Privacy Policy
In application of the provisions of the General Regulation on Data Protection (GDPR) and Law 34/2002, of 11 July on Information Society Services and Electronic Commerce (LSSI), we wish to inform you that HISPlayer SDK SL maintains strict compliance with current legislation regarding the processing of personal data and information security in order to guarantee its Users that the collection and processing of their personal data is carried out with the appropriate security guarantees. Before contacting HISPlayer and providing your data, please read carefully the following privacy policy.
Please check the Policy from time to time when you visit this website, as the Policy may be amended pursuant to changes to the applicable laws, regulations and guidelines relating to the protection of personal information and changes in the Company policy.
- Data Processing Controller
HISPlayer SDK SL (hereinafter the “Company” or “HISPlayer”), with the Tax ID number B44544773, is responsible for this Website. You may contact HISPlayer by writing to: Poeta Joan Maragall 1, Floor 16 – 28020 Madrid-Spain or send an e-mail to: [email protected]
- Purpose of the Processing
At HISPlayer, we handle the personal data of our customers and Users for the following purposes:
- Management and maintenance of the contractual relationship with the aim of providing contracted services.
- Sending periodic communications about the services we provide, as well as news related to our activity, all subject to requesting your prior express consent.
- Commercial and advertisement purposes.
- In order to comply with the obligations established by law.
HISPlayer will retain your data for the time necessary for them to be used for the purpose for which they were collected and until compliance with legal conservation obligations is fulfilled.
The Company, in principle, shall not collect the personal information of children under age 16 without consent of his legal representatives. If we collect information of children under age 16 we will ask for the consent of parents or legal guardian.
You have the right to refuse to collect of information. However, if you refuse to consent the treatment of your data, like your name, e-mail address or password the Company will be unable to respond to the enquiry registered.
- Legitimacy
The legal grounds for HISPlayer to carry out processing of your data is based on obtaining your consent, which is requested for each particular case.
In the event of a contractual relationship, your data will be processed on the basis of the proper execution of the contract. You may at any time request the reference to the contract on the basis of which we process your data.
We also treat your personal data with the legal habilitation that the legitimate interest that we have as a data controller and company confers us. This legitimate interest will always be weighed against your own interests, which if they are superior will prevail in any case.
Occasionally, your data may be processed on the basis of compliance with specific legal obligations; in this case, you may request information about the specific rules by which we process your data.
- Providing Personal Information for Third Party
Your data may be communicated to other companies of the HISPlayer business group for internal administrative purposes.
In order to maintain and provide quality services we must contract with other companies certain services, for example to host part of our activity on their servers, so that if there is an escalation in users there will not be problems related to saturation. If we use a third party as a data processor to process data on our behalf we will sign a contract with them to ensure that your personal data are treated with the same care to ensure the security of them.
We do not carry out Transfers of personal data to third countries or international organisations that do not comply with the guarantees and standards implemented by the European Union. The approved transfer mechanisms are as follows:
- Data processor in a country which has a finding of adequacy from the European Commission Data processor that has binding corporate rules that are in compliance with data protection regulations in Europe
- Data transfer using the standard contractual clauses approved by the European Commission
- If the transfer is to the US, on the basis of the Privacy Shield.
- With the consent of the data subject.
Other legal mechanisms that we can use are as follows:
- The transfer is necessary to carry out a contract with the data subject
- The transfer is in the public interest
- The transfer is necessary to establish, exercise or defend legal rights
- The transfer is necessary to protect the vital interests of a person where the data subject is physically or legally incapable of giving consent.
Anyway, the data processor will not manage personal information beyond the original scope of purposes without the prior consent of subject of personal information nor provide any personal information to any third party.
The data that we collect from you will be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It will also be processed by staff operating outside the EEA who work for us.
The personal information we collect is processed in, or transferred to, the following jurisdictions:
- Where the Company headquarters and IT servers are located: Republic of Korea
The purpose of such personal information transfers are the following:
- The storage and further processing on the Company’s servers in Seoul;
- The handling of your services requests
We do not carry out Transfers of personal data to third countries or international organisations that do not comply with the guarantees and standards implemented by the European Union. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
If there is any change in any of the prior conditions, HISPlayer and the data processor will inform to the subjects of personal information of such change and obtain consent therefrom. The provided information will be as follows:
- The person who are provided with personal information;
- The purposes of using personal information (when personal information is provided, the purposes of using by the person to whom personal information is provided);
- Items of personal information that is used or provided;
- Period of holding and using personal information (when personal information is provided, it refers to the period of holding and using by the person to whom such personal information is provided);
- The fact that relevant subject of personal information is entitled to refuse to grant consent and the details of disadvantage (if any) arising from a refusal to grant consent.
- Rights and Obligations of Subjects of Personal Information
You have the right to obtain information about whether HISPlayer is processing personal data concerning you or not. In the event that we process your personal data you can request the right of access and we will send you a free copy of the data we have about you.
You can also request the rectification of inaccurate data, if you consider that there is data that does not correspond with your actual reality, you can request the rectification of the same, for example if you change your email. In case the Company corrects, deletes, etc relevant personal information the Company shall inform to his Data Processors about those changes.
Another right that assists our European users is the right of suppression. If, for example, the data you provided at an initial moment you consider that is no longer necessary for the purposes for which they were collected, you can ask us to “delete” them. We have certain legal obligations and therefore may not be able to delete them at first, if this happens we will proceed to block such data and not make any use of them, once fulfilled the legal obligations that fall on HISPlayer and prescribed all possible consequences for both our Company and our users will delete the data ensuring its irretrievability and the irreversibility of the operation.
You can request the portability of your personal data, this right means that if you give us the contact information of another company / Data controller we will send them your personal data in a standardized format.
In certain circumstances, you can request the limitation of the processing of your personal data, in which case we will only keep them for the exercise or defense of claims.
In certain circumstances and for reasons related to particular situations, you can object to the processing of your personal data. HISPlayer will stop the processing of your personal data, except for legitimate reasons, or for the exercise or defense of possible claims.
The procedure for making a request for the rights explained above is as follows:
- Write a request including proof of identity so that we can be sure that the request is being submitted to the person indicated.
- Explain in the application to which information you refer and a brief explanation of what are the reasons to request the particular right.
- Send the request by writing to: or by e-mail to [include e-mail address]
If you make the request by electronic means, we will provide you with the information in a common electronic format (Word, pdf…). In any case, you can request that the reply be provided in another way (Postal mail, fax…). As a general rule, the requests and the information provided will be free of charge, expenses will only be charged in the case of manifestly unfounded or excessive requests, especially for repetitive ones. In addition, if you request information from us in paper form and ask for several copies, the first copy will be free, while for the following copies we will charge a reasonable fee based on administrative costs.
Applications for data protection rights will be refused when the application is made by someone other than the person affected and it is not proven that he is acting on his behalf. They will also be denied when the exercise of the rights is claimed in a manifestly unfounded or repetitive manner for having requested the right of access on more than one occasion during the period of six months, unless there is legitimate cause for it.
Finally, we inform you that you have the right to complain to a Data Protection Agency when you consider that the Company has violated your rights.
- Destruction of Personal Information
(1) If the period of holding personal information under Article 1 ends, the Company shall destroy relevant personal information within five days after the last day of such period of holding, unless there is a justifiable reason. If personal information is deemed to be unnecessary because the purpose of management of personal information is achieved, the Company shall, unless there is a justifiable reason, destroy relevant personal information within five days after it is deemed that management of personal information is unnecessary.
(2) The printouts, documents, etc on which personal information is written shall be destroyed through crushing or incineration, and any personal information in an electronic file shall be destroyed by deleting such information permanently in a way that is impossible to restore such personal information.
- Measures to Secure Safety of Personal Information
The Company shall take technical, administrative and physical measures necessary to secure safety as follows.
(1) Encryption of Personal Information
Your passwords will be kept and managed after encryption, and only you who know the passwords can check and modify your passwords.
(2) Anti-hacking Measures
To prevent leak of your personal information as a result of intrusion to our information and communications networks, such as hacking, computer virus, etc., the Company installs the security program within the area where external access is limited. To prevent an intrusion, your personal information is backed up from time to time and the newest vaccine program is using, and for secure transmission on networks, personal information in transit is protected through encryption and so on.
(3) Minimization and Training of Personal Information Managers
We limit the number of our employees who handle personal information to the minimum level necessary and impress on them the compliance of protection of personal information through managerial safeguards, including but not limited to their training.
- Openness and Your Refusal or Withdrawal of Consent
In order to refuse or withdraw consent to Privacy Policy and Terms of Use by Clicking here and submit this form, and we will record and respect your choices.
In most cases you are free to refuse or withdraw your consent at any time. You may do so by contacting us by e-mail at [email protected]
- Data Protection Officer and further contact details.
The Company exerts his best efforts to help you use our services safely. You can report any complaint on privacy issues in relation to the use of our services, to the personal information protection manager as follows.
If you want to exercise data protection rights or if you have further questions or need any clarification on how we treat your personal data you can contact us at Poeta Joan Maragall 1, Floor 16 – 28020 Madrid – Spain or send an e-mail to: [email protected] we will be happy to resolve any doubts you may have.