Company Policies

This website is owned by CTAIMA OUTSOURCING Y CONSULTING S.L., with NIF nº B43715812 and registered office at c/ Salvador Espriu, 18, 43007 Tarragona, Spain, and registered in the Commercial Registry of Tarragona (Spain), Volume 1851, Folio 179, Sheet T-26178 ("CTAIMA"). For any inquiries or proposals, contact us by email at delegado-datos@ctaima.com. This website is governed by the regulations exclusively applicable in Spain, binding both nationals and foreigners who use this website.

Access to our website by the USER is free of charge and is conditioned upon the prior reading and full, express, and unreserved acceptance of the present GENERAL TERMS OF USE in effect at the time of access, which we ask you to read carefully. The USER, when using our portal, its contents, or services, explicitly accepts and agrees to abide by the general terms of use. If the user does not agree with these terms of use, they should refrain from using and operating through this portal.

The provision of personal data and the purchase of products through our portal requires a minimum age of 18 years, or, where applicable, having sufficient legal capacity to contract.

We may modify the presentation and configuration of our website at any time, expand or reduce services, and even remove it from the internet, as well as the services and contents provided.

A. Intellectual and Industrial Property Rights
All contents, texts, images and source codes are property of CTAIMA or third parties from whom their exploitation rights have been acquired. They are protected by Intellectual and Industrial Property rights.

USERS are only entitled to a private non-profit use thereof, and express authorisation is required to modify, reproduce, exploit or distribute them and to exercise any right pertaining to their right holders.

CTAIMA is a registered trademark. Any reproduction, imitation, use or insertion thereof without our authorisation is prohibited.

The establishment of links to our portal does not confer any rights associated with it. Likewise, the simple fact of establishing a link to our website does not entitle you to be granted the status of associate or partner.

CTAIMA accepts no liability for claims associated with the intellectual rights to the articles and images posted by third parties on its website.

The total or partial imitation of our website is absolutely forbidden.

B. Conditions of access and use
Access to our website is free of charge and requires no prior subscription or registration. However, certain services such as purchasing products and/or services are restricted to certain users and require a registration process and/or identification through passwords. These services will be duly identified on the website.

Sending personal data entails the express acceptance by the USER of our privacy policy.

USERS must access our website in good faith and according to standards of public order and the current General Conditions of Use. Access to our Website is carried out under the User's own and exclusive responsibility, and USERS will be liable in all cases for any damage caused to us or any third party.

USERS are expressly prohibited from using and obtaining the services, products and content offered on this website through procedures other than those contemplated herein and, where appropriate, in the specific conditions governing the acquisition of certain products.

USERS are prohibited from any type of action on our portal that causes an excessive operational overload of our computer systems, as well as the introduction of viruses or installation of robots or software that alters the normal operation of our website, or that may ultimately cause damage to our computer systems.

Taking into account the impossibility of controlling the information, contents and services contained on other websites that may be accessed through the links that may be made available on our website, we hereby inform you that CTAIMA is exempt from any liability for damages of any kind that the USER may incur from the use of these websites, which are external to our company.

CTAIMA reserves the unilateral right, without prior notice, to terminate the membership of any USER who the organisation believes has violated the conditions governing the use of our website. The USER will not be entitled to any sort of claim for such action. Likewise, it reserves the right to take appropriate legal action against anyone who violates these general conditions of use. The USER accepts that any failure to initiate an action does not constitute a formal waiver thereof. In this regard, they shall remain in force until the end of the legal periods of prescription for the infringements.

C. Privacy policy
Confidentiality and security are paramount values of CTAIMA. Consequently, we are committed to guaranteeing the User's privacy at all times and not collecting unnecessary information.

The provision of personal data through our portal requires a minimum age of 14 years and the express acceptance of our Privacy Policy.

D. Liability
By making this website available to users, we aim to offer a quality service, using maximum due diligence in the provision thereof and the technological means used. However, we shall not be liable for the presence of viruses and other elements that may in any way damage the User's computer system.

CTAIMA makes no guarantee that the availability of the service will be continuous and uninterrupted due to circumstances caused by problems on the Internet, malfunctioning computer devices or other unforeseeable circumstances. Thus USERS agree to endure these circumstances within reasonable limits, and therefore, expressly waive the right to claim from CTAIMA any liability for possible malfunctions, errors and use of the service.

USERS assume all liability arising from the use of our website and are solely responsible for any direct or indirect effect on the website derived from it, including by way of illustration and without limitation, any adverse economic, technical and/or legal effects, as well as the failure to meet the expectations generated by our portal, and Users undertake to hold harmless CTAIMA for any claims arising directly or indirectly from such events.

CTAIMA makes no guarantee as to the accuracy, truth and validity of the contents of this website, regardless of whether they are own, from third parties, or linked to other websites, and is totally exonerated from any liability arising from the use thereof.

CTAIMA accepts no liability arising from any claim, including the payment of attorney's fees, for claims and demands originated by third parties due to the USER's non-compliance with our terms of use, access and privacy policy, or any other claim for non-compliance with current legislation.

USERS acknowledge that they have understood all the information regarding the terms of use of our portal and acknowledge that they are sufficient to rule out any error in the same, and thus they fully and expressly accept them.

USERS are fully aware that the mere navigation of this website and the use of its services implies the acceptance of the existing terms of use.

All aspects related to our website are governed exclusively by Spanish law. In the event of any discrepancy or difference between the parties concerning the interpretation and content of this website, all parties submit to the Courts and Tribunals of Tarragona, expressly waiving any other jurisdiction.

E. Validity of the general terms of access to the website
The present General Terms of Use have been modified on 26/05/2023. We can modify them at any time: please check the date of issue any time you access our website to ensure that no changes have been made that may affect you.

For any questions regarding the Terms of Use of our website, you may contact us as indicated in the above contact information, or contact Lant Abogados at info@lant-abogados.com or www.lant-abogados.com.

Confidentiality and security are paramount values of CTAIMA. Consequently, we are committed to guaranteeing the User's privacy at all times and not collecting unnecessary information.

Below, we provide you all the necessary information about our Privacy Policy concerning the personal data we collect, explaining:
- Who is the data controller?
- The purposes for which we collect the data we request from you.
- The legitimacy for their processing.
- How long we keep them.
- The recipients to whom your data will be communicated
- What your rights are.

1. Controller

The society of the CTAIMA Group with which the client has formalized the contract:

• CTAIMA OUTSOURCING Y CONSULTING S.L. (B43715812)
• CTAIMA PORTUGAL UNIPESSOAL LDA. (516447068)
• CTAIMA ITALIA
• CTAIMA COLOMBIA S.A.S. (9017171431)
• CTAIMA MÉXICO S. de R.L. de C.V. (CME2304271LA)
• CTAIMA CHILE S.P.A. (77.758.906-7)
· C/ Salvador Espriu, nº 18, 43007 Tarragona E-mail: ctaima@ctaima.com
· Data Protection Officer: Lant Abogados (Advisors, S.L.P.) - delegado-datos@ctaima.com

2. Purposes, legitimacy and storage of the processing of sent data through:
• SENDING OF E-MAILS.
Purpose: To provide the information you request, respond to your requests and answer your inquiries or doubts. If we receive your Curriculum Vitae, your personal and curriculum data may be added to our databases to participate in our present and future selection processes.
Legitimacy: The User's consent when requesting information via the e-mail address or sending us their data and CV to participate in our selection processes.
Storage: Until after your e-mail request has been answered, whenever it has not generated new processing. When receiving your CV, your data may be kept for a maximum of one year for future selection processes.

· CONTACT FORM.
Purpose: To provide a means for you to contact us and respond to your request for information and send you communications about our products and services, including by electronic means if you check the acceptance box.
Legitimacy: The User's consent when requesting information through our contact form and by checking the acceptance box for the sending of information.
Storage: Until after your request via our form has been resolved or answered by e-mail, whenever it has not generated new processing. If you have agreed to receive commercial mailings, until you request to unsubscribe from them.

• ESTIMATE REQUEST.
Purpose: To send you an estimate for our services by electronic means and communications about our products and services, including by electronic means, if you check the acceptance box.
Legitimacy: The User's consent when requesting an estimate and by checking the acceptance box for the sending of information.
Storage: Until the requested information has been sent, whenever it has not generated new processing, and if you have agreed to receive commercial mailings, until you request to unsubscribe from them.

• CREATE AN ACCOUNT.
Purpose: To register you as a user and allow you access to the services reserved for the registered users of our website and to inform you about our products and services, including by electronic means.
Legitimacy: The User's consent to register through our registration form and the legitimate interest of the controller to keep its users/customers informed about our products and services.
Storage: For as long as the User is registered as a user on the website. As long as you do not exercise your right to oppose to commercial mailings or exercise your right to cancel your personal data.

· PURCHASE FORM.
Purpose: To manage your purchase orders and inform you about our products and services, including electronic means.
Legitimacy: Execution of the Contract and the legitimate interest of the controller to inform our customers about our products and services.
Storage: For the duration of the existing contractual relationship, and at the end of this, during the legally required retention periods to cover potential responsibilities. As long as you do not exercise your right to oppose to commercial mailings or exercise your right to cancel your personal data.

• SUBSCRIPTION TO OUR NEWSLETTER.
Purpose: Sending of our commercial newsletter and informational and advertising communications about our products and services that may be of interest to you, including by electronic means.
Legitimacy: The User's consent to subscribe to our commercial mailings and/or newsletters.
Storage: Until the interested party revokes consent and requests the cancellation of the service.

• APPLICATION FORM AND INFORMATION DOWNLOAD.
Purpose: Managing and processing your request and sending informational and advertising communications about our products and services that may be of interest to you, including by electronic means.
Legitimacy: The User's consent when filling out the form.
Storage: Until the interested party revokes consent and requests the cancellation of the service.

• TRAINING REGISTRATION FORM (CTAIMA ACADEMY)
Purposes:
a. To register you for the training course and manage its completion.
b. To publish your user name as a student on the training platform and on the virtual campus to identify you to the rest of the students and tutors.
c. To send you commercial information about courses, products and services, including by electronic means.

Legitimacy: Execution of the Contract and legitimate interest of the controller to inform students about courses, products, and services.
Storage: For the duration of the existing contractual relationship, and at the end of this, during the legally required retention periods to cover potential responsibilities. As long as you do not exercise your right to oppose to commercial mailings or exercise your right to cancel your personal data.

· COMPLAINTS CHANNEL
Purpose: Receipt, processing, and management of received complaints.
Categories of data processed: Identification data (name and surname). Data provided by the complainant.
Legitimization: Compliance with a legal obligation.
Retention: Strictly necessary for the management of the complaint and legally established periods.

3. Recipients of your data / International Data Transfers
Your data is confidential and, except among Ctaima companies, it will not be disclosed to third parties unless there is a legal obligation or it is necessary for the provision of the contracted service and, if applicable, to the private and public entities necessary for the execution of training courses (CTAIMA Academy).
Your data may be processed by some of our service providers who will only access the data necessary to provide the service as per the processing order, and in no case will they process the data for their own purposes. Grupo CTAIMA complies with the European Data Protection Regulation UE 679/2016, as well as the ISO 27001 Information Security Management System and ISO 9001 Quality Management System standards.
International data transfers legitimized to fulfill the contractual obligations, for the specific purposes of document review and validation and provision of documentation to business coordination platforms, may be carried out with CTAIMA Colombia S.A.S., a subsidiary of Grupo CTAIMA, and in this case, the data will be processed according to the data processing contract and under the guarantee of the standard contractual clauses provided in this link.
Grupo CTAIMA, in any case, guarantees the application of all necessary technical and organizational measures to ensure the security of the personal data to which it may have access, as well as compliance with all obligations derived in its capacity as data processor.

4. Rights regarding your personal data
Anyone may withdraw their consent at any time when given for the processing of their data. In no case does the withdrawal of this consent condition the execution of the subscription contract or the relations previously generated. In addition, you may:

- Request access to your personal data or rectify when they are inaccurate.

- Request their erasure, when among other reasons, the data are no longer necessary for the purposes for which they were collected.

- Request restriction of their processing under certain circumstances.

- Request opposition to the processing of your data for reasons related to your particular situation.

- Request data portability in the cases set out in the regulations.

- Other rights recognised in the applicable regulations.

Where and how to exercise your Rights: By writing to the controller at its postal or e-mail address (stated in section A), indicating the reference "Personal Data", specifying the right you wish to exercise and the personal data in question.

Should you disagree with the company regarding the processing of your data, you can file a complaint with the Spanish Data Protection Authority (www.agpd.es).

5. Cookies
This website only uses the cookies necessary for the proper functioning of the site. Additionally, we use optional cookies to optimize your experience, statistical cookies for analysis, and marketing cookies to provide personalized information and advertising. Therefore, by accessing our website, in compliance with Article 22 of the Spanish Law on Information Society Services, we have requested your consent for their use and provided information about them. You can accept, reject, or configure them according to your preferences. For more information, see our Cookie Policy.

6. Security of your personal data
To safeguard the security of your personal data, we inform you that we have taken all the necessary technical and organisational measures to ensure the security of the personal data provided from alteration, loss, and unauthorised processing or access.

7. Updating your data
In order for us to keep your personal data updated, it is important that you inform us whenever there has been any change in them; otherwise, we are not responsible for their veracity.

We are not responsible for the privacy policy pertaining to the personal data you may provide to third parties through links available on our website.

The present Privacy Policy might be modified to adapt to changes that occur on our website, and legislative or legal developments regarding personal data. We therefore request that you read it whenever you provide your data to us through this website.

The present agreement empowers CTAIMA OUTSOURCING Y CONSULTING, S.L., hereinafter the Data Processor, to process on behalf of their CLIENTS, hereinafter the Data Controller, the personal data necessary to provide the software licensing services for the Contractor Safety Management (CAE.NET) and/or the provision of services related to legislative information and evidence of legal compliance (CTAIMALEGAL) and/or the provision of services for the validation of business coordination documents (EXTRÍNSECA), which imply the access, structuring, consultation, comparison, extraction and destruction of personal data, according to the requirements of the service provided.

Identification of the affected information:

For the execution of the provisions derived from the compliance with the subject matter of this commission, the Data Controller makes available to the Data Processor the information that is described below:

CAE.NET:

•Identification data, position, email and telephone number of application users.
•Identification data, position, email and telephone number of contractors.
•Identification, labor and occupational hazard prevention data (business coordination) for the contractor’s workers.

CTAIMALEGAL:

•Identification data of the client’s workers.

Term:

The term of the present agreement shall be the same as that of the licensing agreement from which it originates.

Obligations of the Data Processor:

a.To use the personal data being processed only for the purpose that constitutes the subject matter of the commission and the instructions of the Data Controller.

 
b.To keep a record of the processing activities carried out by the Data Controller, including the regulatory requirements for data protection that are currently in force.

c.Not to reveal the data to any third parties, unless they have the express authorization of the Data Controller, and in legally admissible cases. In the event that it must transfer personal data to a third country or to an international organization, by virtue of the applicable Law of the Union or the Member States, it must inform the Data Controller of this legal requirement beforehand, unless said Law prohibits this for important reasons of public interest.

d.Not to subcontract any of the provisions that form part of the subject matter of this agreement which involve the processing of personal data, except for those auxiliary services that are necessary for the normal functioning of the services of the Data Processor. If it is necessary to subcontract any of the processing, this circumstance must be communicated in writing at least 1 month in advance to the Data Controller. The subcontractor, who will also be considered the Data Processor, is likewise obligated to fulfill the obligations established in this document for the Data Processor and the instructions issued by the Data Controller.

 
e.To maintain the required secrecy of the personal data to which it has had access by virtue of the present commission, even after the reason for this contract no longer exists and to ensure that the persons authorized to process the personal data are committed to respect their confidentiality and to abide by the corresponding security measures, about which they must be properly informed.

 
f.To ensure that the personnel authorized to process the personal data are aware of their functions and obligations with regard to their processing, according to the requirements of the Regulation, or as appropriate, that they have completed the specific training in this matter.

g.If the Data Processor receives the request to exercise the rights to access, correct, suppress, oppose or other rights set out in the regulations, it must immediately notify the Data Controller and never any later than one working day following the receipt of the request, along with the pertinent information to revolve the request.

h.If the Data Processor has knowledge of any data security violation that might pose a risk to the rights and freedoms of individuals, it must promptly notify the Data Controller, and in any case, within 72 hours, along with the relevant information and documentation pertaining to the incident.

 
i.To make available to the Data Controller all the information necessary to demonstrate compliance with its obligations, including any audits, reviews and inspections that it performs.

j.The Data Processor must implement the necessary security measures according to the nature, scope, context and purposes of the processing that make it possible to ensure the confidentiality, integrity, availability and permanent resilience of the processing systems and services, as well as to verify, evaluate and assess, on a regular basis, the effectiveness of the technical and organizational measures implemented to ensure the security of the data processing.

 
k.Once the present agreement has terminated, the Data Processor, following instructions from the Data Controller, must suppress or return all the personal data that it has in its possession, regardless of the medium. The Data Processor may conserve the data, properly blocked, for as long as the responsibilities persist that might be derived from the performance of the service provision.

l.The Data Controller is released from any responsibility derived from any failure by the Data Processor to comply with the stipulations contained in the present agreement, with the latter being held personally responsible for any infractions that might have occurred before the Data Protection Agency.
m.The Data Processor declares under its own responsibility that it complies with all the demands set out in the European Data Protection Regulations 679/2016 and Organic Law 3/2018 on the Protection of Personal Data, and consequently, it offers full guarantees for the compliance of the present data processing commission.

The Data Processor declares under its own responsibility that it has implemented the measures of compliance that are imposed by the Data Protection Regulations (EU 2016/679), and specifically that it:

a.Complies with all its obligations and principles.
b.Keeps a record of the data processing activities.
c.Has implemented the necessary security measures according to the nature, scope, context and purposes of the processing, both in the computerized versions and on paper.
d.It undertakes to maintain its duty of secrecy, even after the relationship has ended.
e.It performs regular controls to check the measures that have been implemented.

The CLIENT is obligated to:

a.Deliver the necessary information described in the present agreement for the service provision to the Data Processor.
b.Perform any necessary preliminary consultations.
c.To ensure compliance by the Data Processor with current regulations pertaining to the personal data before and during the processing.
d.To oversee the processing, including the performance of inspections and audits.

What are cookies?

Cookies are small data files received by the terminal from the website you visit. They are used to record certain browsing interactions on a Website by storing data that can be updated and retrieved. These files are stored on the User's computer and contain anonymous data that is harmless to your computer. They are used to remember the user preferences, such as the selected language, access data or page personalisation.

Cookies can also record anonymous information about how a visitor uses a site. For example, they indicate the website from which you have accessed or if you have used an advertising banner to get there.

How do we use the different types of cookies?

According to their purpose:

Depending on the timeframe:

According to ownership:

The following chart shows the classification and description of the cookies used on this website so that you can identify them in your browser:

CTAIMA uses its own technical, customisation and analysis cookies, which process connection and/or device data for statistical purposes, but in no case do they capture browsing habits for advertising purposes.

Therefore, when accessing our website, in compliance with Article 22 of the Spanish Information Society Services Act, we have requested your consent for their use and provided information about them when dealing with the aforementioned cookies.

The provision of personal data through our portal and consent to the use of cookies requires a minimum age of 14 years and the express acceptance of our Privacy Policy.

In any case, we inform you that you can enable or disable cookies by following the instructions of your Internet browser:

Updated version as of December 1, 2025

The following General Terms and Conditions of Use apply to the services and software applications provided by CTAIMA Outsourcing & Consulting, S.L. and the other companies of the CTAIMA Group listed below.

Please read these terms carefully. By subscribing to and/or renewing our services, as well as by accessing any of our software solutions, the CLIENT acknowledges that they have read and unconditionally accepted the most recent version of these General Terms and Conditions of Use.

DEFINITIONS

SOFTWARE APPLICATION(S): CTAIMA online platforms (CTAIMA CAE, E-coordina, Twind) that facilitate (i) compliance with obligations related to the coordination of business activities (CAE) and contractor control, as well as the document management arising from such CAE coordination; (ii) the information and document management derived from the legislation applicable to the client company (CTAIMA LEGAL). These applications constitute the object of this Software as a Service agreement (hereinafter, SaaS).

CTAIMA or CTAIMA GROUP / LICENSOR: Group of companies comprising CTAIMA OUTSOURCING & CONSULTING, S.L., E-COORDINA GESTIÓN DOCUMENTAL, S.L., CTAIMA PORTUGAL UNIPESSOAL LDA., CTAIMA ITALIA, CTAIMA COLOMBIA S.A.S., E-COORDINA LATAM, S.A.S., CTAIMA MÉXICO S. de R.L. de C.V., and CTAIMA CHILE S.P.A., which owns all existing intellectual property rights over the SOFTWARE APPLICATIONS and the industrial property rights over the distinctive signs identifying them in the market, and which is responsible for providing the software service.

SERVICES: The services described in the Economic Offer / Order Form signed between CTAIMA and the CLIENT.

CLIENT / LICENSEE: The individual or legal entity authorized and benefiting from the software service provided by CTAIMA and enabled to use the SOFTWARE APPLICATIONS with an administrator profile, which assumes the obligations set forth in this agreement.

PARTIES: CTAIMA and the CLIENT, or either of them individually, a PARTY.

AUTHORIZED THIRD PARTY: Any individual or legal entity external to this contractual relationship who may access the SOFTWARE APPLICATIONS as a contractor/subcontractor of the CLIENT, solely for the purpose of sharing documentation with the CLIENT.

THIRD PARTY: Any individual or legal entity external to this contractual relationship who is not authorized to access the SOFTWARE APPLICATIONS.

ORDER FORM: (also referred to interchangeably as Purchase Order, Order Form, Economic Offer or Special Conditions) the physical or electronic document issued by the Client through which it requests the acquisition of products and/or services offered by CTAIMA. The Purchase Order must include, at a minimum, the identification of the Client, a detailed description of the requested products and/or services, quantities, prices, and any other terms agreed between the parties. Acceptance of the Purchase Order by the CLIENT constitutes the start of the contracting process.

PROGRAM: A sequence of instructions intended for interpretation, use, and execution by a computer system, necessary for the proper functioning of the SOFTWARE APPLICATION, whose license of use constitutes the object of this agreement.

HARDWARE: Electronic, mechanical, or magnetic devices necessary for the operation of the SOFTWARE APPLICATION and complementary thereto, which are not included in this agreement and must be acquired by the USER.

HOSTING COMPANY: The company that provides server space to CTAIMA.

For CAE and E-coordina: As of the date hereof, said server is hosted, managed, and controlled by MICROSOFT AZURE, VAT No. IE8256796U, with registered address at South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland. MICROSOFT AZURE is solely responsible for the proper functioning of the server, which is physically hosted on its premises.

For Twind: As of the date hereof, said server is hosted, managed, and controlled by AMAZON CS IRELAND LTD., VAT No. EU826009064, with registered address at Unit 27 – 6400 Cork Airport Business Park – Kinsale Road – Ireland. AMAZON CS IRELAND LTD. is solely responsible for the proper functioning of the server, which is physically hosted on its premises.

PAYMENT GATEWAY: For payment processing, we use the services of Stripe (Stripe Technology Company, Limited), a third-party service provider. When you make a payment, your financial information is collected and processed by Stripe, not by us. You agree to be subject to Stripe’s Terms of Service and Privacy Policy (https://stripe.com/en-es/privacy
) and acknowledge that Stripe may store certain information to process transactions. CTAIMA does not store complete payment card information on its servers.

CONFIDENTIAL INFORMATION: Information not accessible to the public and disclosed by one PARTY to the other marked as “confidential” or, if not marked as confidential, information that may reasonably be considered confidential, or information relating to a PARTY’s clients, products, commercial terms, contracts, prices, know-how, or trade secrets, except for information that is public and available and accessible to third parties and the market in general as of the date of execution of this document.

OBJECT OF THE AGREEMENT:

A non-exclusive, revocable, and non-sublicensable license to use the SOFTWARE APPLICATION, as existing from time to time, is granted by the LICENSOR solely for the benefit of the USER, subject to the limits, terms, and conditions set forth in this agreement. Any right other than the expressly authorized right of use described above shall be deemed excluded.

In consideration for the license granted by the LICENSOR, the USER undertakes to pay the monetary amount agreed in the specific terms (Order Form) and in accordance with the procedure set forth therein, which constitutes an essential requirement for obtaining the rights of use under the terms and conditions of this agreement. Payment of the license granted under this agreement does not constitute the purchase of the software application, nor of the corresponding titles or copyrights, nor the acquisition of any right other than the right of use strictly under the terms established in this agreement.

The SOFTWARE APPLICATION shall be used via the Internet. It shall be the responsibility of the USER to comply with the technical conditions of its computer systems that enable such Internet access. The technical conditions are specified in the section on technical requirements for use within the Software.

The USER undertakes to use the SOFTWARE APPLICATION in compliance with the law, this agreement, and generally accepted moral standards and good customs, as well as public order.

TERM AND DURATION OF THE PROVISION OF SERVICES. RENEWAL

This Agreement shall remain in force for the term set forth in the specific terms and conditions (Order Form).

Notwithstanding the foregoing, unless otherwise agreed in the specific terms and conditions, upon expiration of the agreed term, this Agreement shall be automatically renewed for successive annual periods, unless written notice of the intention not to renew is given at least two (2) months prior to the effective renewal date. This prior notice period shall not apply to users of the Core Plan, for whom such prior notice shall not be required.

Termination of any renewal periods of the Agreement by the Client shall not give rise to any penalty or termination fee.

The PROVIDER reserves the right to temporarily suspend or permanently terminate the service in the event of non-payment by the CLIENT, in accordance with the terms set forth in this Agreement.

In this regard, if, after renewal of the service, the Client fails to timely provide the purchase order necessary for the issuance of the corresponding invoice for the contracted services, access to the platform shall be blocked, following prior notice, until such situation is remedied.

Likewise, in the event that either party fails to comply with the obligations set forth in this Agreement, the other party may terminate it, provided that, in cases of non-payment or breach of confidentiality obligations, such termination is communicated in writing at least forty-five (45) days prior to the effective termination date, specifying the circumstances giving rise to the termination, without prejudice to any penalties that may apply pursuant to the preceding clause and to any claims for damages that may arise.

Upon termination of this Agreement for any reason whatsoever, the USER shall be entitled to obtain a copy of all its information and data stored in the SOFTWARE APPLICATION, in accordance with the LICENSOR’s standard format, at no additional cost to the USER. Notwithstanding the foregoing, the USER may request any other format for obtaining such copy or backup different from the LICENSOR’s standard format.

The CLIENT may request the non-renewal of the services and the consequent termination thereof by providing written notice to CTAIMA at least two (2) months prior to the end of the last agreed renewal period. If the CLIENT does not communicate its intention not to renew within this period, the service shall be automatically renewed for an additional period equal in duration to the initially contracted term.

If the CLIENT requests termination outside the stipulated notice period, the service shall be renewed for the indicated term, with no right to reimbursement of any non-accrued portion of the order amount, and with the obligation to pay all outstanding amounts until the end of the contracted period.

CTAIMA reserves the right to temporarily suspend or permanently terminate the service in the event of non-payment by the CLIENT, in accordance with the conditions set forth in this Agreement, as well as in the event that the corresponding purchase order is not submitted on the renewal date.

BILLING. ORDER. PAYMENT METHOD

Billing, submission of the purchase order, and the method of payment shall be carried out in accordance with what is agreed in the Economic Offer in force between the PARTIES.

The CLIENT undertakes to make payment on the date stated on the invoice and without delay. CTAIMA shall not accept payment terms exceeding thirty (30) days; therefore, any delay in payment beyond this period shall be deemed non-payment of invoices. The CLIENT acknowledges that such delay may result in the suspension of access to the SOFTWARE APPLICATIONS until the situation is remedied.

The PROVIDER shall invoice the total amount as a single advance payment, except for those items that have a different billing frequency, as indicated in the Economic Offer, which shall be invoiced according to their corresponding frequency on a month-in-arrears basis. The payment period shall be set forth in the Order Form and shall be calculated from the invoice date. The CLIENT undertakes to comply with these payment periods, being fully aware that the PROVIDER shall not accept payment terms exceeding those indicated above, and that any delay shall be deemed non-payment and may result in service interruption. In cases where it is necessary to visit the CLIENT to perform on-site activation, configuration, and/or training, the PROVIDER reserves the right to charge the CLIENT for the corresponding travel, accommodation, and subsistence expenses. The CLIENT shall make payment within the established deadlines by bank transfer to the account number indicated on the invoice.

REVIEW OF LISTED PRICES

The prices agreed upon by the parties shall be updated annually in accordance with the year-on-year variation of the Consumer Price Index (CPI) published by the National Institute of Statistics (INE) or its successor body. The update shall take effect from the anniversary of the contract date, using the most recently published CPI as a reference.

Upon expiration of the agreed Term, the PROVIDER may update the applicable rates in the event of renewal. Such new economic terms shall be communicated to the Client with sufficient notice. If the Client does not express in writing their intention not to renew at least two (2) months prior to the expiration date, the Agreement shall be automatically renewed for successive periods of equal duration, under the terms and conditions communicated, with both parties committing to execute the corresponding Annex reflecting such updated terms.

In the event that the parties do not reach an agreement on the new economic terms applicable to the service contracted under this Agreement, the PROVIDER may terminate the Agreement, upon prior written notice to the CLIENT, the latter expressly waiving any claim against the PROVIDER for any damages that such early termination may cause.

CLIENT OBLIGATIONS WHEN USING THE SERVICE

The CLIENT undertakes to use the SOFTWARE APPLICATIONS for lawful and legitimate purposes and to comply at all times with these General Terms and Conditions of Use. Furthermore, the CLIENT shall use the SOFTWARE APPLICATIONS in a manner that avoids overloads, damage, deterioration, or disabling of the service, or any action that prevents the normal use of the SOFTWARE APPLICATIONS.

The CLIENT also undertakes not to attempt to bypass access levels, improperly manipulate data, duplicate or export data or information protected by intellectual property or other legal rights, access restricted areas of CTAIMA’s or third-party IT systems, or introduce programs, viruses, or any other device that may cause modifications to CTAIMA’s or third-party IT systems.

The authorization to use the SOFTWARE APPLICATIONS included in the SaaS SERVICES provided by CTAIMA shall not extend to any other individual or legal entity with which the CLIENT maintains or may maintain a shareholder or commercial relationship.

The CLIENT may not assign or transfer to third parties any rights arising from this SaaS Agreement, nor allow third parties to use the SOFTWARE APPLICATIONS, whether by providing access credentials or by any other means.

The use of the SOFTWARE APPLICATIONS for purposes other than the CLIENT’s own legitimate needs, or for purposes other than those described within the SOFTWARE APPLICATIONS, is prohibited. The CLIENT may not rent, lend, sell, sublicense, or otherwise obtain economic benefit from the SOFTWARE APPLICATIONS, nor perform acts that would violate the duty to protect assets owned by CTAIMA.

The CLIENT undertakes not to reproduce, translate, modify, version, commercialize, duplicate, transform, or transmit, in whole or in part, in any form or by any means, the SOFTWARE APPLICATIONS, logical diagrams, source code, object code, and/or data models, without prior express written authorization from CTAIMA, even if any such actions are necessary for interoperability with third-party software or applications.

The CLIENT agrees to prevent access to the SOFTWARE APPLICATIONS at all times by individuals who are not employees of the CLIENT or an AUTHORIZED THIRD PARTY. CTAIMA reserves the right to suspend the service or terminate the Agreement if it is detected that the SOFTWARE APPLICATIONS are being used by unauthorized personnel in breach of these General Terms and Conditions of Use.

The CLIENT shall provide the necessary means to ensure that access credentials and passwords remain under their control and shall take all necessary precautions to prevent access by unauthorized personnel. Furthermore, the CLIENT shall immediately notify CTAIMA of any event that may lead to improper use of access credentials, such as theft, loss, or unauthorized access, in order to allow for their immediate cancellation.

The CLIENT undertakes not to provide access to or information related to the SOFTWARE APPLICATIONS to any third party, unless CTAIMA grants express written authorization to do so. In such cases, the CLIENT shall provide CTAIMA with the identification of the individual or legal entity and the reasons for requesting such authorization. Any third party authorized under these conditions agrees to fully comply with all the terms and obligations stipulated in these General Terms and Conditions of Use applicable to the CLIENT. The CLIENT shall remain responsible to CTAIMA for the compliance of such third party.

The CLIENT shall ensure that access credentials and passwords remain under their control and shall take all necessary precautions to prevent disclosure, copying, duplication, manipulation, reproduction, translation, transformation, or access by unauthorized third parties, or any other act that would violate the intellectual and industrial property rights of CTAIMA. The CLIENT must protect and securely manage both physically and electronically the access means provided for the SOFTWARE APPLICATIONS, including its content, logical procedures, and/or access mechanisms.

INTELLECTUAL AND INDUSTRIAL PROPERTY

The SOFTWARE APPLICATIONS and all their contents, as well as their technical documentation and user manuals, are the property of CTAIMA and are protected under intellectual property law. The CLIENT shall, therefore, treat the SOFTWARE APPLICATIONS in the same manner as any other third-party material protected by intellectual property rights and shall not copy the SOFTWARE APPLICATIONS.

This Agreement does not imply, either expressly or implicitly, the transfer of industrial or intellectual property rights of the SOFTWARE APPLICATIONS, the hardware, or any ancillary software programs.

Any reproduction, transmission, adaptation, translation, modification, public communication, or any other exploitation of all or part of the content of the SOFTWARE APPLICATIONS, in any form or by any means, whether electronic, mechanical, or otherwise, is strictly prohibited without prior written authorization from CTAIMA. Any infringement of these rights may result in civil or criminal legal or extrajudicial proceedings as applicable.

The CLIENT authorizes CTAIMA to use its trademarks, trade names, and other logos for the sole purpose of identifying the CLIENT as a customer of CTAIMA.

DATA PROTECTION
CTAIMA complies with the obligations of the General Data Protection Regulation 2016/679 (GDPR) and the Spanish Organic Law 3/2018 on Data Protection, as well as the data protection regulations of the countries in which it operates. Consequently, any personal data voluntarily provided will be treated with strict confidentiality and exclusively for the purpose of presenting our service proposal, following up on it, and sending commercial information about our products and services, including via electronic means. Your data will be retained until the acceptance or rejection of the proposal and/or request to unsubscribe from commercial communications. You may at any time exercise your rights of access, rectification, deletion, portability, restriction, objection, and other rights recognized under applicable regulations by contacting the data controller at CTAIMA, c/ Salvador Espriu 18, 43007 Tarragona, Spain, or at delegado-datos@ctaima.com

To the extent that the service involves access to data under the CLIENT’s responsibility, CTAIMA guarantees that it will only access such personal data strictly as necessary for the development or fulfillment of the purpose of the commercial agreement between the parties, and always under the instructions provided by the Data Controller, through the execution of a Data Processing Agreement in accordance with applicable data protection regulations.

It is the responsibility of the CLIENT, contractors, owner companies, AUTHORIZED THIRD PARTIES, and other users of the SOFTWARE APPLICATION to comply with obligations derived from personal data protection regulations regarding the processing of personal data generated through business coordination, contractor and supplier management, compliance with legal requirements, and data transfers via these SOFTWARE APPLICATIONS, CTAIMA being responsible only in its role as Data Processor.

The CLIENT, contractors, owner companies, AUTHORIZED THIRD PARTIES, and other users affiliated with the CLIENT company undertake to ensure the accuracy, validity, authenticity, and timeliness of the personal data provided, to keep it properly updated, and to delete personal data whose purpose has been fulfilled and that is stored in the SOFTWARE APPLICATIONS. They are also responsible for informing their employees about the processing of any data necessary for the SERVICES and about how to exercise their rights of access, rectification, deletion, objection, restriction, and portability. In all cases, they may contact CTAIMA at c/ Salvador Espriu 18, 43007 Tarragona, Spain, or at delegado-datos@ctaima.com
, to facilitate requests with the corresponding Data Controller.

You can access CTAIMA’s Data Processing Agreement here.

Personal data included in the contract and any other data exchanged between the PARTIES to enable the provision of the SERVICES shall be processed by the other PARTY solely for the purpose of facilitating, performing, and controlling the agreed SERVICES relationship, with the legal basis for processing being the fulfillment of the contractual relationship. Data shall be retained for the entire duration of the relationship and thereafter until any potential liabilities arising from it have expired. The parties may contact their respective points of contact or delegado-datos@ctaima.com
for any matters relating to the processing of personal data.

You can access our full Privacy Policy here.

USE OF ARTIFICIAL INTELLIGENCE
Artificial Intelligence or Artificial Intelligence System (hereinafter collectively referred to as “AI”) shall mean any system or software that generally emulates human decision-making processes based on data and algorithms, or generates content, in accordance with the definition set forth in the European Union Artificial Intelligence Regulation (AI Act).

The PROVIDER guarantees that all general-purpose models that may be used within the framework of this Agreement shall be designed, implemented, and maintained in accordance with the guidelines and requirements established in the applicable regulations. The use of any general-purpose model that does not comply with the conformity requirements of the AI Act is explicitly prohibited. The PROVIDER undertakes not to implement, nor allow the implementation of, such models under any circumstances within the scope of this Agreement.

CONFIDENTIALITY
Both the knowledge and experience inherent to the SOFTWARE APPLICATION and its development, as well as its structure, organization, coding, and related documentation, whether original or copied, and the access keys and passwords provided by the LICENSOR to the USER or to which the USER has access, constitute valuable trade secrets and shall be considered “Confidential Information,” except for information that is public and available and accessible to third parties and the market in general as of the date of execution of this Agreement. Therefore, the USER undertakes to safeguard such information and treat it as strictly confidential, adopting the necessary measures and in accordance with the following conditions:

Non-Disclosure: Confidential Information may not be disclosed to unauthorized third parties.

Authorized Personnel: Confidential Information shall be handled exclusively by specialized personnel of the USER and, where applicable, AUTHORIZED THIRD PARTIES, all of whom shall be bound by the confidentiality obligations assumed. Confidential Information shall not be used for any purpose other than the objective of this Agreement.

No Copies or Personal Use: No copies of any documents, whether in electronic or paper format, containing part or all of the Confidential Information shall be made. The USER shall not use the Confidential Information it has access to for its own benefit, either during or after the termination of this Agreement.

Return of Information: Upon termination of the contractual relationship, the USER shall return all Confidential Information (including copies) in its possession, certifying in writing to the LICENSOR that nothing has been retained.

Ownership: All Confidential Information shall remain the exclusive property of the LICENSOR, and its disclosure to the USER under this Agreement shall not grant any rights or license in favor of the USER.

Duration of Obligations: The obligations described above shall remain in effect throughout the term of the Agreement.

Breach and Remedies: Any breach of this clause by the USER’s personnel or any AUTHORIZED THIRD PARTY shall entitle the LICENSOR to immediately block the USER’s access to the SOFTWARE APPLICATION and shall constitute grounds for automatic termination of the Agreement, without prejudice to any claims for damages that may be exercised in favor of the LICENSOR.

Mutual Confidentiality: Both parties undertake to maintain as confidential all information, whether written, oral, or electronic, provided to each other in connection with this Agreement. Information shall not be considered confidential if it is public or legally required to be disclosed. The confidentiality obligations arising from this Agreement shall apply for the entire duration of its execution.

Return Upon Termination: Upon termination of the contractual relationship, the PARTIES shall mutually return all CONFIDENTIAL INFORMATION (including copies) in their possession, certifying in writing that nothing has been retained. Confidentiality obligations arising from these General Terms and Conditions of Use shall remain in force throughout the term of execution and shall continue to apply after the termination of the Agreement.

LIABILITY
CTAIMA shall not be liable for interruptions of the SOFTWARE APPLICATIONS caused by force majeure, server outages not attributable to CTAIMA, or circumstances beyond its control.

CTAIMA may temporarily suspend access for security measures, updates, or restructuring of IT resources in order to improve the service of the SOFTWARE APPLICATIONS. Such interruptions shall be duly justified, kept as brief as possible, and preferably carried out during nighttime hours.

The CLIENT acknowledges that CTAIMA shall not be liable to the CLIENT or any third party for any direct or indirect damages (including loss of profits) resulting from misuse of the SOFTWARE APPLICATIONS by the CLIENT’s employees or any AUTHORIZED THIRD PARTY, or from failure to comply with any applicable obligation or law, nor for any failure of the hosting service provider not attributable to CTAIMA that may result in any damage or loss of the CLIENT’s information.

The CLIENT acknowledges knowledge of the necessary hardware, equipment, and Internet connection requirements for the proper use of the SOFTWARE APPLICATIONS. Consequently, CTAIMA shall not be liable for any inadequacy or breaches committed by the CLIENT in connection with the use of the SOFTWARE APPLICATIONS.

The CLIENT shall be liable for any damages caused to the LICENSOR as a result of fraudulent use or breach of this Agreement by the CLIENT, its employees, or any authorized third party.

The CLIENT shall indemnify and hold CTAIMA harmless from any damages or losses arising from fraudulent use or breach of this Agreement by the CLIENT, its employees, or any authorized or unauthorized third party who accesses the SOFTWARE APPLICATIONS or any related information through the CLIENT, whether with administrative or viewer-level access.

The CLIENT shall be solely responsible for providing and paying for all costs necessary to ensure the compatibility of the SOFTWARE APPLICATIONS with its IT system and connection, including all required hardware, software, electronic components, and other physical elements needed to access and use the SOFTWARE APPLICATIONS, including, but not limited to, telecommunications services, Internet access and connection, links, browsers, or other programs, equipment, and services required to access and use the SOFTWARE APPLICATIONS.

In no event shall CTAIMA’s liability exceed an amount equal to one year of fees paid by the CLIENT to CTAIMA for the licensed use of the SOFTWARE APPLICATIONS.

In the case of CTAIMA LEGAL, if there have been changes in installations since the date of completion of the form or the diagnostic visit, the CLIENT must communicate such changes and have them reflected in the relevant documentation. Furthermore, the CLIENT acknowledges and undertakes to inform CTAIMA of any future modifications, expansions, or removals of installations, products, or activities, to ensure that the content of CTAIMA LEGAL remains consistent with the CLIENT’s actual situation and to identify new requirements if necessary. Likewise, the CLIENT must notify CTAIMA of any user termination to revoke access to the SOFTWARE APPLICATIONS.

NOTICES
For the purposes of notifications, the PARTIES designate as their addresses the registered offices indicated in the Economic Offer.

The PARTIES may modify the designated addresses provided that they notify the other PARTY in a reliable manner of the new address. Any change of the designated address shall not take effect until the notification has been received by the other PARTY.

Notifications sent to the designated addresses by notarial means, registered courier (burofax), telegram, or letter with a signed copy by the recipient as proof of receipt shall be deemed duly made and fully effective.

APPLICABLE LAW AND JURISDICTION
This Agreement shall be governed by the provisions herein and, with respect to matters not expressly provided for, as well as in the interpretation and resolution of any disputes that may arise between the PARTIES as a result of this Agreement, the applicable Spanish law shall apply.

For any issues or disagreements arising between the PARTIES regarding the performance, non-performance, validity, scope, or interpretation of this Agreement, the PARTIES expressly submit, waiving any other jurisdiction that may apply to them, to the courts and tribunals of Tarragona, Spain.