GP LIMITE ANDAMUR S.L., hereinafter, “the company”, may collect and process the data of the website users and other interested parties obtained through different means, such as:
- Web forms.
- Paper forms.
- Postal mail.
- Sources of public access (official journals and newsletters, media, etc.).
- Files supplied by a third party.
- Other legitimate sources and/or means.
Processing of the data collected by means of these sources shall be carried out in conformity with the General Data Protection Regulation EU 2016/679 and any relevant rules currently in force.
Who is your Data Processing Controller?
|Identity:||GP LIMITE ANDAMUR S.L.|
|TAX IDENTIFICATION NUMBER (NIF)/TAX IDENTIFICATION CODE (CIF):||B30424162|
|Address:||POL. IND. SAPRELORCA, CENTRO DE NEGOCIOS ANDAMUR, 30817 LORCA (MURCIA) SPAIN|
For what purpose do we process your data?
Data collected from legitimate sources and data provided by the interested parties themselves are processed to manage, develop, perform and control commercial and contractual relationships between the data processing controller and the interested parties (potential customers, customers, suppliers, workers, etc.).
The above implies all activities in terms of internal administration, economic management, commercial management and any other procedure derived from the contractual relationship, the provision of goods and services, as well as the fulfilment of the corporate purpose and bylaws.
We also specifically process the data of interested parties for communication management and development (contact with users, request solving, commercial promotion, newsletter sending, management of business profiles in social media, etc.).
Taking the information provided into account, we will make a commercial profile in order to improve users’ experience and customise offers and communications that we believe are of their interest, with the possibility of taking individual and automated decisions based on such profile.
In addition to the above, other purposes we carry out are:
- Video-surveillance of our facilities, with security purposes, access control, labour control and function monitoring.
- Recording of phone calls for security and quality service reasons.
- Geolocation by means of systems contracted to this end in order to control and optimise human and material resources.
- Credit or financial risk analysis to analyse a specific requested service.
- Processing of data related to the fulfilment of monetary obligations.
- If the reason to contact the company and send information about yourself is part of a job search (sending CVs, etc.), the data provided shall be processed to assess your potential eligibility for job vacancies in the company. If the data provided are of interest to the company, a profile will be made with them, filing these for human resources management.
- Data verification or update.
What kind of data do we process?
In addition to the aforementioned means to obtain data, as well as the different processing purposes mentioned, we inform you that the types of data that we can process in our information system are:
- Identification and contact data
- Audiovisual data
- Identification codes or keys
- Postal addresses or e-mails
- Personal and professional characteristic data
- Economic and insurance data
- Social circumstances data
- Other non-economic data inherent in the labour relationship
- Other data
How long do we keep your data for?
Personal data will be kept during the time the aforementioned aims exist and/or for as long as we have a relationship with you, whether it is as a customer, or as any other kind of interested party; as long as you do not request your data be deleted, or as long as there is some legal requirement or provision demanding these be kept.
When the data are no longer necessary for the purposes they were collected for, they shall be deleted, ensuring their confidentiality.
In the case that data are provided as part of a job search, if the latter are of no interest to the company, they shall be immediately deleted, ensuring their confidentiality. However, if they are of interest to the company, they will be kept for a reasonable period of time which shall not exceed two (2) years.
In the case of customers who have ceased their commercial relationship with the company, they may be kept in order to offer them conditions or services provided it is legitimate to do so.
Data obtained through video-surveillance systems will be kept for a thirty (30) day period since the data were obtained. Except in those cases provided by law enabling to keep files blocked until the relevant resolution is issued.
What is the legal basis to process your data?
The legal basis to process your data may be built on the execution of a commercial, business, labour or other kind of contract signed by the interested party.
Another legal basis to process your data is the informed consent in the case of other types of processing, such as: contact form on the website, registration to activities developed by the company, participation in the company’s social media profiles, and any other type of processing that necessarily involves the collection of their personal data, with a clear assertive action by the interested party being an essential requirement.
It may also be the case that there is a legal obligation and in order to comply with it specific data processing is required, as well as the need to process data to satisfy the legitimate interests of the data processing controller or of a third party.
Who will receive your data?
The data of the interested parties shall not be communicated to a third party by default, with a few exceptions: a) subsidiary companies, owned by the shareholders or belonging to the same business group as the data processing controller; b) bank entities where payments are made by direct debit; c) companies with which the data processing controller contracts credit information services, risk reports and commercial reports, including services managing files related to the fulfilment or unfulfilment of monetary obligations; d) authorised processors; e) other legitimate interested parties and/or third parties who are legally provided for.
What rights do you have when you provide and/or we process your data?
As an interested party, you will be able to request, at all times, to exercise any of the following rights that you are entitled to in terms of data protection:
- To access the interested party’s personal data to check whether data concerning his/her are being processed and to obtain more information about their processing.
- To rectify or delete personal data concerning the interested party when these are inaccurate or are no longer necessary for the purposes they were collected for, among other reasons.
- To limit the interested party’s personal data processing under certain circumstances, where they shall only be kept in order to file or appeal to claims, owing to the protection of other person’s rights or responding to reasons of public interest.
- To receive the personal data of your concern, that you have previously provided us with, and in a structured format insofar as possible. (Portability of your data).
- To oppose to the processing of your data under certain circumstances and owing to reasons regarding your particular situation. The company shall stop processing your data, except for compelling legitimate grounds, or to file or appeal to potential claims.
To this end, you only have to contact us sending an e-mail to firstname.lastname@example.org, or via postal mail to POL. IND. SAPRELORCA, CENTRO DE NEGOCIOS ANDAMUR, 30817 LORCA (MURCIA) SPAIN.
You also have the option to contact the Data d Agency (www.agpd.es) to get further information about your rights or to request their protection by the control authority.
If you wish to contact our data protection delegate, you can do so in writing to email@example.com.
The company adopts the necessary technical and organisational measures in its information system to ensure an adequate level of confidentiality, integrity and availability of the information we process.
However, we are not held accountable for any damage due to alterations that a third party may cause in our information system, insofar as permitted by the legal system. Any security breach shall be duly and immediately communicated to the national competent authority and/or law enforcement agents.
Sending communications or information
Our policy with regards to sending information via electronic means (e-mail, instant messaging, etc.) is limited to only sending communications we consider of interest to our users and interested parties, concerning the roles and activity of the company, or that you have agreed to receiving.
If you prefer not to receive these messages, we can offer you the possibility through the latter to exercise your right to cancel and refuse to receive these messages, in conformity with provisions set forth in Title III, article 22 of Act 34/2002 regarding Services for Information Society and Electronic Trade.