Introduction
ONLEAN’s privacy policy follows international data protection legislation. In addition, ONLEAN intends to inform the user through this document of their rights and obligations regarding the privacy of their data whilst explaining the reasons for the storage and use of the data.

Data collected by ONLEAN
ONLEAN collects all the information entered in the application by the user and stores it on their own servers or on the servers of the ONLEAN storage provider. Being a Cloud service, server storage is a requirement for the operation of the application , That is why the user accepts this fact.
ONLEAN classifies data into two categories: user data and account data. The user data includes the user name and personal data, as well as photographs or other documentation that the user chooses to upload to the application in the account information part and the contact information. The account data are those related to the business account created by the user, in any of its different forms: Autonomous, Civil Society Personal or Limited Partnership, which includes billing information, expenses, contacts, workers and products.
Finally, ONLEAN collects data from the connected device through cookies. The user can deactivate the cookies in his browser so that ONLEAN does not collect such information in case the user wants it to be so. This information is used to perform navigation studies and access to the application, as well as the use of it. The navigation information includes the type of device and its characteristics, location, and connection times.

Who is responsible for the processing of your data?
Company: ONLEAN S.L
Address: Calle Peris I Mencheta 41, 2º 1ª , 08032 Barcelona, Spain
E-mail: info@onlean.com

For what purpose do we keep your personal data?
In ONLEAN S.L we treat the information that the interested persons facilitate us with the purpose of lending and / or commercializing the products and / or services offered by our firm.

In particular, based on the legitimate interest regulated in the GDPR, ONLEAN may send commercial promotions, newsletters and other information of interest to all those who have registered for a webinar or other events promoted by ONLEAN.

How long will we keep your data?
The personal data provided will be kept for the time necessary for the provision of the service requested or marketing of the product and during the legally established periods.

What is the legitimacy for the treatment of your data?
The legal basis for the processing of your data is through the consent of the affected party, the execution of a service contract and providing answers to your queries received through the contact form or email (according to the terms and conditions contained in our privacy policy).

To which recipients will your data be communicated?
The data will not be communicated to third parties except when legally obligated.

What are your rights when you provide us with your data?
Anyone has the right to obtain information about whether ONLEAN S.L is processing personal data that concerns them, or not.
Interested persons have the right to access their personal data, as well as to request the rectification of inaccurate data or, where appropriate, request its deletion when, among other reasons, the data is no longer necessary for the purposes that were collected.
In certain circumstances, the interested parties may request the limitation of the processing of their data, in which case we will only keep them for the exercise or defense of claims.
You can materially exercise your rights in the following way: by sending an email to info@onlean.com, duly identifying yourself and expressly indicating the specific right you wish to exercise.
If you have given your consent for a specific purpose, you have the right to withdraw the consent granted at any time, without affecting the legality of the treatment based on the consent prior to its withdrawal.
In case you feel your rights are violated in relation to the protection of your personal data, especially when you have not obtained satisfaction in the exercise of your rights, you can submit a claim to the competent Data Protection Control Authority through of its website: www.agpd.es

How have we obtained your data?
All personal data obtained by ONLEAN has been advanced directly by the user. We do not deal with special categories of personal data pursuant to Article 9 of the EU General Data Protection Regulation ( personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership)

Data shared by user
Many of our services allow you to share information with other users. Remember that when you share information publicly, it can be indexed by search engines. Our services provide you with different options on how to share and delete your content. How to access your personal data and update them whenever you use our services, our goal is to provide access to your personal information. If that information is not correct, we strive to provide you with ways to eliminate or update it quickly, unless we have to maintain that information for legitimate business or legal reasons. By updating your personal information, we may ask you to verify your identity so we can process your request.
We may reject requests that are more repetitive than reasonable, requiring a disproportionate technical effort (for example, developing a new system or radically changing an existing practice) that endanger the privacy of other users or are not at all practical (For example, requests that refer to information stored in backup systems). When we can offer you the possibility to access your personal data and modify them, we will do it for free, unless it requires a disproportionate effort.
By providing our services, we will protect your data so that they can not be accidentally or intentionally disposed of. For this reason, even if you delete your data from our services, we may not immediately destroy the residual copies stored on our active servers or the data stored in our security systems.

Access and modification of user data
The user can modify at any time his user data or the accounts of which he owns. ONLEAN does not store the modified information so that once the user modifies or deletes the information, he will lose it forever within the application.

The data we share
We do not share personal information with companies, organizations or individuals that are not related to ONLEAN, unless any of the following circumstances apply:

Consent: We will share your personal information with companies, organizations or individuals outside of ONLEAN when you have given us your consent to do so. Your consent will be required to share specially protected personal data.
External Treatment: We provide personal information to our affiliates or other persons or companies of confidence to carry out their processing by ONLEAN, following our instructions and in accordance with our Privacy Policy, and taking other appropriate security and confidentiality measures.
Legal reasons: We will share your personal data with companies, organizations or individuals outside of ONLEAN if we consider in good faith that there is a reasonable need to access, use, retain or disclose such information in order to: comply with any requirement under applicable legislation or regulations; Comply with the provisions of the current Conditions of Service, including investigating possible infringements, detecting or preventing any fraud or technical or security incidents, or otherwise dealing with them, protecting the rights, property Or the security of ONLEAN, our users or the general public to the extent required or permitted by applicable law.
ONLEAN expressly informs the Partner that it reserves the right to use customer data in ONLEAN development, staging, testing environment and, in general, non-production environments of ONLEAN, with the main purpose of improving the platform and enabling the development and customer success team to identify bugs and anomalies. The PARTNER declares to be aware of this practice and, to the extent required, declares his acceptance thereof

Data security
For ONLEAN, security is the most important thing. Currently, the data storage service is done through specialized providers with security certificates and anti-hacking systems. ONLEAN has decided to outsource storage to ensure the vendor meets the highest security standards, at levels that ONLEAN could not offer on its own storage servers.
We endeavor to protect ONLEAN and our users from any unauthorized modification, disclosure or destruction of the data we hold or unauthorized access to them. In particular: We encrypt many of our services through the SSL protocol. We review our policy on data collection, storage, and processing, including physical security measures, to prevent unauthorized access to our systems. We limit the access of ONLEAN contractors, agents and employees to the personal information they must process for ONLEAN and we ensure that they comply with strict contractual confidentiality obligations and are subject to the relevant disciplinary conditions or dismissal if they fail to comply Such obligations. When this Privacy Policy applies Our Privacy Policy applies to all services offered by ONLEAN and its affiliates, including ONLEAN, but excludes services that are subject to independent privacy policies that do not incorporate this Privacy Policy.

Application of the privacy policy
Our Privacy Policy applies to all services offered by ONLEAN and its affiliates, including ONLEAN, but excludes services that are subject to independent privacy policies that do not incorporate this Privacy Policy.

Law compliance
At ONLEAN we verify compliance with our Privacy Policy on a regular basis. We also adhere to different self-regulation codes. In the event that we receive a formal written complaint, we will contact the person who made it follow up on it. We will work with the relevant regulatory authorities, including local data protection authorities, to resolve any claims related to the transfer of personal data that we have not been able to resolve directly with the user.

Modifications
Our Privacy Policy may be modified at any time. We will not limit your rights under this Privacy Policy without your express consent. We will post all modifications to this Privacy Policy on this page and, if significant, we will make a more noticeable notification (for example, we will send you an email notification if the modification affects certain services). In addition, we will archive the previous versions of This Privacy Policy so that you can consult them.

Modifications
When we need to obtain information from you, we will always ask you to provide it voluntarily by giving your consent expressly through the means enabled for it.
The processing of data collected through the data collection forms of the website or other channels will be incorporated into the Registry of Treatment Activities for which ONLEAN S.L. is responsible.
ONLEAN SL treats the data confidentially and adopts the appropriate technical and organizational measures to guarantee the appropriate level of security for the treatment, in compliance with the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Board of 27 April 2016 and other regulations applicable in the field of Data Protection.
However, ONLEAN S.L can not guarantee the absolute invulnerability of the systems, therefore, it does not assume any responsibility for the damages and losses derived from alterations that third parties may cause in the computer systems, electronic documents or files of the user.
If you choose to leave our website through links to websites not belonging to our entity, ONLEAN S.L will not be responsible for the privacy policies of these websites or the cookies they may store on the user’s computer.
Our policy regarding the sending of our emails is focused on sending only communications that you have requested to receive. If you prefer not to receive these messages by email, we will offer you the possibility to exercise your right to suppress and waive the receipt of these messages, in accordance with the provisions of Title III, article 22 of Law 34 / 2002, Services for the Information Society and Electronic Commerce.