These General Conditions regulate the use (including mere access) of the web pages that are part of the website, including the content and services made available on them. Any person who accesses the website accepts the General Conditions in force at each time they access this website.

Iberlayer is not responsible for the content or the status of said sites. The use of external links does not imply that Iberlayer recommends or approves the contents of the destination pages.

Iberlayer reserves the right to modify, at any time and without prior notice, the presentation and configuration of the website, as well as these General Conditions.

Obligations of the users

The User is obliged and agrees to use the website and the contents in accordance with current legislation, the Legal Notice, and any other notice or instructions made known to him, either through this legal notice or in any other place. within the web. For this purpose, the User undertakes and undertakes not to use any of the Contents for illegal purposes or effects, prohibited in the Legal Notice or by current legislation, harmful to the rights and interests of third parties, or that in any way may damage , disable, overload, deteriorate or prevent the normal use of content, computer equipment or documents, files and all kinds of content stored on any computer equipment owned or contracted by Iberlayer, other Users or any Internet user.The external links contained in this Website lead to sites managed by third parties.

Intellectual property

The name and logo of Iberlayer are a trademark registered by Iberlayer SL Any act of exploitation, reproduction, distribution, public communication and transformation of the contents of the website or parts of it, including the name and logo, is prohibited. Any unauthorized use will be investigated and prosecuted through the relevant legal channels.

Applicable law and jurisdiction

- Present Conditions of Use of the Website are governed in each and every one of its extremes by Spanish law. The language of writing and interpretation of this legal notice is Spanish. This legal notice will not be filed individually for each user, but will remain accessible through the Internet on this same Website.

- Users who have the status of consumers or users as defined by Spanish regulations and reside in the European Union, if they have had a problem with an online purchase made to Iberlayer, to try to reach an out-of-court agreement can go to the Platform of Online Dispute Resolution, created by the European Union and developed by the European Commission.

- Provided that the User is not a consumer or user, and when there is no rule that obliges otherwise, the parties agree to submit to the Courts and Tribunals of Madrid capital, as this is the place of conclusion of the contract, expressly waiving any other jurisdiction that may correspond to them.

Responsible for the treatment

Iberlayer SL, Avenida de los Labradores 1, 28760 Tres Cantos, Madrid. Spain.

dpo@iberlayer.com

Purpose, origin, legitimacy, recipients and period of conservation of the data

Details of the personal data processing carried out by Iberlayer based on the channel through which the collection is carried out, specifying types of collected data, its origin, the intended purpose, treatment legitimation, and how long the data is kept.

E-mail and contact form

Commercial communications:

Technical communications and cybersecurity alerts:

Video surveillance cameras at Iberlayer facilities:

Resumes:

Conservation periods applicable to all treatments

In certain cases and under the legitimacy of an imperative law, it will be necessary for Iberlayer to keepthe data for a period longer than that indicated. Some examples follow...

1. 4 years: Law on Infractions and Sanctions in the Social Order (obligations regarding affiliation,registration, cancellation, contribution, payment of salaries ...); Arts. 66 and following General Tax Law(accounting books ...).
2. 5 years: Art. 1964 Civil Code (personal actions without special term).
3. 6 years: Art. 30 Commercial Code (accounting books, invoices ...).
4. 10 years: Art. 25 Law for the Prevention of Money Laundering and Terrorism Financing.

Recipients or assignees

Iberlayer does not transfer personal data to third parties except by legal obligation or in cases for which the interested party consents after having been duly informed.

International transfers

There are no international data transfers.

Automated decisions

No 'commercial profiles' are created, based on the information provided. No automated decisions are made based on these profiles.

How to exercise your rights

Users can send a written communication to the registered office of Iberlayer or to the email addressindicated in the heading of this privacy policy, including in both cases a photocopy of their ID or other similaridentification document, to request the exercise of the following rights:

1. Right to request access to personal data: you can ask Iberlayer if it is treating your data.
2. Right to request their rectification (in case they are incorrect) or deletion.
3. Right to request the limitation of their treatment, in which case they will only be kept by Iberlayer forthe exercise or defense of claims.
4. Right to object to the treatment: Iberlayer will stop treating the data in the way you indicate, exceptthat for compelling legitimate reasons or the exercise or defense of possible claims they have to continue treating.
5. Right to data portability: in case you want your data to be processed by another firm, Iberlayer willfacilitate the portability of your data to the new person in charge.

Models, forms and more information on the referred rights:

Official page of the Spanish Agency for Data Protection: https://www.aepd.es

Possibility of withdrawing consent

In the event that consent has been granted for a specific purpose, the interested party has the right to withdraw consent at any time, without affecting the legality of the treatment based on the consent prior to its withdrawal.

How to complain to the Control Authority

If an interested party considers that there is a problem with the way in which Iberlayer is handling their data, they can direct their claims to the Head of Security of Iberlayer or to the corresponding data protection authority, being the Spanish Agency for Data Protection the one indicated in the case of Spain.

What are 'cookies'?

Cookies are files created in the user's browser to record their activity on the Website and allow a more fluid and personalized navigation.

Use of cookies on our website

This website does not require and does not install its own cookies, but there may be linked content from third parties that do.

Cookies deletion

To use this Website it is not necessary to install cookies, but as indicated there may be content from third parties that have used them. You can not accept them or configure your browser to block them and, where appropriate, delete them.

If you want to delete cookies from your browser, we indicate some useful links:

IBERLAYER, a manufacturer of email protection technology, openly states its intention to offer not only a service of the highest technological and avant-garde level to all its clients, but to do so based on the greatest possible internal security levels.

To this end, Iberlayer has an information security management system within the organization focused not only on achieving demanding business objectives and customer satisfaction but in guaranteeing the confidentiality, integrity and availability of the information at all times.

Our 3 pillars in the provision of our services are:

1. 1. Maximum security
2. 2. Maximum performance
3. 3. Maximum availability

To this end, it assumes its commitment to information security according to the reference standard ISO/IEC 27001:2013, for which the General Management establishes the following principles:

1. Competence and leadership by management as a commitment to develop the Information Security Management system.
2. Determine the internal and external stakeholders that are relevant to the Information Security management system and meet their requirements.
3. Understand the context of the organization and determine its opportunities and risks with respect to information security as a basis for planning actions to address, assume or treat them.
4. Ensure to guarantee the satisfaction of our clients, including the parties interested in the results of the company, in everything related to the performance of our activities and their impact on society.
5. Establish objectives and goals focused on evaluating performance in Information Security, as well as continuous improvement in our activities, regulated in the Information Security System. Management that develops this policy.
6. Compliance with the requirements of the applicable and regulatory legislation to our activity, the commitments acquired with clients and interested parties and all those internal rules or action guidelines to which the company is subject .
7. Ensure the confidentiality of the data managed by the company and the availability of the information systems, both in the services offered to clients and in internal management, avoiding undue alterations in the information.
8. Ensure the response capacity in emergency situations, restoring the operation of critical services in the shortest time possible.
9. Establish appropriate measures to treat the risks arising from the identification and evaluation of assets.
10. Motivate and train all staff who work in the organization, both for the correct performance of their job and to act in accordance with the requirements imposed by the Reference Standard, providing a < b>suitable environment for the operation of the processes.
11. Maintaining fluid communication both internally, between the different levels of the company, and with clients.
12. Evaluate and guarantee the technical competence of the staff for the performance of their functions, as well as ensure adequate motivation for their participation in the continuous improvement of our processes.
13. Guarantee the proper state of the facilities and adequate equipment, in such a way that they are in correspondence with the activity, objectives and goals of the company
14. Guarantee a continuous analysis of all the relevant processes, establishing the pertinent improvements in each case, based on the results obtained and the established objectives.

These principles are assumed by the General Management, which has the necessary means and provides its employees with sufficient resources to comply with them, embodying them and making them publicly known through this Information Security Policy.

According to the provisions of the European General Data Protection Regulation (RGPD) 2016/679 of the ParliamentEuropean and Council, of April 27, 2016, on the protection of natural persons in relation to thetreatment of personal data and the free circulation of these, and based on Organic Law 3/2018 on Protectionof Personal Data and guarantee of digital rights (LOPDGDD), we inform you that we will respect at all timesthe confidentiality of your data that is under the exclusive responsibility of:

Identity and contact details of the person in charge: IBERLAYER sL. (CIF B86621984)

Contact details:

1. Registered address:
   AVDA LABRADORES 1 28760 TRES CANTOS MADRID
   Telf. 911 863 476
   Email:dpo@iberlayer.com

Data origin: The data collected has been provided directly by you, through thecompletion of the above form, and have not been collected from any other source.

Data and purpose: The personal data collected correspond to identification data (Name,Surnames, telephone and email) and professional data, in order to:

1. Respond to your request, request or query about our services.
2. Management of your curriculum vitae in personnel selection processes.
3. Any complaint / claim, suggestion or congratulation that you want to send us.

Legitimation of the treatment: The Legal Basis of the Treatment is the consent granted by theinterested, and may be revoked at any time.
However, you have the right to oppose this treatmentof your data, being able to do so through any of the means described in this Policy.

Data retention:The data collected to respond to your request, request or query ofOur services will be kept indefinitely until, where appropriate, you express your willingness todelete them.
The curriculum vitae data will be kept for a maximum period of twenty-four months from receipt.After this period without an update of the same, they will be destroyed.
Thedata of complaints / claims or suggestions, will be kept for a maximum period of twelve months from itsreception.

Data recipients: Your personal data will not be communicated to third parties.

International data transfers: They are not foreseen.

Automated decisions: No automated decisions are made regarding your data.

Rights of the interested party:

1. Access: right to obtain confirmation as to whether IBERLAYER is processing your personal data, to know whichthey are, what they are used for, how long they will be kept, their origin and whether they have been communicated or are leavingto communicate to a third party.
2. Rectification: right to request the rectification of inaccurate data and to have the data completedincomplete personals.
3. Cancellation: right to request the deletion of personal data when they are inappropriate,excessive or no longer necessary for the purposes for which they were collected, including the right to be forgotten.
4. Opposition: right to object, in certain circumstances, to the processing of your dataor to request that the treatment be stopped.
5. Limitation of Treatment: right to request, in the legally established circumstances, thattreat your data beyond the mere conservation of the same.
6. Portability: right to receive personal data in a structured format, of common use andmechanical reading, and to be able to transmit them to another person in charge, whenever it is technically possible.
7. Not to be subject to automated individual decisions: the right to guarantee that you are not subject todecision based solely on the processing of your data, including profiling (any formof treatment of your personal data that evaluates personal aspects, in particular analyze or predictaspects related to your performance at work, economic situation, health, preferences or interestspersonal, reliability or behavior), that produces legal effects on you or affects yousignificantly similarly.

Exercise of rights: The exercise of rights must be made in writing, attaching a photocopy of youridentification document, directing your request to the email address dpo@iberlayer.com. For moreInformation can be consulted at www.agpd.es

Right to claim before the Control Authority: If you consider that your rights have not been respected, you cansubmit a claim by writing to the Spanish Agency for Data Protection located on CalleJorge Juan, 6 – 28001 – Madrid or use the electronic office: https://sedeagpd.gob.es. In both cases, you mustaccompany the relevant documentation.