Additional, detailed information on how we use your personal data

Who is the Controller of your data?

Tax identification code (CIF): A28386597
Postal address: Avda. Balonmano Nava, 5, Nava de la Asunción, 40450, Segovia, Spain
Telephone: +34 921 580 014
Security officer or data protection officer, where applicable: Administration Department
Telephone: +34 921 580 014

What is our purpose for processing your personal data?

We process the personal data you provide to us for the following purposes:
To comply with the duty to inform and to obtain consent as required by the latest European regulation on personal data protection.

To manage our relationship with the client, produce quotations and commercial bids, and, in the event a prospect becomes a client, to carry on the contractual relationship based on providing consultancy services on different areas of legal compliance and legal advice, and performing the corresponding invoicing and charging for services. It is compulsory to provide data for this purpose since we would otherwise be prevented from performing the agreement.

Sending communications, opinion articles and news, and informative circulars produced by our departments and related to our activity, unless you declare your opposition using any means.

What data do we process?

Within the framework of providing the services we offer and depending on the purposes to which you have consented, our entity will process only the data that are strictly necessary to properly manage the contractual relationship and/or provide the services, and we will use only the data that you have provided to us.

How long will we process your data for?

The personal data that you give to us will be kept while the contractual/commercial relationship remains in force, or for five years following the last business interaction pursuant to tax legislation. However, our entity will continue to keep your information to possibly send you marketing communications that we consider may be of interest to you, unless the data subject requests that their data be erased. You may always exercise the rights granted to you by the legislation in force by contacting us using your preferred means of contact, as we will explain below.

Why is it legitimate for us to process your data?

The legal basis for processing your data is to perform the necessary service agreement to put the business transaction into effect, or it is legitimate as a result of your express consent as the data owner and data subject.

Who will be the recipients of your data?

We will not disclose your data to any third parties that are not related to providing the service, except as the result of a valid legal requirement. Should there be any changes in this respect, you will be duly informed and we will ask for your consent to such transfer. We further inform you that we will not perform international transfers.

However, you are notified that, to properly provide the services, it is possible that different service providers engaged by our entity (data processors) may have access to the necessary personal information for them to perform their duties.

These third-party services are necessary to carry on our activities and provide the service and, at all times, the data processing performed will be governed by an agreement that is binding on the data processor with regard to our entity. In no event will they use the information for other purposes and they will process it in accordance with the guidelines set out by our entity, in accordance with our privacy policy and the legislation in force on data protection.

As part of our commitment to the privacy and protection of user data, our entity will select only service providers that offer sufficient guarantees that they will apply appropriate technical and organisational measures, so that the processing will be pursuant to the applicable legislation on data protection and guarantee the protection of the user’s rights.

What are your rights when you give us your data?

Everyone has the right to obtain confirmation as to whether or not we are processing personal data that concern them. In this regard, you have the right to request:

  • Access: the data subject will have the right to obtain confirmation from the controller as to whether or not data that concern them are being processed, in addition to detailed information regarding certain aspects of the processing that is being performed.
  • Rectification: the data subject will have the right to rectification of inaccurate personal data that concern them and to the completion of any incomplete data.
  • Erasure: the data subject will have the right to request erasure of their personal data; in all events, the erasure will be subject to the limits established by regulation.
  • Restriction of processing: the data subject will have the right to request restriction on the processing of their personal data.
  • Objection to processing: under certain circumstances and for reasons related to their specific situation, interested parties may oppose processing of their data. The entity will stop processing the data, except for compelling legitimate reasons or the exercise or defence of legal claims.
  • Right to data portability: this means that the data subject will have the right to receive the personal data that concern them and that they have provided to a controller, in a structured, commonly used, machine-readable format and to transfer them to another controller.

You may exercise the aforementioned rights by contacting the controller. To this end, you can use the contact data provided at the start of this document. If you would like additional information regarding exercising your rights, you can also contact the Spanish Data Protection Agency.
We would also like to inform you that, if you consider it appropriate, you have the right to withdraw, at any time, the consent granted for any specific purpose, without this affecting the lawfulness of processing based on consent given prior to withdrawal.

In the event you should consider that your rights have not been properly addressed, you can file a complaint with the Spanish Data Protection Agency: C/ Jorge Juan, 6, 28001, Madrid.

Our security measures

MANUFACTURAS POLISAC SA has adopted the necessary technical and organisational measures in accordance with the risk level of its data processing and its impact on people’s rights, to guarantee the security of its personal data processing, in addition to the measures that are, or that may be, required, from time to time, by the applicable legislation. However, the user should be aware that, at present, Internet security measures are not failsafe and, consequently, the user is not protected from possible legal and wrongful interference for which MANUFACTURAS POLISAC SA would not be liable because it has acted, at all times, with due diligence to protect the data pursuant to law.