By clicking the ‘Agree’ button, or signing our terms of business, or completing the registration process and/or using VisualTime Zero, you agree to be bound by these Terms and Conditions of Use (T&Cu). If you are using VisualTime Zero services on behalf of a company you must have the authority to bind that company to these TyCu. If you do not accept these T&Cu, you should not complete the registration process and you cannot access these services.
VisualTime Zero Terms and Conditions of Use
The company Robotics S.A., holder of all the intellectual property rights of the VisualTime services, including VisualTime Zero, as well as the VisualTime brand, with CIF A08878118 and registered office at Avenida Francesc Macia 60 (7ª), Torre Millenium, 08208 Sabadell, represented by its administrator David Arderiu Pique, hereinafter designated as PROVIDER.
The company registered in the services of VisualTime Zero, hereinafter referred to as the CLIENT.
VisualTime Zero services are hosted on Azure. The hosting provider is Microsoft Ireland Operations Ltd. with address at Carmenhall Rd, Sandyford, Dublin 18 Ireland.
The purpose of this contract is to regulate the relationship between the CLIENT and the SUPPLIER with respect to the access and use of VisualTime Zero’s services, as well as to establish the personal data protection policies in compliance with article 28 of the General Data Protection Regulation (RGPD).
The purpose of the contracted VisualTime Zero services is for the SUPPLIER to provide the CLIENT with a time management solution for its personnel.
VisualTime Zero provides services through a web platform so it is essential to be connected to the network to access it.
VisualTime Zero is compatible with browsers: Chrome 50 or higher, Firefox 46 or higher, Microsoft Edge and Safari MacOS 10.0 or higher, iOS v9.0. In some modes and services of VisualTime Zero it is possible to access from apps, these apps are compatible with iOS v10.0 or higher and Android 8.0 (Oreo) or higher.
VisualTime Zero Terms and Conditions of Use
A Access and use of VisualTime Zero’s services
A.1 The SUPPLIER undertakes to make VisualTime Zero’s services available to the Client.
A.2 The access to VisualTime Zero services may be temporarily interrupted due to maintenance, technical incidences, evolution or modification of the platform and similar, which the CLIENT accepts as normal and renounces to any type of legal action or extrajudicial claim.
B Contractual amendments
The SUPPLIER may make changes to this contract, notifying the CUSTOMER at least 1 MONTH before it comes into force. If the CUSTOMER wishes not to accept the conditions, it must notify the SUPPLIER in writing. In this case, the SUPPLIER may terminate the contract early and without penalty. If the CLIENT does not communicate his disagreement and continues to use the services of VisualTime Zero, it is understood that he accepts the proposed modifications.
The CLIENT expressly accepts that all notifications, communications and information that may be necessary with the SUPPLIER relating to this contract will be carried out, provided that the law allows it, by written electronic means.
D Restrictions and Confidentiality
D.1 The CLIENT and its registered personnel cannot access VisualTime Zero services if the CLIENT is a competitor of the SUPPLIER in the market. It is understood that any company that manufactures, sells or distributes access control solutions or personnel time management at work of any kind (schedule compliance, production or task times, etc.) is a competitor.
D.2 The CLIENT and its registered personnel may not:
a) Engaging in actions that are unlawful, illegal or contrary to the provisions of this contract
b) Reverse engineering
c) Access VisualTime Zero’s services to create a competitive product or service.
d) Create a product that uses ideas, features, or functions similar to VisualTime.
D.3 The CLIENT and his personnel registered in VisualTime Zero services undertake not to make any attempt to violate access levels, incorrectly manipulate data, attempt to access restricted areas of the SUPPLIER’s platform, introduce programs, viruses or any device that may produce or produce modifications or alterations in the platform or in the SUPPLIER’s services.
D.4 The CUSTOMER undertakes to respect the provisions of current data protection regulations, as well as to keep secret all information concerning the SUPPLIER to which it has access, and undertakes to return any information or documentation belonging to the SUPPLIER in its possession in the event of termination, termination or expiry of the contract.
E Data Protection – (Services between the Data Controller and the Data Processor with regard to GDPR)
E.1 The provision of VisualTime Zero’s services implies the need to access personal data. The SUPPLIER, as data processor, is obliged to comply with the general data protection regulation entered into force on 25 May 2018 and other applicable regulations.
E.2 The CLIENT and the SUPPLIER freely agree to regulate the access and processing of data as detailed in this contract (in compliance with Article 28 of the General Data Protection Regulation (GDPR).
E.3 In order to provide the services of VisualTime Zero and to manage the access control system and/or the presence of the CLIENT’s personnel, the SUPPLIER, in charge of the processing, is authorized to process the personal data necessary to provide the services, responsibility of the CLIENT, on behalf of the client, who is responsible for the processing:
- Employee identification data: name and surname, e-mail, telephone.
- Other employee data: NIF, date of birth, address, mobile phone, private e-mail.
- Employment data: job position, academic qualifications, start date of contract, probationary period, social security, type of contract in force, calendar and working hours.
- Punching location data (if applicable and used in any of VisualTime Zero’s services)
The processing operations will be those necessarily derived from the provision of VisualTime Zero services, including mainly the registration and hosting of data.
E.4 The data stored in VisualTime Zero services are property of the CLIENT as Responsible for the treatment. For the purposes of Article 28 of the GDPR, the SUPPLIER will only access the personal data to which it has access in accordance with the instructions of the CUSTOMER and always in consultation/reading mode and will not apply or use them for a purpose other than the purpose of the Contract, nor will it communicate them, even for storage, to other persons. In the event that the SUPPLIER uses the data for another purpose, communicates them or uses them in breach of the provisions of the Contract, he/she will also be considered responsible for the processing, and will be liable for any infringements that he/she may have personally incurred.
E.5 The CLIENT, with respect to files containing personal data, declares that it complies with all legal requirements for their collection and processing. It also declares that it has adopted the necessary technical and organisational measures to guarantee the security of the personal data included in the files, as established in the current legislation on personal data protection.
E.6 Corresponds to the SUPPLIER
a) Process the data only in accordance with the instructions of the CLIENT as documented in this contract. If the SUPPLIER considers that any of the instructions infringes the GDPR or any other data protection provisions of the Union or the Member States, the SUPPLIER will immediately inform the CUSTOMER.
b) Keep, in writing, a record of all categories of processing activities carried out on behalf of the CLIENT, containing:
o The name and contact details of the data processor(s) and of each controller on whose behalf the data processor is acting and, where appropriate, of the representative of the data controller or data processor and of the data protection officer.
o The categories of processing operations carried out on behalf of each data controller.
o Where applicable, transfers of personal data to a third country or international organisation, including the identification of such third country or international organisation and, in the case of transfers referred to in the second subparagraph of Article 49(1) of the GDPR, documentation of appropriate safeguards.
o An overview of the technical and organisational security measures in accordance with the GDPR.
c) The SUPPLIER shall notify the CUSTOMER as soon as possible of any personal data security breaches of which it becomes aware, when it is likely that the breach poses a high risk to the rights and freedoms of natural persons, providing all the details necessary for the CUSTOMER to comply with the obligations of notification to the supervisory authority and communication to data subjects established in the applicable regulations.
d) The termination, resolution or extinction of the contract will imply the obligation on the part of the SUPPLIER to delete or return to the CUSTOMER the personal data provided, as well as any support or document containing any personal data subject to processing.
E.7 Corresponds to the CLIENT:
a) The CLIENT shall adopt the necessary technical and organizational measures to ensure the security of personal data and avoid its alteration, loss, unauthorized access or processing, given the state of technology, the nature of the data stored and the risks to which they are exposed, whether from human action or the physical or natural environment.
b) It is the Client’s responsibility to (i) keep a record of registration activities; (ii) carry out an assessment of the impact on the protection of personal data of the processing operations to be carried out by the processor; (iii) carry out the appropriate prior consultations; (iv) ensure, prior to and throughout the processing, that the processor complies with the GDPR; (v) supervise treatment, including the conduct of inspections and audits; and, (vi) to sign with the clients that are going to use the services of VisualTime Zero, the mandatory contract where the subcontracting of the services mentioned in the present contract to the SUPPLIER is informed.
c) The CLIENT expressly authorizes the SUPPLIER to subcontract with the HOSTING SUPPLIER various VisualTime Zero services, including hosting and data processing, in full compliance with the RGPD.
d) The CLIENT expressly authorizes the SUPPLIER to communicate data to third parties whose intervention is deemed appropriate for the proper development of VisualTime Zero’s services. In this case, the SUPPLIER is obliged to sign a data processor contract with the third party, stipulating the obligations that the third party must comply with in terms of personal data protection.
e) The CUSTOMER shall duly respond to any notifications received from the SUPPLIER regarding the processing of data; in particular, those relating to subcontracting of processing, security breaches and instructions given by the CUSTOMER which, in the opinion of the SUPPLIER, infringe data protection regulations.
f) The SUPPLIER will assist the CUSTOMER in responding to the exercise of rights. When the persons concerned exercise their rights of access, rectification, deletion, opposition, limitation of processing and/or data portability before the SUPPLIER, the SUPPLIER shall notify the CLIENT of this fact as soon as possible. It will be the responsibility of the CUSTOMER to respond to the affected party, although the SUPPLIER will be obliged to collaborate and provide any information required by the CUSTOMER to meet the request.
F Hosting VisualTime Zero Services
F.1 The information introduced in the VisualTime Zero services is hosted in the servers of the HOSTING PROVIDER indicated in the present contract.
F.2 The HOSTING PROVIDER is solely responsible for the proper functioning of the server, which is physically hosted on its premises. This company will also be considered as “PROCESSOR”, as far as the operation of the server is concerned.
F.3 The HOSTING PROVIDER guarantees that the hosting service is located within the European Union.
F.4 Access and Audit
F.4.1 The SUPPLIER shall provide credentials and passwords to the personnel registered by the CUSTOMER.
F.4.2 The SUPPLIER guarantees that VisualTime Zero’s services carry out, at all times, an audit of all accesses and actions that are carried out in the system, whether by the CLIENT’s or the SUPPLIER’s registered personnel.
F.4.3 The CUSTOMER and its registered personnel are responsible for maintaining the secrecy of their credentials. Under no circumstances will the PROVIDER be held responsible for data modified, deleted, extracted or viewed by accessing VisualTime with these credentials.
F.4.4 The SUPPLIER guarantees that the accesses by its personnel have an additional security system that prevents the copying or communication between personnel of the credentials and that only those data and resources for the development of the VisualTime Zero services will be accessed.
The subject matter of this contract is of a personal nature. The SUPPLIER may, upon compliance with all the requirements set forth in current legislation, as well as prior notification to the CUSTOMER, transfer the ownership of the same without the need to obtain the express consent of the CUSTOMER, without prejudice to the latter’s right to terminate the contract within 10 days of receipt of the notification of transfer.
G Intellectual Property and Industrial Property
G.1 The PROVIDER (and its licensors if applicable) is the owner of all rights and interests, including all rights related to intellectual property rights in the technology, content, platform and services of the PROVIDER and any suggestions, ideas, enhancement requests, comments, recommendations or any other information provided by registered users or any other related party through the VisualTime Zero services and its associated services and components.
G.2 The name Robotics S.A., VisualTime, the Robotics S.A. logo, and the VisualTime logo are trademarks of the SUPPLIER or third parties and no right or license is granted for their use.
H.1 To access VisualTime Zero services, single-person authentication systems are provided, both for administrators and registered users of the CLIENT.
H.2 The Client is responsible for all damages that may occur to himself, to third parties or to the PROVIDER itself and that have been derived from its lack of secrecy regarding access data and / or authentication, both administrators and users registered by the CLIENT itself.
H.3 The liability of each party arising out of and in connection with this contract (for any purpose and in respect of any claim whatsoever) shall not exceed the payments received by the SUPPLIER during the 12 months following such obligation or liability (as applicable).
H.4 Neither party, individually, shall have any liability with respect to such party’s obligations for indirect, special, consequential, punitive, exemplary or incidental damages, including damages for interruption of the other party’s business or losses.
H.5 The existence of more than one claim or cause of action shall not extend the limits of this Section J. PROVIDER shall not be subject to any equitable remedy in favor of CUSTOMER such as injunctive relief, specific performance or receivership.
The SUPPLIER shall maintain due professional secrecy regarding the personal data to which it has access and require the same level of commitment in writing from any person within its organization involved in any phase of the processing of personal data, both during its professional relationship with the CUSTOMER, and once it is terminated for any reason.
J Contract Integrity and Safeguard Clause
J.1 Each of the provisions of this contract is to be interpreted separately and independently of the others. If any of them should become invalid, illegal or unenforceable by virtue of any legal rule or be declared null and void or ineffective by any court or administrative authority, the nullity or ineffectiveness of the same shall not affect the other stipulations, which shall retain their full validity and effectiveness. The parties agree to replace the clause or clauses concerned by one or more other clauses having the effects corresponding to the purposes pursued by the parties in this contract.
J.2 This contract includes all the existing agreements between the parties, and cancels and revokes, where appropriate, any other agreements or understandings, verbal or written, were in force at the date of its signing. This contract may be amended by written agreement of the parties.
K.1 The SUPPLIER may terminate the contract if the account has not been used for 30 calendar days, after prior notice by email to the administrators of the account.
K.2 The termination of the contract does not exempt the parties from fulfilling any obligations they may have acquired.
L Applicable Law and Jurisdiction
L.1 This contract shall be governed by the terms expressly agreed by the parties in this contract and by Spanish law.
L.2 It is the will of the parties, Supplier and Purchaser, to expressly waive the jurisdiction of the courts and submit to arbitration any dispute, question or incident that may arise between them in relation to this Order.
L.3 The hearing and decision of disputed matters shall be the responsibility of a sole arbitrator, who shall be appointed from among the Arbitral Tribunal of Barcelona by agreement of the parties when the dispute arises or, failing this, by the President of the Court, in accordance with the Statutes of the Court.
L.4 It shall be understood that there is no agreement when, within fifteen calendar days of the request from one party to the other, there is no affirmative response.
L.5 For any case of doubt or discrepancy regarding the interpretation or fulfilment of this document, or in the event that there is no agreement between the parties, they expressly submit to the Jurisdiction and Jurisdiction of the Courts and Tribunals of the city of Barcelona, waiving the jurisdiction of their domicile or any other if they have one.
Security in VisualTime Services
Robotics S.A. is certified in the ENS National Security Scheme, which establishes the security policy in the use of electronic media and consists of basic principles and minimum requirements that allow adequate protection of information.
The ENS includes the principles to be taken into account in security decisions, the requirements that allow adequate protection of information, the adoption of security measures in the organization, operations and protection measures, as well as security auditing.
Robotics S.A. has the Microsoft Gold Partner certification, which means having the direct endorsement of the manufacturer, which rewards through this distinguished recognition the excellence, commitment, capabilities and experience in Microsoft technologies of a company, declaring it a committed partner in the evolution of its technology to meet the interests of both the manufacturer and its customers.
The information entered in VisualTime SaaS is hosted on Microsoft Azure servers within the European Union.
In order to guarantee compliance with data protection regulations, the services used for VisualTime SaaS are redundantly hosted in datacenters in EU countries or in countries with the EU-US Privacy Shield agreement signed with the EU. Thus, there is no international transfer of data within the meaning of the GDPR.
Microsoft Azure is ISO/IEC 27001:2005, ISO/IEC 27001:2013, ISO/IEC 27017:2015, ISO/IEC 27018: 2014 certified.
Communications and security of VisualTime’s services
Communications with the server are protected by a 2048-bit SSL certificate (SSL AES-2048).
All connections are protected by authentication and authorization.
VisualTime’s servers undergo regular security audits to ensure that they meet the highest security standards and are protected against new vulnerabilities. Qualys SSL Labs tests conducted give an A rating (the highest).
VisualTime SaaS automatically performs different backup plans, including monthly, weekly, daily and up to the minute.
The backups performed automatically by VisualTime SaaS are hosted on Microsoft Azure drives independent of the machine on which VisualTime SaaS is running.
All backups are performed “hot”, without the need to interrupt the services provided by VisualTime SaaS.
Audit and Traceability
VisualTime SaaS includes an Audit functionality from where it is possible to consult all the actions performed by users (from the client and Robotics) in relation to data processing. Any changes made to the data by a user are recorded.
It is not possible to delete the audit log from VisualTime SaaS.
The data is stored and deleted when it expires after 4 years.
VisualTime SaaS user access control
The minimum password is medium grade, in compliance with the RGPD.
In the event of a forgotten password, the email indicated by the client for their users is used to recover the account.
All successful logins or failed login attempts are audited.
Robotics Access Control to VisualTime SaaS
When Robotics staff accesses VisualTime SaaS to process customer data, the following security measures apply:
- Robotics users require double authentication.
- Only active, authorised personnel, with up-to-date security training and documentation, may have access.
- All internal accesses are audited.
The access for administration of the platform, virtual machines and other subsystems in case of recovery, system update interventions or others that require manual actions, etc., use a double or triple authentication system (depending on the level of administration).
There are other purposes for which we process your personal data:
- To support and improve the services offered by this website.
- Other non-identifying data are also collected and obtained through some cookies that are downloaded to the user’s computer when browsing this website, which are detailed in the cookies policy.
- To manage social networks. Robotics may have a presence in social networks. The processing of data carried out on people who become followers on the social networks of the official pages of https://www.robotics.es, will be governed by this section. As well as those conditions of use, privacy policies and access regulations that belong to the social network that applies in each case and previously accepted. It will treat your data for the purposes of properly managing its presence in the social network, reporting activities, products or services Robotics, S.A. As well as for any other purpose that the regulations of social networks allow. Under no circumstances will we use the profiles of followers in social networks to send advertising on an individual basis.
Robotics, does not sell, rent or transfer personal data that can identify the user, nor will it do so in the future, to third parties without prior consent.
Legitimation for the processing of your data
The legal basis for the processing of your data is: consent.
The prospective or commercial offer of products and services is based on the consent that you are asked for, without in any case the withdrawal of this consent conditioning the execution of the subscription contract.
The categories of data processed are:
- Identification data.
- Employment data
- Academic Data
- Personal characteristics data
No specially protected categories of data are processed.
Links on Robotics’ sites may take you to external sites over which Robotics has no control. Robotics is therefore not responsible for the content, accuracy, updating, modification or purpose of other websites.
Information collected as portal usage statistics may include: your IP address, browser, domain names, access times, pages visited on the portal, etc. The information of statistics of visits is not associated with your personal information, and even if it is and/or it were possible to deduce or associate data such as to which user registered in the portal corresponds a certain IP captured in the statistics of use of the portal, www.robotics.es would not make any use of this information, nor would it store it, treat it or transfer it.
Data secrecy and security
https://www.robotics.es is committed to the use and processing of personal data included users, respecting their confidentiality and to use them in accordance with the purpose of the same, as well as to comply with its obligation to save them and adapt all measures to prevent alteration, loss, treatment or unauthorized access, in accordance with the provisions of current legislation on data protection.
This website includes an SSL certificate. It is a security protocol that makes your data travel in an integral and secure way, that is, the transmission of data between a server and web user, and in feedback, is fully encrypted or encrypted.
https://www.robotics.es cannot guarantee the absolute inaccessibility of the Internet network and therefore the violation of the data through fraudulent access to them by third parties.
With respect to the confidentiality of processing, Robotics, S.A. will ensure that any person who is authorized by Robotics, S.A. to process user data (including its staff, collaborators and service providers) will be under an appropriate obligation of confidentiality (whether a contractual or legal duty).
When a Security Incident occurs, upon becoming aware of it, Robotics S.A. shall notify the User without undue delay and shall provide timely information related to the Security Incident as it becomes known or when reasonably requested by the User.
Accuracy and veracity of the data
As a user, you are solely responsible for the veracity and correctness of the data you send to https://www.robotics.es exonerating Robotics, S.A, of any responsibility in this regard.
Users guarantee and are responsible, in any case, for the accuracy, validity and authenticity of the personal data provided, and undertake to keep them duly updated. The user agrees to provide complete and correct information through any enabled communication channel.
Acceptance and consent
The consent given, both for the processing and for the transfer of the data of the interested parties, may be revoked at any time by communicating it to Robotics, S.A. under the terms established in this Policy for the exercise of rights. This revocation shall in no case be retroactive.
Robotics, S.A. reserves the right to modify this policy to adapt it to new legislation or jurisprudence, as well as to industry practices. In such cases, Robotics, S.A. will announce on this page the changes introduced with reasonable notice before their implementation.
In accordance with the LSSICE, https://www.robotics.es does not carry out SPAM practices, so it does not send commercial emails by electronic means that have not been previously collected through forms or other means that Robotics has as a channel of information and in which the purpose of treatment is indicated in each of the forms on the web. The user has the possibility of giving his express consent to receive the newsletter, regardless of the commercial information requested at any time, and he can also unsubscribe at any time.
In accordance with the provisions of Law 34/2002 of Services of the Information Society and electronic commerce, https://www.robotics.es undertakes not to send commercial communications without properly identifying them.