shadow

Legal terms

Telefónica Cybersecurity Tech, S.L.U., in compliance with Law 34/2002 of 11th of July, about information society services and electronic commerce, informs that:

  • The name of the company is Telefónica Cybersecurity Tech, S.L.U. Its N.I.F. is B01636760. Registered in the Registro Mercantil de Madrid, volume 40.659, page 70, sheet M-721.535.
  • Its place of business is in St. Ronda de la Comunicación s/n, Distrito Telefónica, Edificio Oeste 3, 28050, Madrid (España).

All rights reserved.

  1. Intellectual property rights of the masapp.elevenpaths.com, website, its source code, design, navigation layout, databases and different items of content are owned by Telefónica Cybersecurity Tech, S.L.U. which has the exclusive rights to use these in any way it deems appropriate, and, in particular, rights of reproduction, distribution, public communication and transformation.
  2. These general terms and conditions govern access and use of the masapp.elevenpaths.com web site which Telefónica Cybersecurity Tech, S.L.U. places at the disposal of internet users. Access to the web site implies unreserved acceptance of the aforementioned general terms and conditions. The use of certain services offered on this web site shall also be governed by the specific conditions stipulated in each case, which shall be understood to have been accepted simply by use of such services.
  3. Viewing, printing and partially downloading any of the web site’s content is authorized solely and exclusively under the following conditions:
    • That this be compatible with the purposes of the masapp.elevenpaths.com web site.
    • That the information thus obtained is solely for personal and private use. Use of the web site’s content for commercial purposes or for distribution, public communication, conversion or decompilation is expressly prohibited.
    • That none of the web site’s content be altered in any way.
    • That no chart, icon or image available on the web site be used, copied or distributed separately from any accompanying text and images.
  4. Telefónica Cybersecurity Tech, S.L.U. reserves the right, at any time and without prior warning, to alter and update the information contained in the web site, the configuration and presentation of the site, and the access conditions.
  5. Telefónica Cybersecurity Tech, S.L.U. cannot guarantee that there will be no interruptions or errors in access to the web site or in its content, nor that the latter is up-to-date, although it will strive to prevent and remedy any such interruptions and errors and to update content, if necessary.
  6. Both access to this web site and the use made of the information contained therein is the exclusive responsibility of the user. Telefónica Cybersecurity Tech, S.L.U. shall not be responsible for any consequence, damage or injury that may result from access or use of the information. Telefónica Cybersecurity Tech, S.L.U. shall not be responsible for any possible security errors which may occur nor for any possible damage to the user’s computer system (hardware and software), or to the files or documents stored therein, caused by the presence of a virus in the computer used by the user to connect to the web site’s services and content, by the malfunctioning of the browser or by the use of out-of-date versions of the said browser.
  7. Telefónica Cybersecurity Tech, S.L.U. assumes no responsibility whatsoever in respect of connection to or the content of third party links contained on the web site, nor does it guarantee the absence of viruses or other elements in the said links which may cause alterations to the user’s computer system (hardware and software), documents or files, including responsibility for any damages of any kind caused to the user for this reason.
  8. Telefónica Cybersecurity Tech, S.L.U. owns the industrial property rights relating to its products and services, and specifically those relating to the Telefónica Cybersecurity Tech, S.L.U. registered trademark. With regard to third party products and services mentioned on the web site, Telefónica Cybersecurity Tech, S.L.U. acknowledges the claim of the owners to the corresponding industrial and intellectual property rights, their mere mention or inclusion in the web site according Telefónica Cybersecurity Tech, S.L.U. no rights or responsibility whatsoever in respect of the said products and services, nor implying any endorsement, sponsorship, or recommendation on the part of Telefónica Cybersecurity Tech, S.L.U.
  9. Unauthorized use of the information included on this web site, its sale to third parties, and any breach of Telefónica Cybersecurity Tech, S.L.U.‘s Intellectual or Industrial Property rights shall give rise to the legally established responsibilities.
  10. All third party links to this web site must be to the homepage.
  11. Telefónica Cybersecurity Tech, S.L.U. and the user, expressly waiving their right of recourse to any other jurisdiction, hereby submit to the jurisdiction of the Courts of the user’s place of residence for the resolution of any dispute that may arise in relation with access to this web site. If the user’s place of residence is outside of Spain, Telefónica Cybersecurity Tech, S.L.U. and the user, expressly waiving their right of recourse to any other jurisdiction, hereby submit to the jurisdiction of the Courts of Madrid (Spain).

NOTICE: You have accessed a system owned Telefónica Group. You need authorization before using it, you being strictly limited to the indicated use of the authorization. Unauthorized access to this system or misuse of it are prohibited and are contrary to the Corporate Security Policy and current legislation. If you disclose inside information Telefónica Group or its customers without prior authorization it may be incurring a violation of corporate legislation, which could even lead to the possible commission of a crime or misdemeanor.

Last updated: September 2020.

Our Principles:

Your privacy and data security are our priority. This has always been the case and it is part of our DNA. Therefore, we respect your privacy and your right to control your personal data. Below we will tell you about the principles we apply when we use your data and the principles that underpin our entire privacy policy.

Transparency:

We are 100% transparent with you when it comes to the data we gather about you and we always explain to you what information we are gathering about you and why. We will not use your data for strange, unexpected or abusive ways.

Control:

You are the only person who can control how your data is used. We are giving you the tools to decide at any moment how you want us to use your data, how your personal information is accessed and updated and until when.

Security:

We strive to guarantee your security, the privacy and confidentiality of your data, communications and personal information. We have adopted the strongest and most stringent security measures to avoid loss, alteration, misuse or unauthorised access.

1. Who is responsible for the handling of my data as a mASAPP user?

The company responsible for handling your data as a mASAPP user is:

  • Name: TELEFÓNICA CYBERSECURITY TECH, S.L.U.
  • N.I.F.: (tax number): B01636760
  • Address: c/ Ronda de la Comunicación s/n, Distrito Telefónica, Edificio Oeste 3, 28050, Madrid (España)
  • Email: privacy@elevenpaths.com

2. What data of yours do we handle?

The data belonging to you that will be handled when you use mASAPP will be those necessary to provide the service, namely:

  • Contact details that you provide when you sign up and the password you use.

3. How do we obtain you details and where do they come from?

Directly from you when you fill in the online form and use the mASAPP tool.

4. What is the data used for and why?

It is used so that you can enjoy mASAPP, an online service whose aim is to perform a security assessment of your mobile apps.

5. How long will we store your data for?

We will store your data for as long as is needed in order to provide you with our service.

6. Who can access your data?

As well as the people responsible, as stated above, the following people have access to your personal data:

  • Amazon Web Services, hosting provider in Ireland.

Access to your data given to this third party is always granted for appropriate reasons and only given during the time period that is strictly necessary.

7. What are your rights and how can you control your data?

In general, you can use your access rights, changing rights, suppression and opposition rights, limitation rights and portability at any moment for free, by sending an email, with a photocopy of your DNI or equivalent identification document stating what you wish to do to the following email: privacy@elevnepaths.com

Finally, you will have the right to file a claim with the national control authority, for this purpose you should contact the Spanish Data Protection Agency, whose contact information is as follows:

  • Agencia Española de Protección de Datos
  • C/ Jorge Juan, 6 – 28001 Madrid
  • Telephone: 901 100 099 or 91 266 35 17

8. ¿How do we protect your data?

TELEFÓNICA CYBERSECURITY TECH, S.L.U. guarantees the security, the privacy and confidentiality of your data, communications and personal information, undertaking the most stringent and robust security measures, and giving you the tools and functionalities that allow you to enjoy mASAPP.

Last updated: September 2020.

Telefónica Cybersecurity Tech, S.L.U. Cookies Policy

In compliance with Spanish law governing the use of cookies in relation to providing electronic communications services, set out in Royal Decree-law 13/2012 of 30 March, we hereby inform you about the cookies used on Telefónica Cybersecurity Tech, S.L.U. website masapp.elevenpaths.com (hereinafter, the website) and the reason for their use. Similarly, Telefónica Cybersecurity Tech, S.L.U. informs you that by browsing the website, you agree to our use of cookies.

What are cookies and what are they used for?

A cookie is a file that is downloaded to the computer, tablet, smartphone or any other device on accessing certain websites. Cookies allow a website to store and retrieve information about a user or device’s browsing habits and depending on the information it contains and how the device is used, they can be used to recognise a user. Under no circumstance can cookies damage your device. In fact, enabling cookies helps us to identify and resolve possible errors.

Identifying cookies

Below is a list of cookies arranged into a series of categories. However, bear in mind that a cookie could be included in more than one category.

Cookies according to the entity that manages them:

Depending on the entity that manages the server or domain from which the cookies are sent and which processes the data they contain, cookies can be classified into:

  • First-party cookies: These cookies are sent to the user’s device from a server or domain managed by the publisher and which provides the service requested by the user.
  • Third-party cookies: These cookies are sent to the user’s device from a server or domain that is not managed by the publisher but by another entity that processes the data collected through cookies.
  • If cookies are installed from a server or domain managed by the publisher but the information collected though them is managed by a third-party, they are not classed as first-party cookies.

Types of cookies according to how long they remain activated:

Depending on how long they remain activated on the device, cookies can be divided into:

  • Session cookies: These cookies are designed to gather and store data when the user accesses a website. They are usually used to store data that is only needed to provide the service requested by the user on one occasion (e.g. a list of products purchased).
  • Persistent cookies: These cookies are stored on the device and can be accessed and managed over the period of time defined by the entity in charge of the cookie, which can range from minutes to several years.

Cookies according to their purpose:

Depending on the purpose of the data collected through the cookie, cookies can be divided into:

  • Technical cookies: These cookies allow the user to browse a website, platform or application and use the options or services available, such as control traffic and data communications, identify the session, access areas with restricted access, remember the items included in an order, carry out the purchase process for an order, complete an event registration or participation form, use security components while browsing, store content to play videos or sounds or share content on social networks.
  • Personalisation cookies: These cookies allow users to access the service with some general features defined by default according to a series of criteria on the user’s device, such as language, browser used to access the service, regional settings from which the service is accessed, etc.
  • Analytics cookies: These cookies allow the entity in charge of them to track and analyse the behaviour of users of the websites to which they are linked. The information collected by these cookies is used to measure the activity of the websites, applications or platforms and to compile browsing profiles of the users of these websites, applications and platforms in order to make improvements based on analysing the data on how users use the service.
  • Advertising cookies: These cookies allow the advertising space that the publisher has included on the website, application or platform used to provide the service to be used as efficiently as possible based on criteria such as edited content or how frequently advertisements are shown.
  • Behavioural advertising cookies: These cookies allow the advertising space that the publisher has included on the website, application or platform used to provide the service to be used as efficiently as possible. These cookies store information about user behaviour collected by constantly monitoring their browsing habits, which allows a specific profile to be developed to display advertising accordingly.

The cookies used on our website are first-party and third-party. They allow us to store and access information related to the language, the browser used and other general features defined by the user and to track and analyse their activity in order to improve our services in a more efficient and personalised way. Telefónica Cybersecurity Tech, S.L.U. does not use advertising or behavioural advertising cookies.

Cookies offer many benefits when providing information society services, as they: (i) help users to browse the website and access the services available; (ii) save users from having to configure the general features defined by default whenever they access the website; (iii) aid improved functioning and services provided by the website, after the corresponding analysis of the information collected via the cookies installed.

Telefónica Cybersecurity Tech, S.L.U. does not collect or store your personal data (for example, name and address) and therefore, this data cannot be used to identify you.

However, you can configure your browser, allow or block cookies, or select those that can be installed and those that cannot by following the procedure for the browser used:

On its website, Telefónica Cybersecurity Tech, S.L.U. uses:

Own cookies:

Cookie Owner Duration Purpose Level
PATH6_SESSION masapp.elevenpaths.com Expires with the session (1h renewable if used) and a maximum life time of 30days) Contains the info of the mASAPP user session level 1
PATH6_PREFERENCES masapp.elevenpaths.com Expires with the session Contains the customisation that allows to remember the pagination preferences for the tables level 1
PATH6_FLASH masapp.elevenpaths.com Expires with the session Contains the parameters temporarily stored to have context for the next request level 1
PATH6_ERRORS masapp.elevenpaths.com Expires with the session Contains the parameters stored after an error to be able to supply information to the user level 1
PLAY_LANG masapp.elevenpaths.com Expires with the session Contains the language selected in the user interface level 1
rememberme masapp.elevenpaths.com 1 month Contains the flag to remember the user in the login page level 1
darwin-menu-state masapp.elevenpaths.com 1 month Contains the user preference of keeping the menu open or folded away level 1
PATH6_COOKIES masapp.elevenpaths.com 10 years Contains the flag to remember if cookies notices has been show to user level 1

Third Party cookies:

Cookie Owner Duration Purpose Level
PREF googleusercontent.com 2 years When creating a Google account or logging in, PREF cookie is stored on the computer in order to remain connected to your Google account when you visit its service again. While you are logged in and use plug-ins from other websites, such as ours, Google uses this cookie to improve your user experience. level 2
NID googleusercontent.com 6 months When creating a Google account or logging in, NID cookie is stored on the computer in order to remain connected to your Google account when you visit its service again. While you are logged in and use plug-ins from other websites, such as ours, Google uses this cookie to improve your user experience. level 2
HSID googleusercontent.com 2 years When creating a Google account or logging in, HSID cookie is stored on the computer in order to remain connected to your Google account when you visit its service again. While you are logged in and use plug-ins from other websites, such as ours, Google uses this cookie to improve your user experience. level 2
APISID googleusercontent.com 2 years When creating a Google account or logging in, HSID cookie is stored on the computer in order to remain connected to your Google account when you visit its service again. While you are logged in and use plug-ins from other websites, such as ours, Google uses this cookie to improve your user experience. level 2
SID googleusercontent.com 2 years When creating a Google account or logging in, HSID cookie is stored on the computer in order to remain connected to your Google account when you visit its service again. While you are logged in and use plug-ins from other websites, such as ours, Google uses this cookie to improve your user experience. level 2
optimizelySegments cloudflare.com 10 years Persists the visitor's Optimizely Classic segments: browser, campaign, mobile, source type, and any custom dimensions that you may have configured. This allows to ensure persistence of segment membership, which improves the accuracy of segmented results. level 2
optimizelyBuckets cloudflare.com 10 years Records the Optimizely Classic variation that the visitor has seen. This allows to deliver a consistent experience on successive page loads level 2
__cfduid cloudflare.com 1 years Used to speed up page load times. It does not contain any user identification information. level 2
_gid cloudflare.com 1 day Used to identify users level 2
_biz_pendingA cloudflare.com 1 year These cookies are placed in order to secure the website. level 2
_biz_uid cloudflare.com 1 year These cookies are placed in order to secure the website. level 2
_biz_flagsA cloudflare.com 1 year These cookies are placed in order to secure the website. level 2
googtrans cloudflare.com Expires with the session Allows website visitors to translate website content without leaving the page level 2
_ga cloudflare.com 2 years Cookie set by analytics.js; JavaScript library belonging to Google. The analytics.js library is part of Google Universal Analytics and uses this source cookie that contains an anonymous identifier to distinguish users. level 2
optimizelyEndUserId cloudflare.com 6 months Stores a visitor's unique Optimizely identifier. It's a combination of a timestamp and random number. No other information about you or your visitors is stored inside. level 2

Intrusion levels associated with the cookies we use

The aforementioned cookies incorporate an ‘intrusion level’ criteria based on a scale of 1 to 3, in which:

  • Level 1: Corresponds to internal use cookies that are essential for providing the service requested by the user.
  • Level 2: Corresponds to anonymous internal use cookies needed to maintain content and browsing, in addition to cookies managed by third-parties in the framework of the services expressly requested by the user on their websites (e.g. social plug-ins for Facebook or Twitter, incrusted videos and maps).
  • Level 3: Corresponds to cookies managed by third-parties in the framework of services not expressly requested by the user, allowing them to be tracked through websites not belonging to Telefónica Cybersecurity Tech, S.L.U. (e.g. graphic advertising management platforms). This level is specified along with the name of the owner. Using level 3 cookies is subject to the prior consent of the user who must expressly accept them.

Review

These lists will be updated as quickly as possible as the services offered on the website change and evolve. However, during the update the list might not include a cookie, but these cookies will always have the same purposes as those included in these lists.

Last updated: September 2020.

Download the Terms and Conditions of Use

Download

Last updated: September 2020.

2020 © Telefónica Cybersecurity Tech, S.L.U. All rigths reserved. Legal terms