PRIVACY POLICY
1. INFORMATION TO THE USER
CORPORACIÓN DE ORGANIZACIONES Y REPRESENTACIONES, SA (CORSA), henceforth the CONTROLLER, is responsible for the processing of the personal data of the User and informs the same hereby that those data will be processed in accordance with the regulations in force on the protection of personal data, the Regulation (EU) 2016/679 of 27 April 2016 (GDPR) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, so that the following information about the processing is hereby facilitated:
Purpose of the processing: to maintain a commercial relationship with the User.
The operations for which processing is envisaged are::
- Remission of advertising communications, always provided that this has been authorised in advance, by email, fax, SMS, MMS, social network communities or any other means, digital or physical, present or future, which makes sending advertising communications possible. These communications shall be undertaken by the CONTROLLER and in relation to its own products and services, or those of its collaborators or providers with whom it has entered into some promotion agreement. In this case, third parties will never have access to the personal data.
- Carrying out statistical studies.
- Processing orders, requests or any other kind of request made by the user using any of the forms of contact placed at the disposal of the same.
- Remitting the website newsletter or in any other medium.
Criteria for data retention: The data will be retained while a mutual interest in maintaining the purpose of the processing is sustained, and when they are no longer necessary for that purpose, they will be deleted using appropriate security measures to ensure the pseudonymisation of the data or their total destruction.
Communication of the data: The data will not be communicated to third parties unless this is required by law.
Rights held by the User:
- Right to withdraw consent at any moment.
- Right of access, rectification, portability and deletion of their data, and of restriction or opposition to the processing.
- Right to lodge a complaint with the supervisory authority (agpd.es) should they consider that the processing is not permitted by the regulations in force.
Contact data for exercise of the rights:
Postal address: CORPORACIÓN DE ORGANIZACIONES Y REPRESENTACIONES, S.A. (CORSA). C/ Cerdeña, 397-399 ENTRESUELO 8ª 08025 BARCELONA
Email: info@corsa.es
Dirección electrónica: info@corsa.es
2. MANDATORY OR OPTIONAL NATURE OF THE INFORMATION FACILITATED BY THE USER
The Users, by marking the corresponding boxes and entering data into the fields marked with an asterisk (*) on the contact form or presented on downloaded forms, accept expressly, freely and unequivocally, that their data are necessary for the provider to address their request, the inclusion of data in the remaining fields being optional. The User guarantees that the personal data facilitated to the CONTROLLER are accurate and is responsible for communicating any modification to the same.
The CONTROLLER informs Users, and expressly guarantees, that their personal data shall not be transferred to third parties under any circumstances, and whenever any kind of transfer of personal data is to be carried out, the express, informed and unequivocal consent of the Users will be sought in advance. All the data requested via the website are mandatory, as they are necessary for providing the best possible service to the User. In the event that not all of the data are facilitated, it is not guaranteed that the information and services facilitated shall be the best possible match to their needs.
3. SECURITY MEASURES
Pursuant to the regulations in force on the protection of personal data, the CONTROLLER is complying with all the provisions of the GDPR for the processing of the personal data for which it is responsible, and manifestly with the principles set out in article 5 of the GDPR, by which they are processed lawfully, fairly and in a transparent manner in relation to the data subject, and they are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
The CONTROLLER guarantees that it has implemented appropriate technical and organisational measures to apply the measures of security established in the GDPR for the purpose of protecting the rights and freedoms of the Users and has communicated the information necessary for them to be able to exercise the same.