I. PRIVACY AND DATA PROTECTION POLICY

In accordance with current legislation, REPROCopilot (hereinafter referred to as the Website) pledges to implement the necessary technical and organizational measures, tailored to the appropriate level of security for the risk associated with the data collected.‍

Legislation Underpinning this Privacy Policy

This privacy policy is crafted in strict adherence to the current Spanish and European regulations governing the protection of personal data on the internet. Specifically, it aligns with the following statutes:

- The General Data Protection Regulation (EU) 2016/679 (GDPR) of the European Parliament and of the Council of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.

- The Organic Law 3/2018, of December 5, on Personal Data Protection and the guarantee of digital rights (LOPD-GDD).

- The Royal Decree 1720/2007, of December 21, which approves the Regulation developing the Organic Law 15/1999, of December 13, on the Protection of Personal Data (RDLOPD).

- The Law 34/2002, of July 11, on Information Society Services and Electronic Commerce (LSSI-CE).

Identity of the Data Controller

The entity responsible for processing the personal data collected by REPROCopilot is Repro Copilot, S.L., holding tax identification number NIF: B19854827, and registered with the Commercial Registry of Seville. Here's how you can get in touch:

Address: Glorieta Aníbal González s/n, CP 41940 Tomares (Seville - Spain)

Contact Email: info@reprocopilot.ai

Registro de Datos de Carácter Personal

In accordance with the guidelines of the GDPR and the LOPD-GDD, we wish to inform you that the personal data collected by ReproCopilot through forms on our web pages will be incorporated into our files. This process is designed to streamline and fulfill the obligations between ReproCopilot and the User, maintain any relationships initiated through these forms, or to respond to any inquiries. Additionally, in line with the GDPR and LOPD-GDD provisions, except for the exceptions noted in article 30.5 of the GDPR, we maintain a detailed register of processing activities. This register outlines the purposes of these activities, the processing actions taken, and other circumstances as dictated by the GDPR.‍

Guiding Principles for Personal Data Processing

The processing of User's personal data will adhere to the principles set forth in Article 5 of the GDPR and in Article 4 et seq. of the Organic Law 3/2018, of December 5, on Personal Data Protection and the guarantee of digital rights:

• Principle of lawfulness, fairness, and transparency: At all times, user consent is required, following a fully transparent disclosure of the purposes for which personal data is collected.

  Principle of purpose limitation: Personal data will be collected only for specific, explicit, and legitimate purposes.

  Principle of data minimization: Only the personal data that is strictly necessary for the purposes for which it is processed will be collected.

  Principle of accuracy: Personal data must be accurate and kept up to date at all times.

  Principle of storage limitation: Personal data will only be retained for as long as necessary for the purposes of its processing, allowing for user identification only within this required timeframe.

  Principle of integrity and confidentiality: Personal data will be processed in a manner that ensures its security and confidentiality.

  Principle of proactive accountability: The Data Controller is responsible for ensuring that the aforementioned principles are adhered to.

Categories of Personal Data

Las categorías de datos que se tratan en REPROCopilot son únicamente datos identificativos. En ningún caso, se tratan categorías especiales de datos personales en el sentido del artículo 9 del RGPD.‍

Legal Basis for Personal Data Processing

The legal foundation for processing personal data is based on consent. REPROCopilot is dedicated to securing the explicit and verifiable consent of the User for processing their personal data for one or more specific purposes.

Users reserve the right to revoke their consent at any moment. Withdrawing consent will be as straightforward as giving it. Generally, revoking consent will not impact the ability to use the Website.

Whenever Users are required or choose to provide their data via forms to make inquiries, request information, or for reasons associated with the Website's content, they will be notified if filling out any of these forms is mandatory because they are essential for the successful completion of the transaction.‍

Purposes of Personal Data Processing

Personal data is collected and managed by REPROCopilot with the aim of facilitating, expediting, and fulfilling the commitments made between the Website and the User or maintaining the relationship established through forms filled out by the User or to address a request or inquiry.

Furthermore, the data may be utilized for commercial personalization, operational, and statistical purposes, and activities related to REPROCopilot's social mission. This includes data extraction, storage, and marketing studies to tailor the Content offered to the User, as well as to enhance the quality, functionality, and navigation of the Website.

At the time personal data is collected, the User will be informed about the specific purpose or purposes for which the personal data will be processed; that is, the use or uses that will be made of the gathered information.

Duration of Personal Data Retention

Personal data will be held only for the minimum duration necessary to fulfill the purposes of its processing. In any case, this period will not extend beyond 6 months, unless the User requests its deletion earlier.

Upon the collection of personal data, Users will be promptly informed about the retention period for their personal data. If determining an exact timeline is not feasible, the criteria used to establish this period will be clearly communicated.

Recipients of Personal Data

User personal data will not be disclosed to third parties.

At all times, upon the acquisition of personal data, users will be duly informed about who will receive their personal data or the categories of recipients involved.‍

Confidentiality and Security of Personal Data

REPROCopilot is dedicated to implementing the necessary technical and organizational measures, tailored to the appropriate level of security for the risks presented by the collected data, thereby ensuring the protection of personal data. This commitment aims to prevent the unauthorized destruction, loss, or accidental or unlawful alteration of personal data whether in transit, storage, or during processing, as well as unauthorized communication with or access to such data.

However, recognizing that the impregnability of the internet cannot be guaranteed and the complete absence of hackers or others fraudulently accessing personal data is beyond our control, REPROCopilot is committed to promptly notifying the User in the event of a data security breach that is likely to pose a significant risk to the rights and freedoms of individuals. In accordance with Article 4 of the GDPR, a personal data security breach is defined as any breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed.

Personal data shall be considered confidential by the Data Controller, who pledges to communicate and ensure through legal or contractual obligations that such confidentiality is upheld by their employees, associates, and any individual who has access to the information.‍

Rights Arising from Personal Data Processing

As a user of REPROCopilot, you are empowered with specific rights under the General Data Protection Regulation (GDPR) and the Organic Law 3/2018, of December 5, on Personal Data Protection and Guarantee of Digital Rights. These rights allow you to engage directly with the Data Controller to ensure your personal data is handled with the utmost respect and legality.

• Right to Access: This right empowers you, the User, to verify whether REPROCopilot is processing your personal data. If it is, you have the privilege to access detailed information about your individual personal data, the nature of processing activities undertaken or in progress by REPROCopilot, as well as additional information regarding the origin of your data and the recipients of any communications made or planned with your data.
• Right to Rectification: This right empowers you, the User, to request modifications to your personal data should it be found inaccurate or incomplete, considering the objectives of its processing.
• Right to Erasure ("Right to be Forgotten"): This right allows you, the User, to request the deletion of your personal data under certain conditions, unless otherwise mandated by applicable law. Specifically, you can request erasure of your data when it is no longer necessary for the purposes for which it was collected or processed; if you withdraw your consent to data processing and there is no other legal ground for processing; if you object to the processing and there are no overriding legitimate grounds for continuing the processing; if your personal data has been unlawfully processed; if your personal data must be erased to comply with a legal obligation; or if your personal data has been collected in relation to the offer of information society services to a child under 14 years old. In addition to erasing the data, the Data Controller, taking into account the available technology and the cost of implementation, must take reasonable steps to inform those who are processing the personal data about the data subject's request to erase any links to, or copies or replications of, those personal data.
• Right to Restriction of Processing: This empowers you, the User, to limit the way your personal data is processed. You are entitled to request a halt in processing if you dispute the accuracy of your personal data; if the processing is unlawful; if the Data Controller no longer needs your personal data but you require it for making claims; or if you have objected to the processing.
• Right to Data Portability: In instances where your personal data is processed through automated means, you possess the right to receive your personal data from the Data Controller in a structured, commonly used, and machine-readable format. Furthermore, you are entitled to transfer this data to another Data Controller. Whenever technically feasible, the Data Controller will directly transmit your data to the new Data Controller on your behalf.

• Right to Object: This right allows you, the User, to halt or prevent REPROCopilot from processing your personal data. It's a safeguard allowing you to retain control over your information and how it's used by us.

  Right to Not Be Subject to Automated Decision-Making, Including Profiling: You, the User, hold the right not to be subjected to a decision made solely on automated processing of your personal data, including profiling, that significantly affects you, unless current legislation dictates otherwise. This right ensures that decisions that have a considerable impact on you are made with a human touch, not just by algorithms.

Thus, the User can exercise their rights by sending a written communication to the Data Controller using the reference "GDPR-www.reprocopilot.ai", detailing:

• User's full name and a copy of their identification document. In instances where representation is permitted, identification of the representative, along with a document proving the representation, is also required. The photocopy of the identification document can be replaced with any other legally valid means of proving identity.

  A detailed request specifying the exact reasons for the inquiry or the information to be accessed.

  Address for notification purposes.

  Date and signature of the applicant.

  Any document that substantiates the request being made.

  This request and any accompanying documents can be sent to the following postal address or email:

  Postal address: Glorieta Aníbal González s/n, Module 313, CP 41940 Tomares (Sevilla - Spain)

  Email: info@reprocopilot.ai‍

Enlaces a sitios web de terceros

El Sitio Web puede incluir hipervínculos o enlaces que permiten acceder a páginas web de terceros distintos de REPROCopilot, y que por tanto no son operados por REPROCopilot. Los titulares de dichos sitios web dispondrán de sus propias políticas de protección de datos, siendo ellos mismos, en cada caso, responsables de sus propios ficheros y de sus propias prácticas de privacidad.‍

Lodging Complaints with the Regulatory Authority

In the event that you, as a User, feel there is an issue or a violation of current regulations regarding the handling of your personal data, you are entitled to effective judicial protection and the right to file a complaint with a supervisory authority. This applies particularly in the country where you reside, work, or where the alleged infringement has occurred. For those in Spain, the supervisory authority is the Spanish Data Protection Agency (https://www.aepd.es/).‍

II. Acceptance and Modifications to This Privacy Policy