Data Protection Policy

Your privacy is important to us.

We are committed to the protection of privacy and personal data of all of our clients and other contacts derived from the use of our web page or within the context of professional meetings, reception of applications and so on.

We hereby inform you as data subject on the collection and use by YEYEKO LAB, as controller, that your personal data is treated in accordance with applicable laws and, in particular, with the new EU General Data Protection Regulation (GDPR) 2016/679 from 27 April 2016 that entered into force on 25 May 2018.

Collection of your personal data

The collection of personal data by YEYEKO LAB is ruled by the principles of data minimization:  we only collect personal data that is relevant and limited to what is necessary in relation to the purposes for which they are processed.

Legal basis and purpose for processing your personal data

Processing of your personal data only takes place in conformity with applicable regulations and, in particular:

  • whenever it is necessary to perform or enter into a contract;
  • whenever you have given us your express and unambiguous consent (for marketing communications, for instance);
  • whenever it is necessary for us to comply with legal obligations (e.g., compliance with money laundering regulations, etc.);

Personal data is collected and processed for specific, explicit and legitimate purposes. Depending on the case, your personal data may be processed for the purpose of:

  • communicating with you within the context of matters we work on
  • receiving or subscribing communications, newsletters or invitations;
  • considering your curriculum vitae to be part of our team;
  • participating in surveys on our services to improve client or user experience.

Security of your personal data

To preserve the security of your personal data, only authorized members of the team can have access to it.  We undertake our best efforts and diligence to preserve the confidentiality and integrity of your personal data, prevent data security breaches, deliberated manipulations, alterations and loss of data and non-authorized accesses and have appropriate technical and organizational measures to ensure that personal data is processed and stored adequately.

Your rights

Subject to the limits under applicable regulations, you are entitled to exercise the following rights on your personal data:

  • Right of access and information (art. 15 GDPR): in particular, you have the right to request from us information on the purposes of the processing of your personal data, the specific categories of data concerned, the recipients of your personal data, the source of your personal data if they were not collected from you, the envisaged storage period and the existence of any automated decision-making.
  • Right to rectification (art. 16 GDPR): obtain the rectification of your personal data that are inaccurate as well as, in view of the purposes for processing, the right to have incomplete personal date completed.
  • Right to erasure (art. 17 GDPR): obtain the erasure of your personal data provided that the processing is not required to comply with legal obligations or necessary for the establishment, exercise or defense of legal claims or due for reasons of public interest.
  • Right to restriction of processing (art. 18 GDPR): obtain a restriction of processing of your personal data where (i) you have informed us on the inaccuracy of your personal data and for the period necessary to verify the accuracy of said data, (ii) the processing of your data is not in accordance with applicable regulations and you decide to request appropriate restrictions instead of erasure; or (iii) you have objected to a specific processing of your personal data pursuant to art. 21 GDPR but there are legitimate grounds for us to continue other processing and verification thereunder is pending.
  • Right to portability (art. 20 GDPR): within the limits established by applicable regulations, when processing is based on your consent or on a contract, this right allows you to receive the personal data you have made available to us in a structured, commonly used and machine-readable format and to transmit this data to another data controller without hindrance from us. When technically feasible, provided you so request, we shall transmit directly your personal data to another controller.
  • Right to withdraw your consent (art. 7.3 GDPR): where the processing of your personal data is based on your consent, you will be entitled to withdraw your consent at any time.
  • Right to lodge a complaint (art. 77 GDPR): if, despite our efforts to preserve the security and confidentiality of your personal data, you consider that your rights have been infringed, you are entitled to lodge a complaint with a supervisory or control authority, in particular, the authority of your habitual residence, place of work or place of the alleged infringement. In any event, a list of supervisory and control authorities should be made available by the European Commission in its website (

Exercise of your rights For exercising your rights as well as for any questions and clarifications that you might need on this Policy, you may contact us at