Privacy Policy

In accordance with the provisions of current regulations on the protection of personal data, we provide you with the following information:

 

1. INFORMATION TO THE INTERESTED PARTY AND/OR USER

REMACHES TUDELA, SL makes this privacy policy available to you to inform you, in detail, about how the personal data that you, as an interested party and/or user, provide or have provided, are or will be treated, through any means (web page , email, telephone, in person, online or paper forms, etc.).

REMACHES TUDELA, SL has adopted all the necessary technical and organizational measures to guarantee the confidentiality, integrity, availability and resilience of the personal data in its custody.

Responsibility of the interested party and/or user

By providing your data, you, as the interested party and/or user (hereinafter the Interested Party ), guarantee that you are over 18 years of age and that the data provided to REMACHES TUDELA, SL are true, exact, complete and updated. For these purposes, the Interested Party confirms that it is responsible for the veracity of the data communicated and that it will keep said information conveniently updated, so that it responds to its real situation, being responsible for any false and inaccurate data that it may provide, as well as any damages. and damages, direct or indirect, that may arise from it.

 

2. RESPONSIBLE FOR THE TREATMENT

Identity: REMACHES TUDELA, SL

NIF: B71052435

Postal address: PO Box nº 31 – 31500 Tudela (Navarra). E-mail: info@remachestudela.com Telephone: 948827121

Email: info@remachestudela.com

 

3. PURPOSES, CONSERVATION PERIODS AND LEGITIMATION OF TREATMENTS

REMACHES TUDELA, SL, as Responsible for the Processing of the personal data of the Interested Party , as well as those that may be provided in the future, informs you that these data will be treated in accordance with the provisions of current regulations on the protection of personal data, by which provides you with the following information about each of the treatments carried out by REMACHES TUDELA, SL :

CONTACT/INQUIRIES

Purpose of processing : respond to and follow up on queries, requests for information, suggestions and complaints, as well as maintain contact with those people who have shown interest in the company, its products or services.

Data conservation criteria : they will be kept for the time necessary to process and respond to the query.

Legitimacy for data processing : RGPD: 6.1.f) the legal basis for data processing is based on the Legitimate Interest of the Data Controller to attend to and respond to the communications or requests received.

PROFORMA INVOICES / ESTIMATES

Purpose of the processing : the preparation and delivery of the proforma invoices and/or budgets requested by the Interested Parties, as well as being able to monitor them by telephone, electronically or in person.

Data conservation criteria : they will be kept as long as there is a mutual interest in doing so, or the interested party requests its deletion.

Legitimation for the processing of data : the processing is necessary for the application at the request of the Interested Party of pre-contractual measures (RGPD: 6.1.b), as well as the processing necessary to satisfy the Legitimate Interest of the Controller to prepare and monitor of the budgets requested by the interested parties (RGPD: 6.1.f).

CUSTOMERS

Purpose of processing : customer management, maintenance of contractual and/or commercial relationships with them, managing the contracting of products and/or services, as well as for administrative management (billing, collections, etc.), accounting and tax of the company and for compliance with the legal obligations that all this implies.

Also to be able to establish contact with people who provide services in a legal entity (company, organization, etc.), as well as with individual entrepreneurs and liberal professionals, to be able to establish or maintain business relationships (“business to business”, B2B). ) with them.

Data conservation criteria : they will be kept as long as the contractual and/or commercial relations between both parties are maintained and their deletion is not requested and, if so, for the time provided for by the regulations in force (fiscal, commercial, etc.). .) regarding the prescription of responsibilities.

Legitimacy for data processing : RGPD: 6.1.b) the legal basis for data processing is the execution and maintenance of contractual and/or commercial relations between both parties, as well as compliance with legal obligations (fiscal , commercial, etc.) that all this implies.

The processing of professional contact data for business relationships is legitimized by the Legitimate Interest of the Controller to be able to contact, establish and/or maintain business relationships with the legal entity in which the company provides its services. Interested, as well as with individual entrepreneurs and liberal professionals (RGPD: 6.1.f and LOPDGDD: 19).

USER REGISTRATION

 

Purpose of the treatment : user management and to manage and enable the use of the different services offered on the website and/or through the App of the Data Controller.

Data conservation criteria : they will be kept in the system indefinitely as long as the interested party does not request their deletion.

Legitimacy for data processing : RGPD: 6.1.a) the legal basis for data processing is the consent provided by the Interested Party at the time of providing their data.

 

 

SUPPLIERS

Purpose of the treatment : management of suppliers, maintenance of contractual and/or commercial relationships with them, as well as administrative management (billing, collections, etc.), accounting and tax management of the company and for compliance with the legal obligations that all this implies.

Also to be able to establish contact with people who provide services in a legal entity (company, organization, etc.), as well as with individual entrepreneurs and liberal professionals, to be able to establish or maintain business relationships (“business to business”, B2B). ) with them.

Data conservation criteria : they will be kept as long as the contractual and/or commercial relations between both parties are maintained and their deletion is not requested and, if so, for the time provided for by the regulations in force (fiscal, commercial, etc.). .) regarding the prescription of responsibilities.

Legitimacy for data processing : RGPD: 6.1.b) the legal basis for data processing is the execution and maintenance of contractual and/or commercial relations between both parties, as well as compliance with legal obligations (fiscal , commercial, etc.) that all this implies.

The processing of professional contact data for business relationships is legitimized by the Legitimate Interest of the Controller to be able to contact, establish and/or maintain business relationships with the legal entity in which the company provides its services. Interested, as well as with individual entrepreneurs and liberal professionals (RGPD: 6.1.f and LOPDGDD: 19).

BULLETIN/NEWSLETTER SUBSCRIPTION

Purpose of the processing : manage the sending of newsletters/information bulletins about the Data Controller, its products and services.

Data conservation criteria : they will be kept in the system indefinitely as long as the interested party does not request their deletion.

Legitimacy for data processing : RGPD: 6.1.a) the legal basis for data processing is the consent provided by the Interested Party at the time of subscribing to the bulletin/newsletter.

SENDING COMMERCIAL COMMUNICATIONS

Purpose of the processing : send commercial information by any means, postal or electronic, about products and/or services related to fastening systems (rivets, bolts, nuts, etc.) and other information from the Data Controller that may be of interest to the Data Subject. (events, activities, etc.).

Data conservation criteria : they will be kept in the system indefinitely as long as the Interested Party does not request its deletion and, if so, for as long as necessary with respect to the prescription of responsibilities.

Legitimacy for data processing : The sending of commercial information to clients is based on the legitimate interest of the Data Controller to send them commercial communications about products or services similar to those contracted and thus achieve their loyalty (Art. 6.1.f of the GDPR). The treatment may also be legitimized by the consent provided by the Interested Party (Art. 6.1.a of the RGPD).

However, in either case, the Interested Party has the right to oppose this processing and withdraw consent, and may do so by any of the means described in this document. The exercise of these rights will not affect in any case the maintenance of commercial relations and the data processing carried out prior to the exercise of these will not lose their legality.

Origin of the data : the personal data we process comes from . The categories of data processed are identification (name, surname, NIF, postal address, telephone, email) and professional (position, place of work, sector of activity).

VIDEO SURVEILLANCE

Purpose of processing : temporary storage of images captured by video surveillance cameras in order to preserve the security of people, property, facilities and merchandise.

Data conservation criteria : they will be kept for a maximum period of 30 DAYS, except when they have to be kept to prove the commission of acts that threaten the integrity of people, property or facilities, or are brought to the courts and the Forces. and State Security Bodies.

Legitimacy for data processing : RGPD: 6.1.e) processing is necessary to fulfill a mission carried out in the public interest, guaranteeing the security of people, goods and facilities.

Communication of data : the data will not be communicated to third parties, except to the Security Forces, Courts and Tribunals, or due to a legal obligation.

4. DATA COMMUNICATION

In general, personal data will not be communicated to third parties, except in cases where there is a legal obligation or it is necessary for the provision of services or for the maintenance and development of relationships, such as, but not limited to, non-limiting:

  • Public Administrations, Judges and Courts, for the fulfillment of legal obligations, as well as for the attention of possible responsibilities derived from the regulations
  • Financial/banking entities, for the management of collections and payments
  • Payment Service Providers, for the management of collections and payments (Mastercard, VISA, PayPal, ).
  • Transport companies, for the delivery and/or collection of
  • Service providers contracted by the Controller, who will have the status of Data Processor

 

Although this is not a transfer of data, to carry out any of the indicated treatments or to provide you with a service, it may be that third companies, which act as Data Processors (our suppliers), access your information to carry out the aforementioned treatment or service.

These processors access your data following our instructions and without being able to use it for a different purpose and maintaining the strictest confidentiality.

 

International transfers

REMACHES TUDELA, SL does not plan to make international transfers of your data to countries outside the European Economic Area (EEA). In those cases in which it is necessary, they will only be made to recipients who are located in a country, a territory or one or several specific sectors of that country or international organization that has been declared to have an adequate level of protection by the European Commission; or are under the “EU-US Data Privacy Framework” agreement; or that are covered by any of the appropriate guarantees provided for in article 46.2 of Regulation (EU) 2016/679

5. RIGHTS OF INTERESTED PARTIES

Any person has the right to obtain confirmation as to whether the Data Controller is processing personal data that concerns them or not, as well as to withdraw, at any time, the consent that may have been granted for a specific purpose, without affecting the legality. of treatment based on consent prior to its withdrawal.

The regulations on data protection allow you to exercise your rights of access, rectification, deletion and portability of data and opposition and limitation to its processing, as well as not to be subject to decisions based solely on the automated processing of your data, when applicable. These rights are characterized by the following:

  • Its exercise is free, except in the case of manifestly unfounded or excessive requests (e.g., repetitive nature), in which case the Data Controller may charge a fee proportional to the administrative costs incurred or refuse to act.
  • You can exercise your rights directly or through your legal representative or
  • We must respond to your request within one month, although, taking into account the complexity and number of requests, the deadline may be extended by another two months.
  • We have the obligation to inform you about the means to exercise these rights, which must be accessible and without being able to deny the exercise of the right for the sole reason of choosing another. If the request is submitted by electronic means, the information will be provided through that channel. whenever possible, unless you ask us to do otherwise.
  • If the Data Controller does not process the request, they will inform you, within one month at most, of the reasons for their failure to act and the possibility of filing a complaint with a Control Authority.

 

How to exercise these rights?

The Interested Parties may exercise their rights by sending a written communication to the postal or electronic address of the Data Controller, indicating in the reference “EXERCISE OF LOPD RIGHTS”, including: request in which the request is specified, address for notification purposes, date and signature.

If you request it, we will make the forms available to you to exercise these rights, indicating which right you wish to exercise.

Likewise, and especially if you consider that you have not obtained full satisfaction in the exercise of your rights, we inform you that you may file a claim with the National Control Authority by contacting the Spanish Data Protection Agency, C/ Jorge Juan, for these purposes. 6 – 28001 Madrid.

 

6. SOCIAL NETWORKS

REMACHES TUDELA, SL uses social networks and this is another way to reach you. The information collected through the messages and communications you post may contain personal information that is available online and accessible to the public. These social networks have their own privacy policies, which explain how they use and share your information, so we recommend that you consult them before using them to confirm that you agree with the way in which your information is collected. , treated and shared.

The processing of data carried out on people who become followers and/or carry out any link or connection action through the social networks of the official pages of the Data Controller will be governed by this privacy policy and by the privacy policies of the social networks themselves.

The Data Controller will process your data for the purposes of correctly managing your presence on the corresponding social network, sending personal and individual messages through the social network channels, informing you of activities, products and/or services of the Data Controller, or third parties that may be related to our activity, as well as any other processing that social media regulations may allow.

 

7. COOKIES

In general, if you browse the Internet you can accept or reject cookies from the configuration options of your browser.

This website may use cookies and other similar technologies such as local shared objects, flash cookies or pixels, which are small files that some platforms, such as web pages, can install on the user’s computer (computer, tablet, smartphone, etc.). ).

Its functions can be very varied: store browsing preferences, collect statistical information, allow certain technical functionalities, store information about the browsing habits of the user or their equipment, etc.

Cookies are useful for several reasons. From a technical point of view, they allow web pages to function more agilely and adapted to the user’s preferences, such as storing their language or the currency of their country, etc. In addition, they help the Website Data Controllers to improve their services and make the advertising displayed on them more efficient, thanks to the statistical or habit information they collect through them.

For the installation and use of certain cookies, it is necessary to obtain informed consent from users. The cookies that require the user’s consent are, among others, analytical, advertising and affiliation cookies, with the exception of those of a technical nature and those necessary for the operation of the website or the provision of services expressly requested by the user.

The user has the possibility of configuring their browser to be alerted when cookies are received and to prevent their installation on their computer. Please consult your browser’s instructions for more information. For more information about cookies, see our Cookies Policy .

 

8. MANDATORY OR OPTIONAL NATURE OF THE INFORMATION PROVIDED BY THE USER

The Interested Party, by marking the corresponding boxes and entering data in the fields, indicated as mandatory in the various forms, expressly and freely and unequivocally accept that their data is necessary to respond to their request by the Data Controller. , the inclusion of information in the remaining fields is voluntary.

If all the mandatory data is not provided, the corresponding processing cannot be carried out and therefore the requests, contracts, or requests made by the Interested Party cannot be attended to.

The Interested Party guarantees that the personal data provided is true and is responsible for communicating any modification thereof.

 

9. SECURITY MEASURES

REMACHES TUDELA, SL is committed to protecting your personal information: Using measures, controls and procedures of a physical, organizational and technological nature, reasonably reliable and effective, aimed at preserving the integrity and security of your data and guaranteeing your privacy.

Furthermore, all staff with access to personal data have been trained and are aware of their obligations in relation to the processing of their personal data.

In the case of the contracts we sign with suppliers, we include clauses in which they are required to maintain the duty of secrecy with respect to the personal data to which they have had access by virtue of the order made, as well as to implement technical security measures. and organizational measures necessary to guarantee the confidentiality, integrity, availability and permanent resilience of the personal data processing systems and services.

All these security measures are reviewed periodically to guarantee their adequacy and effectiveness.

However, absolute security cannot be guaranteed and there is no security system that is impenetrable, so, in the event that any information being processed and under our control is compromised as a result of a security breach, we will take appropriate measures to investigate the incident, notify the Control Authority and, where appropriate, those Interested Parties who may have been affected so that they can take appropriate measures.