ToMate makes this privacy policy available to you on the tomate.ai website in order to inform you in detail about how we handle your personal data and protect your privacy and the information you provide to us. If we make any changes to this policy in the future, we will notify you via the website or by other means so that you are aware of the new privacy terms and conditions. In compliance with Regulation (EU) 2016/679, General Data Protection Regulation and Organic Law 3/2018, of 5 December, on Personal Data Protection and guarantee of digital rights, we inform you of the following:

​

Data Controller

​

• Owner: Trend Sights SL - NIF: B02917284

• Registered office: Al. Recalde 34-1º Izq. 48009, Bilbao (Bizkaia)

• Telephone: +34603544183

• Email: info@tomate.ai

• Web: tomate.ai

If you have any queries, doubts or suggestions regarding how we use your personal data, you can contact the Data Protection Delegate at the following e-mail address: privacy@tomate.ai.

​

For what purposes do we process your personal data?

​

At ToMate we collect and process your personal information in general in order to manage our relationship with you, the main purposes we have identified being the following:

• Management and contracting of the products and services offered by our company.

• To channel requests for information, suggestions and complaints that you may send us.

• To keep you informed about events, offers, products and services that may be of interest to you through different communication channels, provided that you have given your consent.

• Management of the employment relationship, in the case of our employees.

• Management of the commercial relationship with our suppliers.

 

How do we collect your information?

​

We collect your personal information by different means, but you will always be informed at the time of collection by means of informative clauses about the data controller, the purpose and legal basis of the processing, the recipients of the data and the period of conservation of your information, as well as the way in which you can exercise your rights regarding data protection. In general, the personal information we process is limited to identification data (name and surname, tax identification number, telephone number and e-mail address), contracted services and payment and invoicing data. In the case of personnel management and selection, we collect academic and professional data in order to meet the obligations arising from the maintenance of the employment relationship or, where appropriate, to join our staff.

ToMate uses social networks and this is another way of reaching you. The information collected through the messages and communications you post may contain personal information that is available online and accessible to the public. These social networks have their own privacy policies explaining how they use and share your information and ToMate recommends that you check these policies before using them to confirm that you agree with the way your information is collected, processed and shared. Through our website we collect personal information related to your browsing through the use of cookies. To find out clearly and precisely what cookies we use, what their purposes are and how you can configure or disable them, please see our Cookies Policy.

​

What data is shared with third parties?

​

• Personal data such as your email address and the company you belong to are not shared with any third party and it will be stored in IONOS.

• Payment details are shared with STRIPE SPAIN for the purpose of carrying out the payments associated with your needs.

• Finally, personal data included in your emails are deleted before any interaction with an intelligent system is carried out. As an example, if you enter the following email address on the platform:

​

"""

Dear Mike,

​

We are thrilled to inform you that you have been selected as the lucky winner of our exciting sweepstakes!

 

To process the delivery of your prize, we kindly request the following information from you:

​

Full Name: John Doe

Address: 123 Main Street, Anytown,

USA Phone Number: (555) 123-4567

Email Address: johndoe@email.com

​

Please be assured that all personal data provided will be handled with utmost confidentiality and used solely for the purpose of delivering your prize. We will not share your information with any third parties.

To claim your prize, simply reply to this email with the requested information within the next five business days. Once we have received your details, our team will initiate the prize delivery process promptly.

​

Once again, congratulations on your win! We look forward to hearing from you soon.

​

Best regards,

​

"""

The email used for system training will be the following. As you can see all personal data has been removed.

​

"""

Dear <PER>,

​

We are thrilled to inform you that you have been selected as the lucky winner of our exciting sweepstakes!

 

To process the delivery of your prize, we kindly request the following information from you:

​

Full Name: <PER>

Address: <LOC>,

USA Phone Number: (XXX) XXX-XXXX

Email Address: <EMAIL>

​

Please be assured that all personal data provided will be handled with utmost confidentiality and used solely for the purpose of delivering your prize. We will not share your information with any third parties.

To claim your prize, simply reply to this email with the requested information within the next five business days. Once we have received your details, our team will initiate the prize delivery process promptly.

​

Once again, congratulations on your win! We look forward to hearing from you soon.

​

Best regards,

​

"""

​

User responsibility

​

By providing us with your data through electronic channels, you guarantee that you are over 14 years of age and that the data provided to ToMate are true, accurate, complete and up to date. To this effect, the user confirms that he/she is responsible for the veracity of the data communicated and that he/she will keep this information suitably updated so that it corresponds to his/her real situation, taking responsibility for false and inaccurate data.

​

How long do we keep your information?

​

At ToMate we only keep your information for the period of time necessary to fulfil the purpose for which it was collected, to comply with the legal obligations imposed on us and to meet the possible liabilities that may arise from the fulfilment of the purpose for which the data was collected.

In any case, and as a general rule, we will keep your personal information as long as there is a contractual relationship that binds us or you do not exercise your right to suppression and/or limitation of processing, in which case, the information will be blocked without giving it use beyond its conservation, while it may be necessary for the exercise or defence of claims or could derive some kind of liability that would have to be attended to.

Specifically:

​

• In the case of having generated a user profile without having completed the payment, this information will be kept for a period of six months.

• In the case of being a customer and having terminated the contract, the information related to the contract will be kept for a maximum period of one week, after prior notification to the customer.

• In the case of receiving information from potential employees, such information will be kept for a period of one month.

• tenciales empleados se conservará dicha información por periodo de un mes.

​

To whom do we disclose your data?

​

In general, ToMate does not share your personal information, except for those disclosures we are required to make based on legally imposed obligations.

However, in order to develop and provide the requested service, we do share your information with other companies and/or startup partners.

You can inform us of your objection to the transfer of your data, although in that case, it would not be possible to provide the requested service.

Although this is not a transfer of data, in order to provide you with the requested service it may be that third party companies, acting as our suppliers, access your information in order to carry out the service we have contracted from them. These third parties access your data following our instructions and without being able to use them for a different purpose and maintaining the strictest confidentiality.

Specifically, the collaborating companies that process your data are:

​

• IONOS Cloud S.L.U, with address at Avenida de La Vega, 1 Edificio Veganova (Edificio 3, 5o-C) 28108 Alcobendas (Madrid). and CIF B85049435 as responsible for the management of the servers.

• STRIPE SPAIN S.L. with address at Calle Zurbaran, 9, Local Derecho. 28010, Madrid (Madrid). Spain.

​

Likewise, your personal information will be at the disposal of the Public Administrations, Judges and Courts, for the attention of possible responsibilities arising from the processing.

 

International data transfers

​

There are no international transfers of your data to countries outside the European Economic Area (EEA).

We have agreed with our suppliers that, for the provision of the contracted service, they make use of servers located in the EEA and if, in the future, we need to make use of servers located outside the EU territory, appropriate measures will be taken, which will be incorporated into this Privacy Policy, ensuring that such suppliers are under the Privacy Shield agreement or that other appropriate safeguards are in place.

What are your rights in relation to the processing of your data and how can you exercise them?

Data protection regulations allow you to exercise your rights of access, rectification, erasure and portability of data and to object to and restrict the processing of your data, as well as not to be subject to decisions based solely on automated processing of your data, where applicable.

These rights are characterised by the following:

They are free of charge, except in the case of manifestly unfounded or excessive requests (e.g. repetitive nature), in which case ToMate may charge a fee proportional to the administrative costs incurred or refuse to act.

You may exercise your rights directly or through your legal representative or volunteer.

We must respond to your request within one month, although, taking into account the complexity and number of requests, the deadline may be extended by a further two months.

We are obliged to inform you about the means of exercising these rights, which must be accessible and without being able to refuse you the exercise of the right on the sole ground that you choose another means. If the request is made by electronic means, the information will be provided by electronic means where possible, unless you ask us to do otherwise.

If ToMate does not comply with the request, it will inform you, at the latest within one month, of the reasons for its failure to act and the possibility to complain to a supervisory authority.

To exercise your rights, ToMate makes the following means available to you:

1. By written and signed request addressed to Trend Sights SL, Al. Recalde 34-1º Izq. 48009, Bilbao (Bizkaia) Ref. Exercise of LOPD Rights.

2. By sending a scanned and signed form to the e-mail address privacy@tomate.ai indicating Exercise of LOPD Rights in the subject line. In both cases, you must prove your identity by enclosing a photocopy or, where appropriate, a scanned copy of your ID card or equivalent document in order to verify that we are only replying to the interested party or their legal representative, in which case you must provide proof of representation. Likewise, and especially if you consider that you have not obtained full satisfaction in the exercise of your rights, we inform you that you may lodge a complaint with the national supervisory authority, contacting for this purpose the Spanish Data Protection Agency, C/ Jorge Juan, 6 - 28001 Madrid.

​

Limited Use Requirements

 

ToMate use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

 

How do we protect your information?

​

ToMate is committed to protecting your personal information.

We use reasonably reliable and effective physical, organisational and technological measures, controls and procedures to maintain the integrity and security of your data and to ensure your privacy.

In addition, all staff with access to personal data have been trained and are aware of their obligations in relation to the processing of your personal data.

In the case of the contracts we sign with our suppliers, we include clauses requiring them to maintain the duty of secrecy with respect to the personal data to which they have had access by virtue of the order placed, as well as to implement the necessary technical and organisational security measures to guarantee the permanent confidentiality, integrity, availability and resilience of the systems and services for the processing of personal data.

All these security measures are periodically reviewed to ensure their adequacy and effectiveness through cybersecurity audits carried out on a regular basis.

However, absolute security cannot be guaranteed and no security system is impenetrable, so in the event that any information processed and under our control is compromised as a result of a security breach, we will take appropriate steps to investigate the incident, notify the Supervisory Authority and, where appropriate, those users who may have been affected to take appropriate action.