Privacy policy

RIAM Intelearning Lab SL, with NIF number B26332791 and address in Logroño, Piqueras St. nº 31, 4º (La Rioja),owner of the, from now on GNOSS, informs that:

a) guarantees the protection of personal data voluntarily provided by the user when communicating with GNOSS:

  • through e-mail,
  • by filling out data collection forms (online y offline),
  • formalizing a contractual relationship or
  • using any other service or medium that involves the communication of data or access to data

b) processes the data it collects in accordance with the European Data Protection Regulation 679/2016, of 27 April, hereinafter GDPR and with Organic Law 3/2018, of 5 December, on the Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD) and in accordance with the provisions of this policy, which it makes public based on the principle of proactive responsibility and transparency of information.

c) in conformity with current regulations, has appointed a Data Protection Officer (DPD) whose contact email address is

The personal data collected and processed by GNOSS, through this website, fairs, contracts, conferences, newsletters, sweepstakes, or other means, will be adequate, relevant and limited to those necessary in relation to the purposes for which they are processed.

  • The purpose of the treatment, for data obtained from web forms or by other means of voluntary data delivery not specified (delivery of business cards, sending mail, etc.), is to meet the specific request, sale of products, sending catalogs, answering queries, subscription and forwarding of newsletters, business contact, registration conferences, sending documentation and information related to services and, in any case, commercial communications and / or advertising. They will also be used for the maintenance of historical data and to carry out research and development work in this field.
  • The purpose of processing when the data is obtained through the formalization of contracts is to establish and maintain the contractual relationship that may be established, in accordance with the nature and characteristics of the contracted service; for the maintenance of historical data and to carry out research and development work in this field.

In all cases, personal data will be kept in such a way as to permit identification of data subjects only for the time necessary for the purposes of the processing. These retention periods will only be extended when the purposes are scientific, historical or statistical research;

The legal basis or legitimacy of GNOSS data processing depends on the different processing activities, the type of personal data subjects and purposes of the processing, so we have as a basis of legitimacy:

  • Acceptance or express consent for Stakeholders who contact GNOSS to request information, make inquiries, subscribe to the sending of information and newsletters, training, etc. and who voluntarily provide the personal data requested.
  • Contract for Clients who access GNOSS services and solutions and give their consent through the formalization of the contract.
  • Prevailing legitimate interests of GNOSS or third parties to whom the data is communicated for when contact data is collected beyond the forms indicated in the purpose of processing section (example: receipt of business cards, email inquiries).

The interested party will be responsible, in any case, for the veracity of the data provided, GNOSS reserves the right to exclude any false or unlawful data, without prejudice to other actions that may be applicable by law.

GNOSS warns that, except for the existence of a legally constituted representation, no interested party may use the identity of another person and communicate his personal data, so at all times must take into account that he must communicate personal data corresponding to his own identity and that are adequate, relevant, current, accurate and true. For these purposes, the interested party shall be solely liable for any direct and/or indirect damage caused to third parties or to GNOSS by the use of personal data of another person, or his own personal data when they are false, erroneous, not current, inadequate or irrelevant. Likewise, whoever communicates the personal data of a third party, shall be liable to the latter for the information obligation established in the RGPD for when the personal data have not been collected from the data subject himself, and/or for the consequences of not having informed him.

Assignments: GNOSS only transfers personal data to third parties to meet its contractual or legal obligations of the service, with providers or public or private organizations. The owner consents in these cases to such transfers, and by exercising their rights can be informed about them.

International Transfers: GNOSS communicates that in the course of its activity it uses data processors located outside the European Economic Area, making an international data transfer based on the “EU-US Data Privacy Framework” of July 10, 2023. The legal basis for these transfers is consent or legitimate interest. Below we indicate the providers and their privacy policies:                                            

The user may at any time exercise the rights recognized on their personal data, as well as the revocation of consent for the uses mentioned above, by written communication with the request or right exercised addressed to the address of GNOSS or electronically via email privacidad@gnoss.comIn both cases including information of identity. The recognized rights that you can exercise are as follows:

  • Access.  Request information about the data we process, the purpose of the processing and its legitimacy.
  • Rectification. Request the modification of the data if they are incorrect.
  • Deletion. Request the deletion of data in the legally established cases.
  • Objection. Stop processing the data, except for justified reasons.
  • Limitation of processing, they will only be kept by GNOSS for the exercise or defense of claims.
  • Right to data portability: in case you want your data to be processed by another provider, GNOSS will facilitate the portability of your data to the new data controller.

For more information about the exercise of these rights you can consult the citizen's guidepublished by the Spanish Data Protection Agency.

If you believe that the processing of your personal data violates the regulations, you can file a complaint:

The personal information provided or collected from users and whose responsible is GNOSS is structured in files, automated or not, and GNOSS performs a record of processing activities in accordance with current regulations.

In addition, for each data processing, GNOSS establishes the appropriate technical and organizational measures to ensure the confidentiality, integrity, availability, resilience of the data included in a processing and which are necessary to ensure its adequate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, and which tend to:

  1. Pseudonymization and encryption of personal data.
  2. The ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services.
  3. The ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services.
  4. The process of regular verification, evaluation and assessment of the effectiveness of technical and organizational measures to ensure the security of processing.

In those cases in which GNOSS must access and / or process personal data whose responsibility and ownership belongs to its customers and acts as data processor in accordance with the provisions of current legislation is committed to regulate in detail the content of the contracts of data processor, regulating aspects such as:

  • Object, duration, nature and purpose of the treatments.
  • Designate a Data Protection Officer, if applicable.
  • Keep a Register of Activities including the types of personal data and categories of data subjects of the data controller.
  • Obligation of the processor to process personal data only according to documented instructions from the controller.
  • Conditions for the person in charge to give prior authorization, specific or general, to subcontracting.
  • Notification of data security breaches.
  • Once the contractual performance has been fulfilled, the data will be destroyed or returned, as agreed between the parties. However, GNOSS may use the data for research, scientific and statistical purposes.... after prior anonymization of the data;

GNOSS is constantly changing, as are its texts and policies; therefore, we will publish any changes that may be made. We will post it in an easily reachable place, so that you will always know what information we collect and use.

We encourage you to review these documents frequently. If we make any material changes to this policy we will post them here, or by sending an email to your contact account, or by posting a notice on the home page.