Privacy Policy

This Privacy Policy explains how Zensas Media Group S.L ("Verlium," "we," "us," or "our") collects, uses, and protects personal data when you use our services. We are committed to processing your data transparently and in compliance with the European Union's General Data Protection Regulation (GDPR), the Swiss Federal Act on Data Protection (FADP/DSG), and local implementing laws in key jurisdictions including Germany (BDSG), Spain (LOPDGDD), and the Netherlands (UAVG), and other applicable data protection laws.

1. Data Controller and Contact Information

The data controller responsible for the processing of your personal data is:

Zensas Media Group S.L
Avenida del Obispo Quesada 1, 2, 40006, Segovia, Spain
Email: legal@verlium.com
Website: https://zensasgroup.com/

2. Personal Data We Collect

We collect personal data primarily through direct interactions, automated technologies, and third-party sources. The categories of data collected include:

• Identity Data: Name, username, marital status, title, date of birth, and gender.
• Contact Data: Billing address, delivery address, email address, and telephone numbers.
• Financial Data: Payment card details, bank account information (for billing purposes only).
• Technical Data: Internet Protocol (IP) address, login data, browser type and version, time zone setting, location, operating system, and platform.
• Usage Data: Information about how you use our website, products, and services.
• Marketing and Communications Data: Your preferences in receiving marketing from us and your communication preferences.

3. Legal Bases for Processing (GDPR/FADP)

We rely on the following legal bases to process your personal data:

• Performance of a Contract: Processing is necessary for the performance of a contract to which you are a party (e.g., providing cloud services).
• Legitimate Interests: Processing is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests (e.g., improving services, fraud prevention).
• Legal Obligation: Processing is necessary for compliance with a legal obligation (e.g., tax or accounting laws).
• Consent: We may rely on your explicit consent for specific processing activities (e.g., direct marketing emails, non-essential cookies). You have the right to withdraw consent at any time.

4. Data Subject Rights (GDPR and FADP)

Under the GDPR and the FADP, you have extensive rights regarding your personal data:

• Right of Access: You have the right to request copies of your personal data.
• Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or incomplete.
• Right to Erasure ('Right to be Forgotten'): You have the right to request that we erase your personal data under certain conditions.
• Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data under certain conditions.
• Right to Object to Processing: You have the right to object to our processing of your personal data, particularly when based on legitimate interests or for direct marketing.
• Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

To exercise any of these rights, please contact us at legal@verlium.com. We will respond to your request within the statutory period (typically 30 days under GDPR/FADP).

5. International Data Transfers

As a provider of global connectivity and cloud services, your data may be transferred to, and processed in, countries outside your country of residence (including the EU/EEA or Switzerland).

• Adequacy Decisions: Transfers to countries deemed to provide an adequate level of protection by the European Commission or the Swiss Federal Data Protection and Information Commissioner (FDPIC).
• Standard Contractual Clauses (SCCs): Implementing the appropriate EU or Swiss Standard Contractual Clauses (SCCs) to ensure equivalent protection.
• Specific Exemptions: Reliance on explicit consent, necessity for the performance of a contract, or other legally permitted exemptions.

6. Data Security and Retention

We implement robust technical and organizational measures, including encryption, access controls, and regular security audits, to protect your personal data against accidental loss, unauthorized access, misuse, or destruction.

We retain personal data only for as long as necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements (e.g., generally 10 years for tax records).

7. Supervisory Authority

If you have concerns about our processing of your personal data, you have the right to lodge a complaint with your competent supervisory authority. For EU residents, this is the Data Protection Authority in your member state. For Swiss residents, this is the Federal Data Protection and Information Commissioner (FDPIC).

8. Changes to this Policy

We may update this privacy policy from time to time. The latest version will always be posted on our website, and we will notify you of any significant changes where required by law.