LogoLogo
  • TRUST CENTER
    • Trust Center Syntphony
    • Security
      • Security Organizational Model
      • Security Governance Approach
      • Security Risk Management
      • People Security
      • Identity and Access Management
      • Secure Software Development
      • Acceptable User of Assets
      • Security Operations & Security Incident Management
      • Security in IT Operations
      • Physical Security
      • Suppliers Security Management
    • Conformity
    • Business Continuity
      • Business Continuity Approach
    • Support Model
      • Customer Support Policy
        • Support Plans
          • Support Case Severity
          • Support Limitations
          • Technical Account Manager
        • Value Added Services
          • Product Upgrade Plan
          • Case Escalation
          • Lifecycle Policy And Legacy Support
          • Proactive Business Monitoring
      • Service Level Agreements
        • Definitions
        • Customer Obligations
        • Service Credits
          • Maximum Financial Credit
        • Exclusions
      • Pricing
  • PRODUCTS
    • Automotive Tracking
      • Infrastructure
    • Compliance Management
      • Infrastructure
      • Conformity
      • Support Model
        • Customer Obligations
        • SLA Subscriptions
          • Services
          • Incident
          • Service Request & change Management
          • System availability
          • Limitations
          • Definitions
          • Overarching services
          • Sandbox workspace
        • Business Continuity
        • Security
    • Content Services
      • Privacy
        • Manages Privacy - SaaS
        • Manages Privacy - On Premise
      • Infrastructure
      • Conformity
    • Conversational AI
      • Privacy
      • Infrastructure
      • Conformity
    • Electronic Health Record (EHR)
      • Privacy
        • Manages Privacy - SaaS
        • Manages Privacy - On-Premise
      • Infrastructure
      • Conformity
    • Employee Intranet
      • Infrastructure
      • Conformity
    • Experience Distribution
      • Infrastructure
      • Conformity
    • Immersive Experiences
      • Privacy
      • Infrastructure
      • Conformity
    • Insurance Distribution
      • Privacy
      • Infrastructure
      • Conformity
    • Intelligent Automation
      • Privacy
      • Infrastructure
      • Conformity
    • Intelligent Document Processing
      • Privacy
      • Infrastructure
      • Conformity
    • Knowledge Search
      • Privacy
      • Infrastructure
      • Conformity
    • Learning Tech
      • Privacy
      • Infrastructure
      • Conformity
    • Loyalty
      • Privacy
      • Infraestructure
      • Conformity
    • Mobility Management
      • Privacy
      • Infrastructure
      • Conformity
    • Operation Transformation Strategy
      • Infrastructure
      • Conformity
    • Payments
      • Privacy
      • Infrastructure
      • Conformity
    • Perfect Store
      • Infrastructure
    • Pricing Management
      • Infrastructure
    • Process Management
      • Privacy
      • Infrastructure
      • Conformity
    • Sales
      • Privacy
      • Infrastructure
      • Conformity
    • Security and Identity Management Platform
      • Privacy
      • Infrastructure
      • Conformity
    • Security Privacy and Integrity Platform
      • Infrastructure
    • Short-term Power Trading
      • Privacy
      • Infrastructure
      • Conformity
    • Smart Multi-cloud Management
      • Privacy
      • Infrastructure
      • Conformity
    • Stations
      • Privacy
      • Infrastructure
      • Conformity
    • Virtual Care
      • Privacy
        • Manages Privacy - SaaS
        • Manages Privacy - On Premise
      • Infrastructure
      • Conformity
Powered by GitBook

About us

  • Syntphony website
  • NTT DATA Syntphony solutions

Syntphony © NTT DATA Spain, S.L.U 2025 - All rights reserved

On this page

Was this helpful?

Export as PDF
  1. PRODUCTS
  2. Content Services
  3. Privacy

Manages Privacy - On Premise

How SYNTPHONY CONTENT SERVICES manages privacy?

At NTT DATA, we help our clients fulfil current and future business needs by developing products and assets that work together to multiply business value. In doing so, we constantly track the global picture of privacy and align our technology to comply with data protection regulations, ensuring that our customers can operate with confidence and security in the personal data processing when they use our products.

  1. What does NTT DATA do to comply with privacy regulations?

The personal data protection is a NTT DATA priority. We ensure that SYNTPHONY CONTENT SERVICES complies with all requirements stipulated by data protection regulations.

We have therefore implemented security and privacy protocols to guarantee personal data protection in accordance with the highest standards established by European regulations. As a result, our customers can be sure that their personal data is protected while benefiting from an integrated and efficient technological solution that boosts their businesses.

  1. What types of data does SYNTPHONY CONTENT SERVICES process?

The personal data that are processed as a result of the commercialization of the product will depend on the specific functionalities and/or modules that the customer chooses to use. It is important to note that only categories of data explicitly authorized by the client in accordance with the specific instructions provided will be processed by us, and we will ensure that any personal data processing is carried out strictly in accordance with the client's purposes and instructions, thereby ensuring transparency and compliance at all times.

In this particular case, for the use of SYNTPHONY CONTENT SERVICES, we will process the following items specified below:

  • Categories of Personal Data:

    • Due to the nature of SYNTPHONY CONTENT SERVICES, any type of data may be processed, including:

      • Identification details

      • Personal characteristics

      • Social circumstances

      • Image/video data

      • Audio/voice data

      • Academic and professional data

      • Employment details

      • Commercial information

      • Economic, financial and insurance information

      • Goods and services transactions data

      • Special categories of personal data, etc.

  • Categories of Data Subjects:

    • Due to the nature of SYNTPHONY CONTENT SERVICES, any type of data subjects can be processed, including:

      • Controller´s Clients

      • Controller´s Employees

      • Controller´s Suppliers

      • Controller´s Users, etc.

  • Processing Operations:

    • Storage

    • Recording

    • Organization

    • Blocking and erasure

    • Extraction

    • Consultation

    • Interconnection

    • Disclosure by Transmission

  1. Which suppliers does SYNTPHONY CONTENT SERVICES use?

SYNTPHONY CONTENT SERVICES may rely on the collaboration of external suppliers to provide software or functionalities complementing the capabilities of the Product, as well as on the collaboration of other NTT DATA group companies for any additional services to be contracted, such as support and maintenance.

NTT DATA is diligent in choosing its suppliers or service providers and in evaluating the guarantees they can demonstrate regarding compliance with applicable data protection laws, with a view to the protection of data subjects.

Any provider acting under the authority of an NTT DATA entity and having access to personal data processes said data following NTT DATA entity’s instructions, or those of its data controller (e.g., its customers), securely and adopts the technical and organizational measures needed to guarantee compliance with applicable data protection laws.

NTT DATA processors and sub-processors are required to sign appropriate agreements that govern the processing and protection of personal data. These agreements include requirements to ensure that the same obligations are passed to any further processors who may process personal data.

In addition, NTT DATA has policies and supporting procedures to ensure that information assets are protected when NTT DATA engages third party service providers and/or processors. This includes requirements for data privacy, information security due diligence and information security risk assessments to be performed, in order to ensure:

a. Information security requirements are clearly articulated and documented in agreements in accordance with NTT DATA’s information security standards.

b. NTT DATA service providers and processors implement the same level of protection and control as NTT DATA;

c. Service providers and processors are required to report any suspected or actual information security incidents to NTT DATA in a timely manner.

  1. Do we transfer personal data outside the EEA?

In most cases, we will process personal data within the European Economic Area (EEA) or in a country that has an adequacy decision issued by the European Commission (Switzerland, Canada, etc.). However, we may use providers that process personal data from locations outside the EEA, including our NTT DATA Group companies.

In any case, we will take all measures to ensure that our suppliers provide adequate guarantees to protect the personal data processed on behalf of our clients, and we contractually require that such personal data are processed in compliance with applicable data protection laws. In particular, with those suppliers that involve an international data transfer, we do:

  • Risk Assessment: Before any international data transfer, we conduct a detailed risk assessment to identify and mitigate potential risks to the security and privacy of personal data.

  • Standard Contractual Clauses (SCCs): SCCs are incorporated into our contracts with our suppliers outside the EEA to ensure an adequate level of personal data protection.

  • Data Protection Agreement (DPA): Our DPA specifies our obligations and commitments, including security, confidentiality, limitations on international data transfers, cooperation with data subjects' rights, and notification of security incidents.

  1. Do we have a Data Protection Officer (DPO)?

To comply with the overarching accountability concept, NTT DATA has implemented procure and avail itself of tools to document and showing compliance with the privacy principles and well as with the applicable data protection laws requirement.

Each company of the NTT DATA dedicates adequate resources to comply with applicable data protection laws, considering different applicable legal requirements of the jurisdictions where NTT DATA operates.

To NTT DATA Group better compliance and to ensure an elevate level of protection of data subjects’ rights and freedoms, which is consistent and harmonised among the various jurisdictions, NTT DATA Group has adopted a hybrid DPO organization model. This model is halfway between a centralized single DPO for the whole group and separate DPOs, and also, Privacy Teams, for each entity in the various jurisdictions.

Therefore, each NTT DATA company has a Data Protection Officer (DPO) in compliance with the applicable laws and regulations, as well as a Local Data Protection Office. The DPO is responsible for the supervision of the data protection strategy and its implementation in order to ensure compliance with legal requirements, as well as acting as a point of contact for any privacy and data protection law related queries. The local Data Protection Office implements and executes the data protection strategy to ensure compliance.

  1. How do we protect personal data?

At NTT DATA we understand the relevance of protecting our clients' personal data. We have therefore implemented a holistic combination of technical and organisational measures designed to guarantee privacy at all phases of the personal data lifecycle, preventing any unauthorised or unlawful processing as well as against any accidental loss, destruction or damage of personal data. In addition, we conduct periodic review processes to assess the compliance and effectiveness of these measures, with the continuous objective of improving security and privacy.

In addition, NTT DATA SPAIN S.L.U. has various certifications that support our commitment to security and privacy, including:

  • ISO/IEC 27001:2022

  • the HIGH category in the “Esquema Nacional de Seguridad” (ENS)

  • ISO 9001:2015

  • ISO 14001:2015

  • ISO/IEC 20000-1:2018

  1. Updates and Modifications

We reserve the right to modify this document to reflect changes in privacy practices or legal updates.

  1. Additional information

PreviousManages Privacy - SaaSNextInfrastructure

Last updated 2 months ago

Was this helpful?

Please, refer to our Privacy Policies and our website for additional Information about SYNTPHONY CONTENT SERVICES.

Syntphony - Home