October 28, 2019
1 USE, PURPOSE, AND APPLICABLE LEGAL REGIME
The Platform is a support and interaction mechanism that offers users the chance to create Ferendums, websites through which users can take part in informal polls and votes set up by other users. It is governed by applicable Spanish law and, as regards:
- The provision of basic information society services, by Act 34/2002 of July 11, on Information Society and Electronic Commerce Services.
- The processing of personal data, by the applicable Spanish and European legislation on the protection of personal data of natural persons. In particular, Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 (hereinafter the “GDPR”) will be directly applicable from 05/25/2018, in accordance with the same Regulation.
In any case, it should be noted that the Platform is intended for users over 18 years of age; minors are prohibited from using the Platform.
The personal data and information provided by users wishing to browse or publish content on the Platform must be:
- Sufficient, but appropriate, limited, and proportionate to the legitimate purposes of processing as informed by FERENDUM.COM, with the utmost respect for the principles of purpose limitation and personal data minimization (Article 5 (1) (b) and (c) of the GDPR).
- Accurate, up-to-date, and true, in order to appropriately verify the identity and, if applicable, the representative of the user concerned, as well as to adapt, in each case, the data processing to the users’ specific needs and actual situation, all in accordance with the principle of accuracy of the personal data (Article 5 (1) (d) of the GDPR).
3 RIGHT OF INFORMATION
3.1 Personal data collected and their use
- To enable users to browse the Platform, thereby allowing access to the information and content available on it.
- To adopt any applicable protective measures in accordance with current legislation, including the possible anonymization of personal data, by applying the appropriate techniques available to that end. In this regard, anonymization and pseudonymization processes may also be carried out in order to better protect the personal data.
- To apply the relevant security, technical, and/or organizational measures regarding the users’ personal data which may appropriate in view of the risks affecting their rights as detected by FERENDUM.COM, including the encryption of personal data and other measures that may involve the processing of Platform users’ data.
- The purposes indicated in sections 3.2, 3.3, 3.4 and 3.5.
If you do not agree with the purposes of processing, we request that you leave the Platform immediately. Otherwise, by accepting this policy, or simply by continuing to browse the Platform after reviewing the information contained in this policy, for example, the user shall be considered to have unequivocally accepted the purposes of the processing previously notified. To this end, the provisions of section 4 of this policy apply regarding the consent and rights of users in this respect.
3.2 Data collected when creating a new Ferendum
Name: Names are collected and displayed to participants in a Ferendum to enable them to identify its author. We may also use it to address you by your name when we send you emails.
Email address: This will be used to contact you in relation to the service, for example to send you an email with the participation or administration links, or to send you reminders of these links if you so request.
3.3 Data collected when participating in a Ferendum
Name: Depending on the configuration chosen by the creator of a Ferendum, you may be asked for your name in order for it to be displayed to other participants in the Ferendum so that they can identify you.
Furthermore, if you log in using a social network, you will be asked for your permission to transfer personal data from the social network to FERENDUM.COM. Depending on the specific social network and its privacy settings, the following data may be transferred:
URL address of public profile pictures on the social network: We will display this image to other users. We store only the link to the image’s location, and not the image itself. Changing the image on the social network will immediately change it on our Platform. Furthermore, if you stop publicly sharing it on the social network, it will automatically stop being shown on our Platform.
URL address of personal pages (wall or profile) on the social network: If your privacy settings on the social network allow, we may store the address in order to create a link to it from the Ferendum.
Unique identifier (ID) on the social network: For security reasons and to prevent multiple participation in a single Ferendum, we may store the unique identification number assigned to you by the social network.
3.4 Data collected after filling out the contact form
Name: We will use your name to address you.
Email address: We will use the email address to contact you.
3.5 IP address storage
Your IP address may be stored at any time for security reasons.
3.6 Legitimate basis for the processing
The legitimate basis for the processing is mainly the consent of the user, such that, once users review this policy, if they accept it or simply continue browsing the Platform, they will be deemed to have given their unequivocal consent to the processing of their personal data for the purposes indicated. Therefore, if a user does not agree with this policy or the indicated purposes of processing, he or she will be requested to stop browsing and immediately leave the Platform, as stated above. If users request or purchase specific content, products or services via the Platform, the main basis for the processing will be related to the necessary implementation of pre-contractual measures at the request of the data subject, where applicable, or to the performance of a contract where the user actually purchases the content, product or service concerned.
3.7 Transfer of data
In general, users’ personal data collected through the Platform will not be transferred to third parties without prior notice as to what specific data would be transferred, the identity of the transferees or recipients of the data, their activity and the specific processing purposes for which the transferees may use the data.
Such cases aside, the users’ personal data will not be transferred to any other third party without the users’ consent or without any other legitimate basis for the processing in accordance with Article 6 of the GDPR, such as compliance with a legal obligation on the part of FERENDUM.COM (lawfulness of processing).
Any international data transfers will be carried out after adoption of the measures required by the GDPR.
4 OTHER PRIVACY-RELATED CONSIDERATIONS
In sections 4.1 and 4.2, we will set out various privacy-related considerations that users should bear in mind. We must first define the different types of user:
These are Users who create one or more Ferendums.
These are Users who take part in one or more Ferendums, either by selecting one of the given options as an answer, by adding a new option, or by entering a comment.
These may be Users who browse the Platform and who are not Creators or Participants.
Users may be both Creators and Participants.
4.1 Public and Private Ferendums
Ferendums may be public or private, depending on the configuration chosen by the creator. The implications of this configuration are described below.
Public Ferendums are listed on various sections of the Platform, allowing any person other than the Creator and the participants it concerns to see, access and take part in them. They may potentially appear as Internet search results. Setting a Ferendum to Public will help it reach a wider audience.
Private Ferendums are not listed on the Platform. Furthermore, instructions are given to search engines (such as Google) so that they do not appear in Internet search results. Setting a Ferendum to Private will help keep it secret, although it is not guaranteed that persons other than the Creator and the participants it concerns will not be able to access it.
Private Ferendums are not protected by passwords or any other access protection mechanisms. Anyone who knows its address (link or URL) will be able to access and take part in it, for example, if the address is shared on the Internet, social networks, websites, apps, or similar.
You must not enter any sensitive information that you do not wish to make public, regardless of whether the Ferendum is set to Public or Private.
4.2 Secret and Non-secret answers
The Creator may configure the Ferendum so that the answers are Secret or Non-secret.
For Secret answers, the Participants must select one (or more) options without identifying themselves to other users.
For Non-secret answers, Participants are asked to enter their name as well as their chosen option. The option selected will be visible alongside the name of all Users who access the Ferendum.
Participants who enter a Non-secret answer acknowledge and accept that their name will appear along with their chosen option.
Whether the answers are Secret or Non-secret bears no relation to whether the Ferendum is Public or Private.
5 CONSENT OF THE DATA SUBJECT
Users will have the ability to choose the processing and destination of their data, according to their specific needs and interests. When processing is based on users’ consent, they will have the right to withdraw it at any time; however, withdrawal of consent does not in any way affect the lawfulness of the processing previously carried out by FERENDUM.COM.
In any case, FERENDUM.COM may prevent use of the Platform and the services, content and functionalities associated with it if the user does not accept this policy, or does not consent to the processing of his or her personal information in accordance therewith.
Acceptance of this policy is independent of any acceptance of the specific legal terms and conditions that may govern purchases by users of the products and services available via the Platform.
FERENDUM.COM has adopted and implemented the security levels required by the applicable legislation concerning the personal data under its responsibility, depending on the risk approach taken. Additional technical or organizational means and measures of protection will also be installed and/or used to reinforce the overall security of the processing of personal data, systems, communications environments, and corporate structure, and to ensure appropriate protection against unauthorized or unlawful processing and against accidental loss, destruction or damage (principle of integrity and confidentiality).
This notwithstanding, users must be aware that Internet security measures are not in any way impenetrable and always depend on existing technology and its cost of application.
To this end, users shall pay particular attention to the application criteria and security measures, as well as all other security obligations under the GDPR, particularly Article 32 thereof.
7 DUTY OF SECRECY AND CONFIDENTIALITY
FERENDUM.COM undertakes to fulfil its duty of secrecy and confidentiality with respect to the information and personal data that have been submitted by users of the Platform and that are under its control and responsibility, in accordance with applicable legislation and the appropriate risk approach at all times.
8 COOKIES POLICY
As established in Recital 30 of the GDPR, natural persons may be associated to online identifiers provided by their devices, apps, tools and protocols such as internet protocol addresses, session identifiers in the form of cookies or other identifiers, such as radio-frequency identification tags. This can leave traces which, in particular, when combined with unique identifiers and other data received by servers, can be used to draw up profiles of the natural persons and identify them. For this reason, FERENDUM.COM has a cookies policy in line with applicable legislation.
8.1 Applicable legislation:
Article 22 of Act 34/2002, of 11 July, on information society and e-commerce services (LSSICE), concerning the rights of recipients in commercial relations sent electronically, service providers may only use data storage and recovery devices in the recipients’ terminals when the recipients have given their previously informed consent.
For that purpose, such recipients and end users must be provided with clear and complete information on the use and, in particular, on the purposes of the processing of the data, pursuant to the provisions of personal data protection legislation. Accordingly, when technically possible and efficient, the recipient’s consent to accept processing of the data may be provided by using adequate parameters of the browser or of other applications.
The above will not prevent possible storage or access of a technical nature for the sole purpose of effecting the transmission of a communication on an electronic communications network, or, to the extent that is strictly necessary, for the provision of an information society service expressly requested by the recipient.
8.2 User’s consent and cookies: general rule and exception
The sole exception from the need to obtain such consent applies to cookies that permit only communication between the user’s computer and the network and, strictly, cookies used to provide a service requested by the user. For example, so-called “technical cookies” (e.g. those necessary in order to browse the platform or app); “personalization or setting cookies” (e.g. those that allow the site to recognize the user’s language, etc.); and “security cookies” (e.g., those that detect repeated incorrect attempts to log in to a site) are excluded.
8.3 Are cookies used on the Platforms? What are they?
Cookies, i.e. files or devices that are downloaded on the user’s equipment (PC, smartphone, tablet, mobile devices, etc.) independently of their nature, are used for the principal purpose of guaranteeing correct operation of the Platform (remembering the selected language, and similar functions). Thus, in general, and notwithstanding the provisions set out below, cookies permit browsing on the Platform, as well as certain functions and services provided on it, and you are therefore informed that disabling or blocking these cookies may affect browsing or the correct or extensive use of the Platform by the user.
8.4 What cookies do we use on the Platform?
The cookies may be own or third-party cookies. Own cookies are those that are sent to or serve the user’s device from the Platform (editor) and are managed by it, while third-party cookies are those sent to or serving the user’s device from other domains or equipment not managed by the Platform (editor), but by another entity that processes the data obtained through the cookies.
Furthermore, the above cookies may be session or persistent cookies. The former are a type of cookies designed to collect and store data while the user access the Platform for the main purpose of storing information that is only of interest to store in order to provide the service requested by the user on a single occasion. However, with the latter the data continues to be stored on the user’s device and may be accessed and processed during a period defined by the controller of the cookie.
Cookies may also be technical, allowing the user to browse on the Platform and use the different options or services provided through it, such as controlling data traffic and communication, identifying the session, access restricted access sections, remembering the elements that make up a contract request, using security elements during browsing, storing content for the dissemination of videos or sound or sharing content through social media.
They may also be personalization cookies, which are those that allow the user to access the service with certain predefined characteristics according to certain criteria associated to the user’s device, such as the type of browser used to access to the service, the regional setting from which the service is accessed, etc.
Likewise, they have a statistical or informative purpose for the editor in relation to the particular use that users make of its Platform and of the contents or services provided through it.
To know the specific cookies that FERENDUM.COM uses, at the moment, in the Platform consult this table of cookies
8.5 Who uses the cookies?
The information collected through the cookies used on the Platform may be used both by the owner of the Platform and by a third party that provides a service to it. Specifically in FERENDUM.COM we share information through cookies about the use of the website with our advertising and web analysis partners.
8.6 Cookies management and settings
Based on the information offered in this policy, we offer you information on how to manage the cookies used on the Platform through the different options offered by the most commonly used browsers.
• In the menu ‘SETTINGS’, scroll to the bottom and click on ‘DISPLAY ADVANCED SETTINGS’.
• Now click ‘CONTENT SETTINGS’ in the PRIVACY menu.
• The upper section of the page which should now appear will provide you with more information regarding cookies, and allow you to install or uninstall specific cookies.
• Open the ‘TOOLS’ menu and select ‘OPTIONS’.
• Select ‘PRIVACY SETTINGS’.
Microsoft Internet Explorer 6+
• Open the ‘TOOLS’ menu and select ‘INTERNET OPTIONS’.
• Select ‘PRIVACY SETTINGS’
• These privacy settings contain six options which will allow you to control which cookies are stored on your hard drive.
• In the drop-down menu, select ‘PREFERENCES’.
• Open the ‘SECURITY’ tab.
• Select the option which suits you in the ‘ACCEPT COOKIES’ menu.
ADJUSTING SETTINGS VIA A COOKIE MANAGEMENT SERVICE: you can also choose to manage cookies via the cookie management platforms operated by advertisers.
SETTINGS FOR THIRD PARTY COOKIES: as we do not store or manage these cookies, we advise you to consult the applicable cookie management policies available directly on the advertisers’ websites.
This policy is valid from October 28, 2019. FERENDUM.COM reserves the right to modify this policy in line with any future legislative, doctrinal or jurisprudential developments that may be applicable, or for technical, operational, commercial, corporate or business reasons, giving reasonable prior notice to users of the changes made wherever possible. In any case, it is advisable to read this policy carefully when accessing this Platform, since any modification will be published via the Platform. Furthermore, FERENDUM.COM may inform individual users before any planned changes to this policy and before it enters into force, provided that it is technically and reasonably feasible, particularly when users are registered users or customers of FERENDUM.COM.
10 LEGAL CONTACT
The protection of your rights is important for FERENDUM.COM. If you wish to send us any questions or suggestions regarding this policy, please do not hesitate to contact us via the following email address:
11 APPLICABLE LAW AND JURISDICTION