PRIVACY POLICY

GP LIMITE ANDAMUR S.L.,  hereinafter, “the company”, may collect and process the data of the website users and other interested parties obtained through different means, such as:

  • Web forms.
  • E-mail.
  • Paper forms.
  • Postal mail.
  • Sources of public access (official journals and newsletters, media, etc.).
  • Contracts
  • Files supplied by a third party.
  • Other legitimate sources and means.

Processing of the data collected by means of these sources shall be carried out in conformity with the General Data Protection Regulation EU 2016/679, Organic Law 3/2018 on Personal Data Protection and any relevant rules currently in force.

In order to present the privacy policy of the company, the following headings are stated:

Who is your Data Processing Controller?

Identity:GP LIMITE ANDAMUR S.L.
TAX IDENTIFICATION NUMBER (NIF)/TAX IDENTIFICATION CODE (CIF):B30424162
Address:POL. IND. SAPRELORCA, CENTRO DE NEGOCIOS ANDAMUR, 30817 LORCA (MURCIA) SPAIN
Telephone:968102000
E-mail:info@andamur.com

For what purpose do we process your data?

Data collected from legitimate sources and data provided by the interested parties themselves are processed to manage, develop, perform and control commercial and contractual relationships between the data processing controller and the interested parties (potential customers, customers, suppliers, workers, etc.).

The above implies all activities in terms of internal administration, economic management, commercial management and any other procedure derived from the contractual relationship, the provision of goods and services, as well as the fulfilment of the corporate purpose and bylaws.

We also specifically process the data of interested parties for communication management and development (contact with users, request solving, commercial promotion, newsletter sending, management of business profiles in social media, etc.).

Taking the information provided into account, we will make a commercial profile in order to improve users’ experience and customise offers and communications that we believe are of their interest, with the possibility of taking individual and automated decisions based on such profile.

In addition to the above, other purposes we carry out are:

  • Video-surveillance of our facilities, with security purposes, access control, labour control and function monitoring.
  • Recording of phone calls for security and quality service reasons.
  • Geolocation by means of systems contracted to this end in order to control and optimise human and material resources.
  • Credit or financial risk analysis to analyse a specific requested service.
  • Processing of data related to the fulfilment of monetary obligations.
  • If the reason to contact the company and send information about yourself is part of a job search (sending CVs, etc.), the data provided shall be processed to assess your potential eligibility for job vacancies in the company. If the data provided are of interest to the company, a profile will be made with them, filing these for human resources management.
  • Data verification or update.
  • Marketing and customer loyalty activities such as promotions, competitions, etc.

What kind of data do we process?

In addition to the aforementioned means to obtain data, as well as the different processing purposes mentioned, we inform you that the types of data that we can process in our information system are:

  • Identification and contact data
  • Audiovisual data
  • Identification codes or keys
  • Postal addresses or e-mails
  • Personal and professional characteristic data
  • Economical, financial and insurance data
  • Social circumstances data
  • Other non-economic data inherent in the labour relationship
  • Other data implicit in the company’s activity, goods and services.

How long do we keep your data for?

Personal data will be kept during the time the aforementioned aims exist and/or for as long as we have a relationship with you, whether it is as a customer, supplier, employee or as any other kind of interested party; as long as you do not request your data be deleted, or as long as there is some legal requirement or provision demanding these be kept.

When the data is no longer needed for the purposes for which it was collected, it will be deleted, ensuring confidentiality. However, the minimum retention times will always be observed, whether for periods in which liabilities may arise for the company or the interested parties, or for periods set by the legislation in force establishing minimum retention times.

In the case of data provided for job searches, if it is of no interest to the company, it will be deleted immediately, ensuring confidentiality. If the data is of interest to the company, on the other hand, it will be kept, and duly protected and locked, only to be handled during periods when staff selection processes exist.

In the case of customers who have ceased their commercial relationship with the company, they may be kept in order to offer them conditions or services provided it is legitimate to do so.

Data obtained through video-surveillance systems will be kept for a thirty (30) day period since the data were obtained. Except in those cases provided by law enabling to keep files blocked until the relevant resolution is issued.

What is the legal basis to process your data?

The legal basis to process your data may be built on the execution of a commercial, business, labour or other kind of contract signed by the interested party.

Another legal basis to process your data is the informed consent in the case of other types of processing, such as: contact form on the website, registration to activities developed by the company, participation in the company’s social media profiles, and any other type of processing that necessarily involves the collection of their personal data, with a clear assertive action by the interested party being an essential requirement.

It may also be the case that there is a legal obligation and in order to comply with it specific data processing is required, as well as the need to process data to satisfy the legitimate interests of the data processing controller or of a third party.

Who will receive your data?

The data of the interested parties shall not be communicated to a third party by default, with a few exceptions: a) subsidiary companies, owned by the shareholders or belonging to the same  business group as the data processing controller; b) bank entities where payments are made by direct debit; c) companies with which the data processing controller contracts credit information services, risk reports and commercial reports, including services managing files related to the fulfilment or unfulfilment of monetary obligations; d) responsible for authorised handling and ancillary services implicit in the provision of the company’s goods and services; e) other legitimate interested parties and/or third parties who are legally provided for.

What rights do you have when you provide and/or we process your data?

As an interested party, you will be able to request, at all times, to exercise any of the following rights that you are entitled to in terms of data protection:

  • To access the interested party’s personal data to check whether data concerning his/her are being processed and to obtain more information about their processing.
  • To rectify or delete personal data concerning the interested party when these are inaccurate or are no longer necessary for the purposes they were collected for, among other reasons.
  • To limit the interested party’s personal data processing under certain circumstances, where they shall only be kept in order to file or appeal to claims, owing to the protection of other person’s rights or responding to reasons of public interest.
  • To receive the personal data of your concern, that you have previously provided us with, and in a structured format insofar as possible. (Portability of your data).
  • To oppose to the processing of your data under certain circumstances and owing to reasons regarding your particular situation. The company shall stop processing your data, except for compelling legitimate grounds, or to file or appeal to potential claims.

To this end, you only have to contact us sending an e-mail to info@andamur.com, or via postal mail to POL. IND. SAPRELORCA, CENTRO DE NEGOCIOS ANDAMUR, 30817 LORCA (MURCIA) SPAIN.

You also have the option to contact the Data d Agency (www.aepd.es) to get further information about your rights or to request their protection by the control authority.

Data security

The company adopts the necessary technical and organisational measures in its information system to ensure an adequate level of confidentiality, integrity and availability of the information we process.

However, we are not held accountable for any damage due to alterations that a third party may cause in our information system, insofar as permitted by the legal system. Any security breach shall be duly and immediately communicated to the national competent authority and/or law enforcement agents.

Sending communications or information

Our policy with regards to sending information via electronic means (e-mail, instant messaging, etc.) is limited to only sending communications we consider of interest to our users and interested parties, concerning the roles and activity of the company, or that you have agreed to receiving.

If you prefer not to receive these messages, we can offer you the possibility through the latter to exercise your right to cancel and refuse to receive these messages, in conformity with provisions set forth in Title III, article 22 of Act 34/2002 regarding Services for Information Society and Electronic Trade.

This privacy policy was last reviewed in Jun 2019; therefore there might be some variations until its next review.