PRIVACY POLICY

 

1. WHO IS THE DATA CONTROLLER RESPONSIBLE FOR HOW YOUR DATA IS PROCESSED?

Business name: CLECE, S.A.
Tax code: A80364243
Postal address: Calle de Quintanavides, 19 Bloque 4 – Planta 1 y 2 (28050 –Madrid)
Telephone: 91 745 91 00
Data Protection Officer contact: rgpd-clece@clece.es

2. FOR WHAT PURPOSE AND UNDER WHAT AUTHORITY BASIS DO WE PROCESS YOUR PERSONAL DATA?

The data recorded through the web site shall be processed for the purpose of managing the application made through the web site, either by the contact form or by means of an electronic mail application. The legal basis for that processing is by specific consent, that shall be understood to be granted when the form is sent with your data, or you communicate with us by electronic mail.

The consent granted may be revoked by the User at any time, although in that case the query or question raised may not be processed.

3. WHAT CATEGORIES OF DATA DO WE PROCESS?

Attending to the different purposes and the processing from the Web Site and the contact channels specified in it, the following categories of personal data may be processed:

  • Identification and contact data: name and surnames, electronic mail, and telephone.
  • Employment data details: company where employed and corporate contact data.
  • Location data: geographic area.
  • Browsing data: IP, behaviour on the Web Site.
  • Other data provided directly by the user in the communications conducted through the channels provided for the purpose.

We strongly request Users not to provide any sensitive or third-party data through any of the channels enabled on this web site, such as the electronic mail enabled to exercise data protection rights or the “Comments” section of the contact form.

4. HOW LONG DO WE KEEP YOUR DATA FOR?

The terms to keep your data are determined according to compliance with the laws in force, applicable regulations, and statutory requisites and, in all cases, for the necessary time to attend to requests and/or queries by the Users.

5. WHO MAY WE COMMUNICATE YOUR DATA TO?

In general terms, your data shall not be communicated to third parties, except in cases arising from a legal obligation.

Providers who provide services (accommodation, platforms, software) may access their data to carry out the Processing Commission. As a rule, their servers must be located in the European Economic Area and, if not, we always ensure that such providers are located in countries with an adequate level of protection and offer guarantees of compliance with the European regulations on data protection matters and, in particular, the GDPR.

We also inform you that our company has presence in diverse social media or networks such as Facebook, Twitter, YouTube or LinkedIn. You will find the links to our corporate profiles on such social networks. Clicking on those links will refer you to environments outside our web.

We recommend you know the privacy policies of such social media or networks to avoid unwanted information sharing. You have privacy configurations and management in the social media accounts to manage your privacy preferences, identity, publicity, and other related aspects.

6. HOW IS YOUR PERSONAL DATA PROTECTED?

We undertake to maintain your personal data safe, adapting all the reasonable precautions to do so. We implement all the necessary organisational and technical measures according to the regulations in force to protect this against any unauthorised access, modification, disclosure, loss or destruction. We demand and contractually impose the same level of security on service providers.

7. HOW MAY YOU EXERCISE YOUR RIGHTS?

You may request confirmation whether your personal data is being processed and, if affirmative, access this. You may also request correction of inexact data or, if appropriate, request deletion when, among other reasons, the data is no longer necessary for the purposes for which it was gathered.

Under certain circumstances, it is possible to request limitation of your data, in which case we shall only keep it to exercise actions or defend claims.

Lastly, when appropriate, you may exercise the right to portability to obtain data in electronic format, or for it to be transmitted to another company.

To exercise these rights, you must send a written application to the Data Protection Officer at the electronic mail address provided in the heading of this policy.

In the event of exercise of the rights being performed through a means that is not previously registered in our data base (for example from an electronic mail address other than that initially provided) and if there is reasonable doubt concerning the identity of the holder, it shall be necessary to prove this through a legally valid mechanism.
In order to help us to process your application, we ask you to indicate “Exercise of Data Protection Web Rights for Users”.

Lastly, we inform you that if you consider an act may constitute a breach of the applicable regulations on data protection, you may address the Data Protection Officer by the means provided above, without prejudice to your right to file a complaint to the Spanish Data Protection Agency at the address C/ Jorge Juan, 6, 28001 – Madrid, or through its electronic seat, in the event of considering that the rights you are recognised by the regulations applicable to data protection have been breached.