Privacy Policy

 

Effective Date: December 12, 2024

 

1. Introduction

 

At DataPipeline.Pro ("we," "our," "us"), we are committed to safeguarding the privacy of personal data. This Privacy Policy describes how we collect, use, disclose, and protect the personal information we process in the course of providing Data Engineering, Data & Analytics, and Business Intelligence services to clients in Andorra, the European Union (EU), and the European Economic Area (EEA). Our practices comply with Andorra's Law 29/2021 on Personal Data Protection and the EU General Data Protection Regulation (GDPR).

 

2. Data Controller Contact Information

 

  • Company Name: DataPipeline.Pro [LEPRENO CNSL SLU]
  • Address: Principate of Andorra, AD200, Encamp, Pas de la Casa, Carrer Bearn 017, 6 10, edif. Consuegra 1
  • Registration Number: L-718174-T
  • Phone: +376.649.268
  • Email: privacy@datapipeline.pro

 

3. Categories of Personal Data Processed

 

We collect and process the following categories of personal data:

 

  • Identity Information: Name, email address, phone number, job title, employer, and business contact details.
  • Technical Information: IP addresses, system logs, cookies, and metadata collected through our platforms.
  • Service-Specific Data: Project details, system configurations, data pipelines, models, and other data provided by clients for Data & Analytics, Business Intelligence, Artificial Intelligence, or other analytical solutions.
  • Client-Provided Data: Personal data related to our clients' employees, customers, or other third parties disclosed to us as part of delivering our services. This may include contact information, transactional data, or any other information necessary for fulfilling analytical, reporting, or processing requirements.
  • Financial Information: Payment details, invoicing information, and VAT numbers for billing purposes.

 

The exact categories of data processed depend on the nature of the services provided and the agreements made with our clients.

 

4. Collection and Use of Personal Information

 

4.1 What Information We Collect

 

We obtain personal information about you if you choose to provide it – for example, your contact information when contacting our support mailboxes or registering for services. In some cases, you may have previously provided your personal information to DataPipeline.Pro (e.g., as a former employee or business partner).

If you choose to register or log in to a DataPipeline.Pro website using a third-party single sign-in service that authenticates your identity and connects your social media login information (e.g., Google, LinkedIn, or Facebook) with DataPipeline.Pro, we will collect the necessary information for registration or login, such as your name and email address. The additional information we collect depends on your privacy settings with the social media provider. Please review the privacy policies of the applicable services to understand what information may be shared.

 

4.2 Automatic Collection of Personal Information

 

In some instances, we and our service providers use cookies, web beacons, and other technologies to automatically collect certain types of information when you visit us online. This collection allows us to customize your online experience, improve our online presence, and measure the effectiveness of our marketing activities.

 

4.2.1 IP Addresses

 

IP addresses from which visitors originate are recorded for IT security and system diagnostics. This information is also used in aggregate form to analyze website trends and performance.

 

4.2.2 Cookies

 

Cookies are used to enhance user experience and collect information about website usage. These include:

 

  • Strictly Necessary Cookies: Essential for navigating the website and accessing secure areas. These cannot be disabled.
  • Performance Cookies: Gather data to improve website performance.
  • Functionality Cookies: Remember user preferences to improve experience.
  • Targeting/Advertising Cookies: Deliver content tailored to user interests and track marketing material effectiveness.

 

Users can manage cookie preferences via the cookie banner or browser settings. 

 

4.2.3 Google Analytics

 

We use Google Analytics to understand website usage patterns. More information about how Google Analytics is used by DataPipeline.Pro can be found here.

To provide website visitors with more choice on how their data is collected by Google Analytics, Google has developed the Google Analytics Opt-out Browser Add-on. The add-on communicates with the Google Analytics JavaScript (ga.js) to indicate that information about the website visit should not be sent to Google Analytics. The Google Analytics Opt-out Browser Add-on does not prevent information from being sent to the website itself or to other web analytics services. Visitors can opt out using Google’s Analytics Opt-out Browser Add-on, which prevents data collection by Google Analytics.

 

4.2.4 Web Beacons

 

Web beacons are used to track the effectiveness of marketing campaigns or gather aggregate visitor statistics. Beacons may log anonymous visits, but cookie-related data collection can be disabled by rejecting associated cookies.

 

4.2.5 Location-Based Tools

 

We collect geographical location data from devices to provide services or information relevant to your location and improve our offerings.

 

4.3 Social Media Widgets and Applications

 

Our websites include social media functionality, such as the Facebook Like button or LinkedIn widgets. These features may collect data about your interactions with our website and are governed by the privacy policies of the respective providers.

 

5. Purposes and Legal Bases of Data Processing

 

We process personal data to:

 

  1. Deliver Services: Provide customized Data Engineering, Data Analytics, and Business Intelligence solutions. Depending on the nature of the services provided and the contractual arrangements, we might act as a Data Processor on behalf of our clients, who are the Data Controllers. This means that we process personal data exclusively under the instructions of our clients and in compliance with the terms outlined in our agreements.
  2. Project Management: Coordinate project timelines, resources, and deliverables.
  3. Communication: Respond to inquiries, provide updates, and share insights.
  4. Billing and Payments: Manage contracts, issue invoices, and process transactions.
  5. Compliance: Adhere to legal and regulatory obligations, including audits and reporting.
  6. Marketing: Share newsletters, promotional materials, and event invitations (with consent).
  7. Project Management: Coordinate project timelines, resources, and deliverables.
  8. Communication: Respond to inquiries, provide updates, and share insights.
  9. Billing and Payments: Manage contracts, issue invoices, and process transactions.
  10. Compliance: Adhere to legal and regulatory obligations, including audits and reporting.
  11. Marketing: Share newsletters, promotional materials, and event invitations (with consent).

 

We process personal data to:

 

  1. Deliver Services: Provide customized Data Engineering, Data Analytics, and Business Intelligence solutions.
  2. Project Management: Coordinate project timelines, resources, and deliverables.
  3. Communication: Respond to inquiries, provide updates, and share insights.
  4. Billing and Payments: Manage contracts, issue invoices, and process transactions.
  5. Compliance: Adhere to legal and regulatory obligations, including audits and reporting.
  6. Marketing: Share newsletters, promotional materials, and event invitations (with consent).

 

Legal bases for processing include:

 

  • Article 6(1)(a): Consent for specific purposes like marketing communications.
  • Article 6(1)(b): Performance of a contract to deliver services.
  • Article 6(1)(c): Compliance with legal obligations.
  • Article 6(1)(f): Legitimate interests, such as improving services and ensuring cybersecurity.

 

6. Sharing and Disclosure of Personal Data

 

We may share personal data with:

 

  • Internal Teams: Employees and contractors directly involved in service delivery.
  • Third-Party Vendors: Providers of cloud storage, analytics tools, and technical support services, under strict confidentiality agreements.
  • Legal Authorities: When required to comply with laws or protect our legal rights.
  • Affiliated Partners: Collaborators involved in joint projects.

 

7. International Data Transfers

 

As a legal entity in Andorra, we benefit from the EU’s adequacy decision recognizing Andorra’s data protection framework. This ensures unrestricted data transfers between Andorra and the EU/EEA. For transfers outside the EU/EEA, we ensure compliance through:

 

  • Standard Contractual Clauses (SCCs).
  • Binding Corporate Rules (BCRs).
  • Explicit consent from the data subjects.

 

8. Data Retention Policy

 

We retain personal data only for as long as necessary to fulfill the purposes outlined or to comply with legal obligations. Retention periods include:

 

  • Project Data: Retained for the duration of the contract and up to 5 years post-completion.
  • Billing Records: Retained for 7 years to meet tax regulations.
  • Marketing Data: Retained until consent is withdrawn.

 

9. Data Security Measures

 

We implement robust measures to protect personal data, including:

 

  • Encryption of data in transit and at rest.
  • Role-based access control (RBAC).
  • Regular vulnerability assessments and security audits.
  • Secure development practices for all custom solutions.

 

10. Data Subject Rights

 

Under Andorra’s Law 29/2021 and GDPR, you have the following rights:

 

  • Access: Obtain a copy of your personal data.
  • Rectification: Request corrections to inaccurate or incomplete data.
  • Erasure: Request deletion of your data under specific conditions.
  • Restriction: Limit the processing of your data.
  • Portability: Receive your data in a machine-readable format.
  • Objection: Object to processing based on legitimate interests or direct marketing.

 

To exercise these rights, contact us at privacy@datapipeline.pro.

 

11. Recruitment

 

If you apply for a position with DataPipeline.Pro, we process the personal information you provide during the recruitment process.

 

11.1 Categories of Personal Data Processed

 

We may process the following personal data:

 

  • Identification Information: Name, address, email, phone number, date of birth, nationality, and gender.
  • Professional Information: CV, cover letter, qualifications, previous work experience, and references.
  • Additional Information: Any other details you voluntarily provide during the recruitment process, such as salary expectations.

 

11.2 Purpose and Legal Basis

 

If you have been contacted by one of our recruitment partners, we may have received your personal data from them. These partners will have informed you in advance about the sharing and processing of your personal data in connection with our recruitment process. Additionally, we utilize LinkedIn as a recruitment tool, which may involve processing publicly available data from your LinkedIn profile, in accordance with LinkedIn’s terms and your privacy settings.

We process your data to:

 

  • Assess your suitability for the position applied for.
  • Communicate with you regarding the recruitment process.
  • Match you to other roles within the organization if applicable.

 

Legal bases for processing include:

 

  • Article 6(1)(b): Processing is necessary to take steps at your request prior to entering into a contract.
  • Article 6(1)(f): Our legitimate interest in selecting qualified candidates for employment.

 

11.3 Retention and Erasure

 

  • If your application is unsuccessful, we will retain your personal data for up to 6 months after the conclusion of the recruitment process unless you consent to a longer retention period for future opportunities.
  • If successful, your data will be incorporated into your employment record.

 

12. Personal Information About Children

 

DataPipeline.Pro understands the importance of protecting children's privacy, especially in an online environment. Our sites are not intentionally designed for or directed at children under the age of 13. We do not intend to process personal information about anyone under the age of 13 unless it becomes necessary in connection with providing our professional services. In such cases, we will obtain consent from the parent(s) or legal guardians in accordance with applicable data protection legislation.

 

13. Data Security and Integrity

 

DataPipeline.Pro has reasonable security policies and procedures in place to protect personal information from unauthorized loss, misuse, alteration, or destruction. Despite our best efforts, however, security cannot be guaranteed against all threats. To the best of our ability, access to your personal information is limited to those who have a need to know. Those individuals who have access to the information are required to maintain its confidentiality.

We also make reasonable efforts to retain personal information only:

 

  • for so long as the information is necessary to comply with an individual's request,
  •  
  • as necessary to comply with legal, regulatory, internal business, or policy requirements, or
  •  
  • until that person asks that the information be deleted. The period for which data is retained will depend on the specific nature and circumstances under which the information was collected.

 

14. Updates to This Privacy Policy

 

We reserve the right to update this policy periodically. Changes will be posted on our website with the revised effective date.

 

15. Contact Us

 

If you have questions about this policy or our data practices, please contact:

 

Email: privacy@datapipeline.pro