Likewise, it aims to comply with the General Regulation for the protection of personal data 2016/679 (hereinafter RGPD) and Organic Law 3/2018 on the protection of personal data and guarantee of digital rights (hereinafter, LOPDGDD).
IDENTIFICATION OF THE CONTROLLER / SERVICE PROVIDER OF THE INFORMATION SOCIETY
NAME / COMPANY NAME
Plaza Conde de Miranda 4 28005 Madrid, Spain
PROCESSING OF PERSONAL DATA
The personal identification and contact data that you have provided us, through our contact forms, email, etc., will be treated confidentially and only by personnel authorized by our entity.
All categories and types of personal data processed will be duly identified in the corresponding processing activities owned by our entity.
In general, the processing of personal data carried out by our entity has the purpose of maintaining the relationship with different groups of people, such as our clients, suppliers, our staff, job applicants, users of our website/blog or networks. social and interested parties in general who contact our entity through our web forms, email, telephone or in person.
Said treatment aims to comply with the maintenance of the existing relationship with each group of people. Depending on this relationship, the processing of your data obeys different purposes since it may be to respond to requests for information, complaints, claims and others that the interested parties proactively send us, also to comply with our contractual, commercial, legal obligations or for the attention to the exercise of rights.
If you are a client or supplier, your personal data will be processed for the sole purpose of maintaining the business, contractual or commercial relationship, whether for the provision of services, for accounting and billing management, or other purposes for which we are involved. obligated to fulfill said relationship.
We do not send advertising without the prior consent of the interested parties, except to our clients with a current relationship and always about services or products related to those already provided or acquired.
If you are a potential client or a requester of information, we will process your data exclusively to respond to your requests, including in our response commercial information related to your request.
If you are a job applicant, we will process your data to include you in our selection processes and job pool.
The purposes that motivate the processing of personal data will be duly identified in the corresponding processing activities owned by our entity.
The processing of your personal data by our entity is carried out with the following legitimizing bases:
- Compliance with the commercial or contractual relationship with you, if you are a client, supplier or part of our staff.
- Comply with our legal obligations.
In the event that the user is under 14 years of age, it will be necessary to have the consent of the parents, guardians or legal representative to process their data.
The user is solely responsible for the veracity of the data they send us.
The personal data provided will be kept for the time necessary to fulfill the purpose for which it is collected, for the time required by law and as long as it is necessary to resolve possible responsibilities arising from the processing mentioned in the purposes.
In the case of job applications, they will be kept for a maximum period of 1 year or until the interested party asks us to delete their data.
We do not create profiles using your personal data, but if we do so you will be informed and request prior permission to do so.
Likewise, you have the right to object to this type of processing at any time.
TRANSFER OF DATA
As a general rule, our entity does not transfer personal data to third parties, although there may be cases where this is necessary:
If you are a client or supplier, your personal data may be transferred to third parties due to legal obligation (eg Tax Agency), or in those cases and entities necessary to provide you with our services or pay invoices (eg banking entities).
Likewise, your personal data as a client or supplier may be processed by certain suppliers to whom we delegate some of our obligations (eg accounting advisors). All of them have committed, through a data processor contract, to comply with the same security measures implemented by our entity, as well as to submit to the duty of secrecy and confidentiality regarding the personal data processed, among other protection obligations. of personal data.
If you are a job applicant, your data may be transferred to other companies in our group, although we will request your authorization to do so.
If you are a requester of information or a user of our website, your data will not be transferred to third parties, unless we are legally obliged to do so.
In the event of transfers to other entities or other countries outside the EEA, we will inform you and request your prior and express consent.
Our entity has implemented all the necessary technical and organizational measures to protect the personal data processed, preventing its loss, theft or unauthorized use.
These measures have been created based on the type of data processed and the purposes that motivate said processing. These are periodically verified in our internal controls for compliance with personal data protection regulations and through external audits.
RIGHTS OF INTERESTED PARTIES
You have the right to know if our entity is processing your personal data; Therefore, you have the right to access your data, rectify it if it is inaccurate or request its deletion when the data is no longer necessary, whenever legally possible.
You can also exercise your right of opposition, limitation or portability if you deem it appropriate and to do so you can do so in writing by email to firstname.lastname@example.org ,attaching a copy of your ID to facilitate your identification.
If you wish to submit any suggestion, complaint or query about the treatment that our entity carries out on your personal data, you can contact our data protection consultants:
Interested party attention form
If the person who wishes to exercise their rights is under 14 years of age, they may do so through their parents, guardians or legal representative.
If you want to make a claim because you understand that your rights have been violated, you can do so before the Spanish Data Protection Agency, C/ Jorge Juan, 6, 28001 Madrid or at www.aepd.es.
COMMITMENT TO THE PROTECTION OF PERSONAL DATA
Area of application
Our commitment to the protection of personal data will be mandatory for all departments, employees of our entity and those who act on our behalf.
We have established action protocols for the processing of personal data, in accordance with the provisions of European and Spanish data protection regulations.
Legality, Loyalty, Transparency, Minimization of data, Accuracy, Limitation of the retention period, Integrity, Confidentiality and Active responsibility.
Special category of data
The processing of personal data that reveals ethnic or racial origin, political opinions, religious or philosophical convictions, trade union membership, the processing of genetic or biometric data, data relating to health or data relating to sexual orientation is prohibited. except in legally authorized exceptions and with the prior consent of the interested party.
Rights of interested parties
The interested parties will enjoy the right of access to their personal data, as well as to rectify them when they are inaccurate, delete them when they are no longer necessary or their processing is not desired, limit them to certain treatments, have the possibility of receiving their data easily and in formats. structured and in common use by the person responsible, as well as that your data is used for profiling and to oppose processing at any time.
Record of Activities, Impact Assessment and Security Measures
Our entity will carry out a record of the processing activities and analyze the purposes of the processing, categories of interested parties and data, recipients, international transfers, retention periods, etc., to evaluate the risks of the processing and implement security measures. necessary security to guarantee the confidentiality, integrity and availability of personal data.
Likewise, we have analyzed the need to prepare an Impact Assessment and appoint a Data Protection Officer, establishing, if necessary, that the person designated for this position has sufficient knowledge and experience in accordance with the provisions of current regulations.
Likewise, we have external consultants who monitor any publication made by the competent control bodies and other European and Spanish entities related to the Data Protection Regulations, in order to comply with these regulations at all times.
UPDATING THIS POLICY
Our entity reserves the right to modify this Policy without prior notice. That is why we recommend consulting it every time you visit our website.