Verifacti Cookie Policy

1. Identification of the Data Controller

If you request information or if you engage Verifacti as a Client to integrate it into your SIF with the services included in the contracted Plan, the Data Controller of your Personal Data is the company Bilbabit, S.L., with registered office at c/ Udaberría, 10 -4º B -48992 - Getxo (Bizkaia), duly registered in the Commercial Registry of Bizkaia, Section 8, Sheet BI-84418 and with Tax ID: B75777847. Hereinafter, BILBABIT.

You can contact BILBABIT directly and effectively regarding this privacy policy at the following email address: info@verifacti.com.

2. What are cookies

A cookie is a device or small file that the Website server sends to the browser of the device (computer, smartphone, tablet, etc.) from which you connect, for the purpose of storing information about your browsing activity from that device, which may subsequently be retrieved.

2.1. Types of cookies

2.1.1. Own cookies

We can distinguish between "exempt" and "non-exempt" cookies:

"Exempt" cookies: these are those that are essential and strictly necessary for the proper functioning of the Website and for the use of the different options and services it offers. Therefore, these cookies can be understood as excluded from the scope of application of Article 22.2 of the LSSI (Spanish Information Society Services Act), and consequently, it would not be necessary to inform or obtain consent for their use. Among exempt cookies, we can distinguish:

• "User input" cookies
• Authentication or user identification cookies (session only)
• User security cookies
• Multimedia player session cookies
• Load balancing session cookies
• User interface customisation cookies
• Plug-in cookies for sharing social content.

"Non-exempt" cookies: these are those subject to the scope of application of Article 22.2 of the LSSI-CE and therefore it is mandatory to inform about their use and obtain the user's consent. These would be any other type of cookies not described as exempt cookies in the previous section.

2.1.2. Types of cookies according to the entity that manages them

Depending on which entity manages the device or domain from which the cookies are sent and processes the data obtained, we can distinguish:

• First-party cookies: these are those sent to the user's terminal device from a device or domain managed by the owner/editor of the Website and from which the service requested by the user is provided.
• Third-party cookies: these are those sent to the user's terminal device from a device or domain that is not managed by the owner/editor of the Website, but by another entity that processes the data obtained through the cookies. In the event that cookies are installed from a device or domain managed by the Website owner/editor itself but the information collected through them is managed by a third party, they cannot be considered as first-party cookies.

2.1.3. Types of cookies according to the period of time they remain active

• Session cookies: these are a type of cookie designed to collect and store data while the user accesses a web page. They are usually used to store information that is only relevant for the provision of the service requested by the user on a single occasion.
• Persistent cookies: these are a type of cookie in which the data remains stored on the device and can be accessed and processed for a period defined by the cookie controller, which can range from a few minutes to several years.

2.1.4. Types of cookies according to their purpose

Depending on the purpose for which the data obtained through cookies is processed, we can distinguish between:

• Technical cookies: these are those that allow the user to browse a web page, platform or application and use the different options or services available on it, such as controlling traffic and data communication, identifying the session, accessing restricted areas, remembering the items in an order, completing the purchase process of an order, submitting a registration or event participation request, storing content for video or audio broadcasting, or sharing content through social networks.
• Security cookies: those that allow the use of security features during browsing.
• Personalisation cookies: these are those that allow the user to access the service with certain predefined general characteristics based on a series of criteria on the user's device, such as the language, the type of browser used to access the service, the regional settings from which the service is accessed, etc.
• Analytics cookies: these are those that allow the party responsible for them to track and analyse the behaviour of users of the websites to which they are linked. The information collected through this type of cookie is used to measure the activity of websites, applications or platforms and to create browsing profiles of the users of those sites, applications and platforms, in order to introduce improvements based on the analysis of the usage data of the service users.
• Advertising cookies: these are those that allow the most effective management possible of the advertising spaces that the editor may have included on a web page, application or platform from which the requested service is provided, based on criteria such as the edited content or the frequency at which advertisements are displayed.
• Behavioural advertising cookies: these are those that allow the most effective management possible of the advertising spaces that the editor may have included on a web page, application or platform from which the requested service is provided. These cookies store information about user behaviour obtained through the continuous observation of their browsing habits, which allows a specific profile to be developed to display advertising based on it.

3. What cookies are used on the Website

More information about third-party cookies:

4. Information on how to modify consent, block and/or disable cookies

Cookies will be installed once you have accepted them in the manner indicated in the first layer of the cookie policy, which appears as soon as you enter the Website. You may modify the consent you have given by accessing the first layer of the cookie policy again by clicking the floating button that appears at the bottom left of your screen.

In addition, you may — at any time — manage the use of cookies through the browser installed on your device. In the following links you can find information about which cookies you have installed in the main browsers, allow their installation, block them or delete them from your device:

• Chrome, from: http://support.google.com/chrome/bin/answer.py?hl=es&answer=95647
• Microsoft Edge, from: https://support.microsoft.com/es-es/help/17442/windows-internet-explorer-delete-manage-cookies
• Firefox, from: http://support.mozilla.org/es/kb/habilitar-y-deshabilitar-cookies-que-los-sitios-we
• Safari, from: https://support.apple.com/kb/PH19214?viewlocale=es_ES&locale=es_ES

There are third-party tools available online that allow users to detect cookies on each website they visit and manage their deactivation, such as Ghostery (https://www.ghostery.com/).

Web browsers are the tools responsible for storing cookies, and from them the user can exercise their right to delete or deactivate them. This Website cannot guarantee the correct or incorrect handling of cookies by the aforementioned browsers.

In some cases, it is necessary to install cookies so that the browser does not forget the user's decision not to accept them.

5. Purpose of personal data processing

We refer to the information contained in the cookie table installed by the Website in section 3 above.

6. Retention period

The information obtained through the installation of cookies is retained for a period of two years.

7. Legal basis

The processing of your data is carried out on the legal basis of consent.

8. Recipients

The data obtained through the installation of cookies is not disclosed to any third party outside BILBABIT, unless there is a legal obligation or your express consent is requested.

9. Rights

As a Data Subject, you are entitled to exercise the following rights recognised by data protection regulations, as provided therein:

• Right to revoke at any time the consent given for the processing of such data, when the legal basis for the processing is based on that consent.
• Right of access to the personal data processed by BILBABIT.
• Right to request the rectification of inaccurate data processed by BILBABIT.
• Right to request the erasure of data when, among other reasons, the data is no longer necessary for the purposes for which it was collected by BILBABIT.
• In certain circumstances, you may request the restriction of processing of the data, in which case BILBABIT will only retain them for the exercise or defence of claims.
• In certain circumstances and for reasons related to your particular situation as a Data Subject, you may exercise the right to object to the processing of the data. In such a case, BILBABIT will cease processing the data, except for compelling legitimate reasons, or the exercise or defence of possible claims.
• In certain circumstances and for reasons related to your particular situation as a Data Subject, you may request the right to data portability. This is a right complementary to the right of access, as it allows you to obtain the data you have provided to BILBABIT in a structured, commonly used and machine-readable format, and to have it transmitted directly to another entity at the request of the Data Subject. You may exercise these rights by any means that provides proof of sending and receipt, clearly expressing your wishes in this regard and attaching a copy of your national ID document and/or any other documentation proving your identity, addressing it to the email or postal address indicated above.

Furthermore, if you consider that any of your data protection rights have been violated, you are entitled to file a complaint with the Spanish Data Protection Agency (AEPD), located at C/ Jorge Juan, 6, 28001-Madrid https://www.aepd.es/ or through the electronic headquarters of the AEPD: https://sedeagpd.gob.es/sede-electronica-web/.