Data protection policy


Responsible for treatment CORPORATE COMPLIANCE SMC SL., With address at Lugo 201, mezzanine 15703 Santiago de Compostela. CIF: B70495205 (hereinafter, we will refer to the person in charge by his commercial name ETTHICO) .Contact of the person in charge of treatment:
Purposes of the treatment and bases of legitimation Provide the necessary information to customers who
require it about ETTHICO’s services. Answer
the doubts and questions raised through our
inquiry form
Legal basis Consent of the interested party and legitimate interest
Recipients Your data will not be transferred to third party recipients, except in legally established cases, in which case they may be communicated to public bodies or institutions when the procedure is within their competence, preserving the confidentiality of the data.
Rights The interested party may at any time exercise the rights of access, rectification, cancellation, opposition, portability, forgetfulness and limitation of treatment, as well as any others recognized by the applicable data protection regulation.
Additional Information Below, you can see the detail of the information included in this table.


ETTHICO fully complies with the regulations on the protection of personal data and, in particular, with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 regarding the protection of natural persons in with regard to the processing of personal data and the free circulation of these data and by which Directive 95/46 / CE (hereinafter, “GDPR”) and Organic Law 3/2018, of December 5, of Data Protection and Guarantee of Digital Rights (“LOPDGDD”), so that the treatment of personal information provided by the interested party, (hereinafter, the “interested party”), will be carried out in compliance with the guarantees and legal obligations enforceable.

Who is responsible for the processing of your data?
The personal data provided through the consultation form on the website or the emails of our ethical mentors will be included in the Data Protection System of CORPORATE COMPLIANCE SMC, SL who will be responsible for the treatment with address at Avd. of Lugo 201, 15703 Santiago de Compostela and CIF: B70495205.

For what purpose and on what legal basis do we process your data?

  • Manage queries, doubts or requests for information raised through the inquiry form on the website or through the emails of ethical mentors.
  • The legitimacy of the treatment is legally based on the consent of the interested party and on the legitimate interest of society to meet the request for information through the web

How long will we keep your data?

As a general rule, the data provided will be kept for the time necessary to fulfill the purpose for which they were obtained, as well as to attend to possible claims or responsibilities that arise as a result of their treatment. After this time, the data is blocked so that no treatment will fall on them beyond keeping them at the disposal of the Public Administrations, Judges and Courts, for the attention of the possible responsibilities arising from the treatment and until the moment of its prescription, after which it must be deleted

Who will your personal data be disclosed to?

ETTHICO undertakes to comply with the duty of secrecy and confidentiality regarding the personal data provided by the interested party, so it will not transfer to third parties or commercialize personal information, except in cases where it is legally required, in which case they may be communicated to public bodies or institutions when the procedure falls within their competence. Access to personal data provided to ETTHICO will be limited to people who, inside or outside the organization, carry out internal control and compliance functions.

What security measures will be applied to your personal data?

At ETTHICO we adopt the technical and organizational measures necessary to achieve the security levels required by Regulation (EU) 2016/679 and other applicable regulations in order to avoid any form of alteration, loss, misuse, treatment or access to data unauthorized, as well as the theft of the data provided by the interested party to ETTHICO. Among other measures, our organization has an Information Security and Data Protection Policy that is mandatory for all those involved in the processing of data or information obtained, there are access controls to our computers and other information systems , We regularly carry out specific training for personnel who process data and to be able to comply with our policies and processes.

What are your rights when you provide us with your data and how to exercise them?

The owner of the data holds the rights of access, rectification, cancellation, opposition, portability, forgetfulness and limitation of the treatment that he can exercise completely free of charge before those responsible for the file. For the correct exercise of the aforementioned rights, the owner of the data must make the appropriate personal request (accompanied by a copy of the DNI or similar document) by any means that allows proof of sending and receiving it. These rights may be exercised both by email at the email address:, and by sending a letter to the address of the person responsible for the file: CORPORATE COMPLIANCE SMC, SL, Avda. De Lugo 201, 15703 Santiago de Compostela .

Without prejudice to any other administrative remedy or legal action, the interested party may, in any case, file a claim with the Spanish Data Protection Agency (AEPD), especially when they have not obtained satisfaction in the exercise of their rights, through the web