PRIVACY POLICY
Information in compliance with personal data protection regulations
In Europe and Spain there are data protection regulations designed to protect your personal information that are mandatory for our entity.
Therefore, it is very important for us that you fully understand what we are going to do with the personal data we ask you for.
This way, we will be transparent and give you control of your data, with simple language and clear options that will allow you to decide what we will do with your personal information.
Please, if after reading this information you have any questions, do not hesitate to ask us.
Thank you very much for your cooperation.
· Who are we?
o Our name: IBERICOMIO S.L.
o Our CIF / NIF: B01663442
o Our main activity: TRADE INTERMEDIATION
o Our address: CALLE PINTOR ISIDRO PARRA, 1 CP 13600, ALCAZAR DE SAN JUAN (Ciudad Real)
o Our contact telephone number: 686 164 954
o Our contact email address: locos@ibericomio.es
o Our website: ibericomio.es
o For your confidence and security, we inform you that we are an entity registered in the Mercantile Registry of Ciudad Real, Volume 674, Book 0, Folio 16, Section 8, Sheet; CR31230, Inscription 1
We are at your disposal, do not hesitate to contact us.
· What are we going to use your data for?
In general, your personal data will be used to be able to relate to you and be able to provide you with our services.
They may also be used for other activities, such as sending you advertising or promoting our activities.
· Why do we need to use your data?
Your personal data is necessary to be able to relate to you and to be able to provide you with our services. In this sense, we will put at your disposal a series of boxes that will allow you to decide in a clear and simple way about the use of your personal information.
· Who will know the information we are asking for?
In general, only the personnel of our entity that is duly authorized may have knowledge of the information we request.
Similarly, those entities that need to have access to it so that we can provide our services may have knowledge of your personal information. For example, our bank will know your data if the payment of our services is made by card or bank transfer.
Likewise, those public or private entities to which we are obliged to provide your personal data due to compliance with any law will be aware of your information. Giving an example, the Tax Law requires the Tax Agency to provide certain information on economic operations that exceed a certain amount.
In the event that, apart from the aforementioned assumptions, we need to disclose your personal information to other entities, we will previously request your permission through clear options that will allow you to decide in this regard.
· How will we protect your data?
We will protect your data with effective security measures based on the risks involved in the use of your information.
To this end, our entity has approved a Data Protection Policy and annual controls and audits are carried out to verify that your personal data is safe at all times.
· Will we send your data to other countries?
In the world there are countries that are safe for your data and others that are not so safe. For example, the European Union is a secure environment for your data. Our policy is not to send your personal information to any country that is not secure from the point of view of the protection of your data.
In the event that, in order to provide the service, it is essential to send your data to a country that is not as secure as Spain, we will always request your permission in advance and we will apply effective security measures that reduce the risks of sending your personal information to another country.
· How long will we keep your data?
We will retain your data for the duration of our relationship and for as long as we are required by law. Once the applicable legal deadlines have expired, we will proceed to dispose of them in a safe and environmentally friendly manner.
· What are your data protection rights?
You can contact us at any time to find out what information we have about you, rectify it if it is incorrect and delete it once our relationship has ended, if this is legally possible.
You also have the right to request the transfer of your information to another entity. This right is called "portability" and can be useful in certain situations.
To request any of these rights, you must make a written request to our address, along with a photocopy of your ID, in order to identify you.
In the offices of our entity we have specific forms to request these rights and we offer our help for their completion.
To learn more about your data protection rights, you can consult the website of the Spanish Agency for Data Protection (www.agpd.es).
· Can you withdraw your consent if you change your mind at a later time?
You can withdraw your consent if you change your mind about the use of your data at any time.
For example, if you were once interested in receiving advertising for our products or services, but no longer wish to receive advertising, you can let us know through the form of opposition to the treatment available in the offices of our entity.
· In case you understand that your rights have been neglected, where can you make a claim?
In case you understand that your rights have been neglected by our entity, you can file a claim with the Spanish Agency for Data Protection, through any of the following means:
o E-Office: www.agpd.es
o Postal address:
Spanish Data Protection Agency
C/ Jorge Juan, 6
28001-Madrid
o By telephone:
Tel. 901 100 099
Tel. 91 266 35 17
Filing a claim with the Spanish Data Protection Agency does not entail any cost and the assistance of a lawyer or solicitor is not necessary.
· Will we build profiles about you?
Our policy is not to create profiles about the users of our services.
However, there may be situations where, for service, commercial or other purposes, we need to profile information about you. An example could be the use of your purchase or service history to be able to offer you products or services adapted to your tastes or needs.
In such a case, we will implement effective security measures that protect your information at all times from unauthorized persons who intend to use it for their own benefit.
· Will we use your data for other purposes?
Our policy is not to use your data for purposes other than those we have explained. If, however, we need to use your data for different activities, we will always ask for your permission in advance through clear options that will allow you to decide about it.
OUR COMMITMENT TO THE PROTECTION OF PERSONAL DATA: "INFORMED PERSONS AND PROTECTED DATA"
The Management / Governing Body of IBERICOMIO S.L. (hereinafter, the data controller), assumes maximum responsibility and commitment to the establishment, implementation and maintenance of this Data Protection Policy, guaranteeing the continuous improvement of the data controller with the aim of achieving excellence in relation to compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (OJEU L 119/1, 04-05-2016), and Spanish regulations on the protection of personal data (Organic Law, sector-specific legislation and its implementing rules).
The Data Protection Policy of IBERICOMIO S.L . is based on the principle of proactive responsibility, according to which the data controller is responsible for compliance with the regulatory and jurisprudential framework that governs said Policy, and is able to demonstrate it to the competent control authorities.
In this sense, the data controller will be governed by the following principles that should serve all its staff as a guide and reference framework in the processing of personal data:
1. Data protection by design: the controller shall apply, both at the time of determining the means of processing and at the time of the processing itself, appropriate technical and organisational measures, such as pseudonymisation, designed to effectively implement data protection principles, such as data minimisation, and integrate the necessary guarantees in the treatment.
2. Data protection by default: the controller shall implement appropriate technical and organisational measures with a view to ensuring that, by default, only personal data that are necessary for each of the specific purposes of the processing are processed.
3. Data protection in the information life cycle: measures ensuring the protection of personal data shall apply throughout the entire information life cycle.
4. Lawfulness, fairness and transparency: personal data will be treated in a lawful, fair and transparent manner in relation to the interested party.
5. Purpose limitation: personal data will be collected for specified, explicit and legitimate purposes, and will not be further processed in a manner incompatible with those purposes.
6. Data minimization: personal data will be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
7. Accuracy: personal data will be accurate and, if necessary, updated; All reasonable steps shall be taken to ensure that personal data which are inaccurate with regard to the purposes for which they are processed are erased or rectified without delay.
8. Limitation of the conservation period: personal data will be kept in a way that allows the identification of the interested parties for no longer than necessary for the purposes of the processing of personal data.
9. Integrity and confidentiality: personal data shall be processed in such a way as to ensure adequate security of personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, by applying appropriate technical or organisational measures.
10. Information and training: one of the keys to guaranteeing the protection of personal data is the training and information provided to the personnel involved in the treatment thereof. During the information lifecycle, all personnel with access to the data will be properly trained and informed about their obligations in relation to compliance with data protection regulations.
The Data Protection Policy of IBERICOMIO S.L . is communicated to all the personnel of the person responsible for the treatment and made available to all interested parties.
Consequently, this Data Protection Policy involves all the personnel of the person responsible for the treatment, who must know and assume it, considering it as their own, each member being responsible for applying it and verifying the data protection rules applicable to their activity, as well as identifying and providing the opportunities for improvement they consider appropriate with the aim of achieving excellence in relation to compliance.
This Policy will be reviewed by the Management / Governing Body of IBERICOMIO S.L., as many times as deemed necessary, to adapt, at all times, to the current provisions on the protection of personal data.