In accordance with the provisions of the General Data Protection Regulation GDPR EU 679/2016 and Organic Law 3/2018 of 5 December, on the Protection of Personal Data and Guarantee of Digital Rights, you are provided with the following information on the processing of your personal data:
Who is responsible for the processing of your personal data?
Data Controller: CARPINSER 2 S.L., NIF/CIF: B57738858, Address: MUELLE NUEVO S/N (RECINTO STP), CP: 07012, PALMA , Telephone 971725079, Email: firstname.lastname@example.org. DATA PROTECTION OFFICER: CONTACT: / http://www.protecmir.com / EMAIL: email@example.com.
What data do we process?
At CARPINSER 2 S.L. we process the personal data provided by you through the completion of the forms provided for this purpose on this website, the personal data derived from the provision or contracting of our services or products and/or the personal data derived from the commercial relationship that you maintain with us. In addition, we process personal data generated in the context of your activity on our website, which category includes your browsing data obtained through the website.
It is important for us to keep the record of your personal data up to date. You have an obligation to keep us informed of any changes or errors in your personal data as soon as possible by contacting us at the email: firstname.lastname@example.org.
For what purpose do we process your personal data?
Purpose: CARPINSER 2 S.L. may process your personal data for the following purposes:
- Management and maintenance of the services provided through the website.
- Management and attention to queries and requests for information made by users through the contact form. The e-mail address and personal data that you provide to us through the contact form on the website will be used exclusively to deal with the queries you may send us by this means.
- Compliance with applicable legal obligations.
- Sending commercial communications and newsletters, as well as advertising our services and products.
- Management of the contracting of our services and/or products.
- Management of requests for information or requests for quotations for our services or products.
- If you have consented to this and in order to be able to offer you services in accordance with your interests, your personal data may be used to create a commercial profile. No automated decisions will be made based on such a profile.
We keep your personal data in our systems and files for as long as necessary to carry out the purposes of the processing, and to comply with the provisions of applicable legislation. Your personal data will be kept for as long as there is a contractual and/or commercial relationship with you, or as long as you do not exercise your right to erasure and/or restriction of the processing of your data. The retention period of personal data will vary depending on the purposes of the processing and in general:
- The personal data that you provide us in the event of contracting our services or products will be kept for the duration of the contractual relationship and, once it has ended, for the limitation period of any legal actions that may arise from it.
- The personal data that you provide to us to manage requests for information or queries through the contact form will be kept as long as you do not request its deletion or cancellation.
- The personal data you provide to us in order to subscribe to our Newsletter or newsletters will be kept for as long as you do not request its deletion, opposition and/or limitation.
- The personal data obtained from your browsing and consumption habits, as well as the commercial profile obtained, will be kept as long as you do not request its deletion or cancellation.
Your personal data will be kept for as long as they are useful for the purposes indicated, and, in any case, for the legal periods and the time necessary to deal with possible liabilities arising from the processing.
We have appropriate technical and organisational security measures in place to protect your personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage, ensuring the integrity and confidentiality of your personal data. The technical and organisational security measures implemented make it possible to: guarantee the permanent confidentiality, integrity, availability and resilience of the processing systems and services; restore the availability of and access to personal data quickly in the event of a physical or technical incident; and to regularly verify, evaluate and assess the effectiveness of the technical and organisational measures implemented to ensure the security of the processing.
These technical and organisational security measures have been designed taking into account our IT infrastructure, the state of the art in accordance with current standards and practices, the cost of the application and the nature, scope, context and purposes of the processing, as well as the risks of varying likelihood and severity involved in the processing of your personal data.
What is the legal basis for the processing of your data?
Legitimation: The legitimacy to process your personal data is based on:
– The execution and maintenance of a contractual and commercial relationship with you, such as, for example, the contracting of products and services of the entity, management and request of quotes for the products and/or services of the entity, all in accordance with the provisions of article 6.1.B of the GDPR (EU) 679/2016 and Organic Law 3/2018, of 5 December (LOPDPGDD).
-Your express consent for one or more purposes, such as sending your own or third-party advertising communications or newsletters, managing CV mailings, participating in activities or competitions, all in accordance with the provisions of article 6.1.A of the GDPR (EU) 679/2016 and Organic Law 3/2018, of 5 December (LOPDPGDD).
– Compliance with various legal obligations, all in accordance with the provisions of article 6.1. C of the GDPR (EU) 679/2016 and Organic Law 3/2018, of 5 December (LOPDPGDD).
– The fulfilment of legitimate interests pursued by the controller or a third party, e.g. for security reasons, to improve our services and/or to manage your requests or queries.
During the data collection process, and in each place on the website where personal data is requested, the user will be informed, either by means of a hyperlink or by including the appropriate mentions in the form itself, of the mandatory or non-mandatory nature of the collection of their personal data.
The personal data requested in the forms on the website are, in general, mandatory (unless otherwise specified in the required field) in order to comply with the established purposes. Therefore, if the requested personal data is not provided, or is not provided correctly, it will not be possible to attend to them.
There is an obligation to provide your personal data in the event of contracting a service or product, and/or in those cases of requesting quotes or offers.
The sending of advertising communications, newsletters or newsletters about our products and services is based on the consent requested, and in no case does the withdrawal of this consent condition the contractual or commercial relationship that you have with us.
If you have given us permission to send advertising for our services and products, your personal data may be used to manage the sending of advertising offers and newsletters by electronic means. In these cases, the provisions of Articles 20 and 21 of Law 34/2002, of 11 July, on Information Society Services and Electronic Commerce apply, with respect to the use and processing of your personal data in order to manage the sending of advertising by electronic means.
If you have opted out of receiving advertising, or if you have subscribed to our newsletter or newsletter, you can cancel this option at any time.
To which recipients will your data be disclosed?
Recipients: In general, your personal data will not be communicated to any third party outside the entity, unless legally obligated. However, we inform you that third-party providers may have access to your personal data in their capacity as data processors, within the framework of the provision of a service for the data controller. We inform you that you can request a complete list of the recipients who may receive your personal data as data processors or as third-party recipients by transfer by email: email@example.com. In addition to the above, the entity may transfer or communicate personal data to meet its obligations to the Public Administrations in cases where required, in accordance with current legislation.
– International Data Transfers:
To carry out the data processing activities detailed above, we may transfer the data to countries outside the European Economic Area (EEA), and store such data in physical or digital databases managed by entities acting on our behalf. The management of databases and the processing of data are limited to the purposes of the processing, and are carried out in accordance with the laws and regulations in force on data protection. In the event that data is sent outside the EEA, the company will use appropriate contractual measures to ensure data protection, which may include, but are not limited to, contracts based on the standard data protection clauses adopted by the European Commission applicable to the submission of personal data outside the EEA.
What rights do [you] have regarding the processing of your personal data?
Rights: You have the right to obtain access to your personal data, as well as to request the rectification of inaccurate data or, where appropriate, request its deletion when, among other reasons, the data is no longer necessary for the purposes for which it was collected. In certain circumstances, you may request the restriction of the processing of your data, in which case we will only keep it for the exercise or defence of claims. Likewise, and for reasons related to your particular situation, you may oppose the processing of your data, in which case your personal information will no longer be processed for those purposes to which you have expressed your opposition. Where technically feasible, you may request the portability of your data to another controller. To exercise these rights, in accordance with current legislation, you can write to CARPINSER 2 S.L. at MUELLE NUEVO S/N ( RECINTO STP ) , CP: 07012, PALMA or to the email firstname.lastname@example.org. You have the right to file a Complaint with the Supervisory Authority: Spanish Data Protection Agency (www.agpd.es). Origin of Personal Data: the interested party.
You expressly accept the inclusion of the personal data collected while browsing the website and/or provided by filling in any form, as well as those derived from a possible commercial relationship, in the automated personal data files of the entity.
The entity guarantees the confidentiality of users’ personal data. However, the entity shall disclose to the competent public authorities the personal data and any other information that is in its possession or accessible through its systems and is required, in accordance with the legal and regulatory provisions applicable to the case. Personal data may be kept in the files owned by CARPINSER 2 S.L. even after the end of the commercial relations formalized through the entity’s website, exclusively for the purposes indicated above and, in any case, during the legally established periods, at the disposal of administrative or judicial authorities.
Use of social media.
When you interact with our website through various social networks, such as when you connect to or follow us or share our content on social networks (Facebook, Twitter, LinkedIn, Instagram or others), we may receive information from those social networks, including information about your profile, user ID associated with your social media account, and any other public information that you allow to be shared with third parties on the social network.
The entity uses social networks in order to inform about the services it offers, as well as any other activity or event that is carried out and wants to publicize, but at no time will it obtain personal data from the users who interact with them, unless there is express authorization.
This data is only used within the social network itself and is not incorporated into any processing system.