the framework of the services provided to Genially:
|Godaddy||Hosting Services||All customer data||https://www.godaddy.com/es-es/legal/agreements/privacy-policy||No|
|Hubspot||Hobspot is a sales management and CRM tool||Email, Plan, Sector, Role, Country, geniallys number, last access, Phone number||https://legal.hubspot.com/privacy-policy||No|
|Mailchimp||Mailchimp is the integrated marketing platform companies||User’s email address, role, sector, language, plan, number of geniallys, last access, subscription type, registration date, country||https://mailchimp.com/legal/privacy/||No|
|Social Network||Allows users to share information and access the Web Site through Social Login||https://www.facebook.com/policy.php||Yes|
|Social Network||Allows users to share information and access the Web Site through Social Login||https://twitter.com/en/privacy||Yes|
|Social Network||Allows users to share information and access the Web Site through Social Login||https://www.linkedin.com/legal/privacy-policy||Yes|
|Social Network||Allows users to share information||https://policy.pinterest.com/es/privacy-policy||Yes|
|Office 365||Line of subscription services offered by Microsoft||Allows users to access the Web Site through Social Login||https://privacy.microsoft.com/es-es/privacystatement||Yes|
|Internet-related services and product||Allows users to access the Web Site through Social Login||https://policies.google.com/privacy?hl=en-US||Yes|
|Stripe||A payment API package for companies operating on the Internet, including fraud prevention and subscription management||User’s purchase data (email, card, country)||https://stripe.com/es/privacy||No|
|Logrocket||LogRocket combines session replay, performance monitoring, and product analytics – empowering software teams to create the ideal product experience||Record sessions of application usage or functionalities||https://logrocket.com/privacy/||No|
|Google Analitycs||Free web analytics tool from Google||User ID||https://policies.google.com/privacy?hl=en-US||Yes|
As a general rule, our suppliers are located in the European Economic Area or in countries with an adequate level of protection according to the European Commission, so we do not carry out international data transfers. However, it is possible that, in certain circumstances, some services are contracted from suppliers that do not have offices in the European Union, in these cases, Caf-Corporation will enter into a standard contractual clauses approved on July 4, 2021 by the European Commission with them.
9. How long do we store your data?
We store your personal data to the extent that they are necessary for the purpose for which they were collected, that is, we will only keep your data while there is a contractual and / or business relationship with you, unless you wish to exercise your rights of opposition or deletion, in which case, they will be retained, without giving them any use, while they may be necessary for the exercise of claims or may arise some kind of legal or contractual responsibility that must be addressed and for which recovery is necessary.
10. What are your rights as a User?
As a User, you can withdraw your consent at any time when it has been granted for the processing of your data and, in no case, such withdrawal will condition the execution of the service contract or the relationships generated previously.
Likewise, at any time you can exercise your rights of Access, Rectification, Cancellation, Opposition, Portability and/or to be forgotten by writing to the contact email that we have enabled for this purpose: email@example.com; indicating in the subject expressly the request you wish to make or by writing to the postal address indicated in paragraph 1, indicating the reference “Personal Data”, specifying the right to be exercised and with respect to what personal data.
If we are unable to verify your identity correctly, we may request additional information from you.
Below, we briefly explain what your rights consist of:
- Access: through the exercise of this right you may know which personal data we are processing; for what purpose or its possible transfer to third parties.
- Rectification: you can modify your personal data that are inaccurate or incomplete, specifying in your request which data you want to be modified.
- Cancellation: allows the cancellation of your personal data.
- Opposition: you can oppose the processing of your data for a specific purpose, for example in the hypothetical case that your data is used for advertising and commercial prospecting activities.
- Portability: you may receive your personal data provided in a structured, commonly used and machine-readable format, and be able to transmit it to another data controller, provided that it is technically possible.
- Right to be forgotten: you may request the deletion of personal data without due delay when any of the events contemplated by law have occurred. For example, unlawful processing of data, or when the purpose for which the data was collected or processed has disappeared.
11. Where do we store your data?
Caf-Corporation stores your data in the EEA, however, it is possible that certain of our suppliers may be located in third countries, in such cases, we ensure that the recipient of your Personal Information offers an adequate level of protection by entering into appropriate agreements. All international transfers are made on the basis of the EU Commission approved standard contractual clauses (“SCCs”).
Caf-Corporation maintains strict organizational and technical measures to protect Personal Information stored on our, and our trusted third parties’, servers. Access to any personal information we process in order to provision the Services is limited through login credentials, multi-factor authentication, access on a need-to-know basis and restricted access to administrative accounts for the employees who require access in order to perform their duties towards you, such as providing support services.
If you want to know more about Caf-Corporation´s international transfers and the measures we take to keep your Personal Information safe, please reach out to us on firstname.lastname@example.org
13. Change of Control
In the unlikely event that Caf-Corporation goes out of business, or files for bankruptcy, we will protect your personal information, and will not sell it to any third-party.
14. How do we protect your data?
Finally, we have to tell you that your data are safe with us since we will process them in an absolutely confidential way and we implement adequate technical and organizational measures to guarantee their security and avoid their destruction, loss, illicit access or illicit alteration.
More specifically, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, Caf-Corporation shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate:
- the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
- the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;
- a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.
In assessing the appropriate level of security account shall be taken in particular of the risks that are presented by processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data transmitted, stored or otherwise processed. If Caf-Corporation becomes aware of a systems security breach by an unauthorized party or that any user data was used for an unauthorized purpose, we will comply with relevant state and other data breach laws. We will notify users of any breach resulting in unauthorized release of data electronically, at minimum, and without unreasonable delay so that you can take appropriate steps. The notification will include: date of the breach, the types of information that were subject to the breach, general description of what occurred, and steps Caf-Corporation is taking to address the breach.
15. Who can answer my questions?
- COPPA: means Children’s Online Privacy Protection Act.
- DPA: means Data Processor Agreement in accordance with the requirements set forth in article 28 GDPR.
- EEA: means European Economic Area.
- EU: means European Union.
- FERPA: means Family Educational Rights and Privacy Act.
- GDPR: means European Data Protection Regulation.
- iKeepSafe Children’s Online Privacy Protection Safe Harbor: means that our privacy practices have been approved by the iKeepSafe certifying entity.
- K12 Users: means a natural person who, due to age requirements, is subject to the K12 Policy.
- K12 User Policy: means criteria required for registration on the Website based on compliance with FERPA, COPPA and GDPR which provides that Users must (i) be at least thirteen (13) years old and reside in the U.S. or have express parental or legal guardian consent or; (ii) be at least sixteen (16) years old and reside outside the U.S. or, even if under sixteen (16) years old, have parental or legal guardian consent.
- Services: means the services provided by Caf-Corporation, including the software services available on the Website.
- Users: means natural or legal person who, fulfilling the access requirements, has registered on the Caf-Corporation Web Site.
- Website: means websites hosted under the domain names and all those subdomains dependent on Caf-Corporation.