EXTENSION OF THE PRIVACY POLICY

In application of the new regulations in force regarding the protection of personal data, we inform that the personal data we collect from customers, users, suppliers and contacts, we do it through our business relationship that binds us and also from our website.

These data are included in databases or automated files specific to each case and are registered in our Register of Activities according to the type of users and the services we provide them or they provide us.

For what purpose do we collect your personal data?

The collection and automated or manual processing of personal data is for the purpose of maintaining the business relationship and the performance of information tasks, and other activities of the business relationship that unites us.

For what purpose do we process your personal data?

The personal data that are part of our database are processed in order to manage the information provided to us by the interested parties in order to provide the service for which they hire us or we hire and manage the requests sent by any means, including commercial, promotional, or advertising electronic communications.

We adopt the necessary measures to ensure the security, integrity and confidentiality of the data in accordance with the provisions of the Organic Law 3/2018 of December 5, 2018, on Data Protection and Guarantee of Digital Rights and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.

To which recipients will your data be communicated?

Your personal data will not be disclosed to third parties, unless required by law.

As data processors, we have contracted various service providers, who are committed to complying with the applicable regulations of the applicable data protection regulations at the time of contracting them.

How long will we keep your data?

The personal data provided will be kept for as long as the business relationship is maintained or you do not request its deletion or you do not consent is not revoked and for the period of time for which legal responsibilities may arise from the services provided.

The personal data that are part of our database and have a contractual relationship will be retained for a maximum of five (5) years from the of five (5) years from the last invoice issued.

In some cases you may revoke your consent at any time.

What is the legitimacy for the processing of your data?

In the contractual relationship in force or that binds us, the legal basis for the processing of your data is the one stated and obliged by the Organic Law3/2018, of December 5, 2018, on Data Protection and Guarantee of Digital Rights and in Regulation (EU) 2016/679 of the European Parliament and Council of 27 December 2016.

European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the protection of personal data and the free processing of personal data and on the free movement of personal data.

With regard to the free, specific, informed and unambiguous consent, inasmuch as we inform you by making available to you the privacy policy, that after reading it, if you do not agree, you can request access to your data according to our Register of Activities.

What are your rights when you provide us with your data?

Any person has the right to obtain confirmation as to whether and how his or her personal data are processed.

The persons concerned have the right to access their personal data, as well as to request the rectification of inaccurate data or, where appropriate, to request its where appropriate, request its deletion when, among other reasons, the data is no longer necessary for the purposes for which it was collected.

In certain circumstances, the interested parties may request the limitation of the processing of their data, in which case we will only keep them for the purpose of exercising or defending

We will only keep it for the exercise or defense of claims.

Also, in certain circumstances and for reasons related to their particular situation, data subjects may object to the processing of their data.

We also inform you that we may stop processing the data, except for compelling legitimate reasons, or for the exercise or defense of possible claims.

And we inform you that you may exercise your rights of access, rectification, deletion, opposition and limitation of treatment under the conditions and limits provided in the current legislation, by writing to us, or by email. In any case, you must provide a copy of your ID card, passport or equivalent document. If you consider it appropriate, you can file a complaint with the Spanish Data Protection Agency (agpd.es).

How did we obtain your data?

The personal data that we process comes from the requests of the interested parties themselves.

The categories of data processed, depending on the category of users and contacts, in general and not in particular may be:

  • Typified Data: personal characteristics, employment details, or commercial / economic / financial information.
  • Identifying data: Name and surname, address, NIF / DNI, telephone / e-mail, bank account, and image.

No specially protected data is processed.

Rights of the interested parties

  1. Right of access: The right to obtain from the data controller confirmation of whether or not personal data concerning him/her are being processed and, if so, the right of access concerning him/her and, if so, right of access to his/her personal data. As well as:
    1. The purposes of the processing;
    2. The categories of personal data concerned;
    3. The recipients or categories of recipients to whom the personal data were or will be disclosed, in particular recipients in third parties or international organizations;
    4. If possible, the expected period of retention of the personal data or, if not possible, the criteria used to determine this period;
    5. The existence of the right to request from the controller the rectification or erasure of personal data or the restriction of the processing of personal data relating to the data subject, or to request the rectification or erasure of personal data relating to the data subject, or the personal data relating to the data subject, or to object to such processing;
    6. The right to lodge a complaint with a supervisory authority;
    7. Where the personal data have not been obtained from the data subject, any available information about their origin;
    8. The existence of automated decisions, including profiling, the logic applied, as well as the significance and expected consequences of such processing.
  2. Right of rectification: the right to obtain from the controller the rectification of inaccurate personal data concerning him/her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of an additional statement.
  3. Right of erasure: the right to obtain from the controller the erasure of personal data concerning him/her, the controller shall be obliged to erase personal data without undue delay where any of the following circumstances apply:
    1. The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
    2. The data subject withdraws the consent on which the processing is based;
    3. The data subject objects to the processing;
    4. The personal data have been processed unlawfully;
    5. Personal data must be erased in order to comply with a legal obligation under Union or Member State law applicable to the controller; or Member States that applies to the controller;
    6. The personal data have been obtained in connection with the provision of information society services to minors.
    However, a number of exceptions are regulated in which this right does not apply. For example, when the right to freedom of expression and information must prevail.
  4. Right to object: The right to object at any time to the processing of personal data concerning him or her processing.

    The controller shall cease to process the personal data, unless it can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or for the formulation, exercise or defense of claims.

  5. Right to limitation of processing: the right to obtain from the data controller the limitation of data processing when any of the following conditions are met:
    1. The data subject contests the accuracy of the personal data, for a period of time that allows the controller to verify the accuracy of the data;
    2. The processing is unlawful and the data subject objects to the erasure of the personal data and requests instead the restriction of their use;
    3. The controller no longer needs the personal data for the purposes of the processing, but the data subject needs the personal data for the formulation, exercise or defense of claims; and
    4. The data subject has objected to the processing while we verify whether the legitimate grounds of the controller override those of the data subject.

COMMERCIAL COMMUNICATIONS

In application of the LSSI-CE, no advertising or promotional communications will be sent by e-mail or other equivalent means of electronic communication that have not been previously requested or expressly authorized by the recipients thereof.

In the case of users with whom there is a previous contractual relationship, if this contracting, authorizes the sending of commercial communications concerning products or services that are the same or similar to those that were initially contracted or of professional or commercial interest to the user professional or commercial interest with the user, contact, customer or supplier.

In any case, the user, after proving his identity, may request that no further information be sent to him through the corresponding channels for this purpose.

EN