REGULATORY FRAMEWORK OF REFERENCE
This Privacy Policy is developed and informed to users and visitors in accordance with the principles of legality and loyalty in the processing of personal data established in the European General Data Protection Regulation 2016/679 and Organic Law 3/2018. of Personal Data Protection and Guarantee of Digital Rights.
SCOPE OF APPLICATION OF THE PRIVACY POLICY
The scope and objective of this privacy policy is to explain and provide information about the data processing carried out through its website (data collected in forms, cookies or email), although in some cases we can explain how we carry out treatments. performed offline.
Who is responsible for data processing?
Identity: GRAFITOS BARCO, S.A A32006611
Address: Avda Conde de Fenosa 21, 1º, 32330 de Valdeorras
Telephone: 988 32 07 34
Email: grafitosbarco@grafitosbarco.com
For what purpose do we process your data?
The data you provide us through the contact form or email links are processed and incorporated into treatments with the purpose of answering the queries made or even contacting you by the means provided if you request it.
We process data through the communication channel in order to comply with the provisions of our regulatory compliance program.
We also process data via email, especially when we make commercial offers or proposals in order to carry out the requested service provision.
How long is your data kept?
In the case of data received through the contact form or email links, your data will be kept for at least 24 months.
The data received through the communication channel is kept in the channel for 3 months and if there is any type of investigation, it will be kept for the time necessary for its resolution.
Data exchanged during commercial operations through commercial offers and proposals will be kept for 5 years.
Once the indicated time periods have passed, they will be destroyed by means that guarantee that information cannot be recovered.
What is the legal basis that justifies data processing?
In the case of data collected through the contact form or email links, the legal basis of the treatment is the consent of the interested party, article 6.1 of the RGPD.
The communication channel is legitimized on article 6.1 c GDPR, compliance with legal obligations.
The processing of data exchanged in commercial offers and proposals is treated on the legal basis of the execution of a contract or pre-contract article 6.1 b) RGPD
To whom is your data communicated?
Third parties involved in data processing
Data processing may be carried out by third parties who participate in it at some point in the life cycle of the data.
– Advice and consulting
– Computer equipment maintenance services
– Email and hosting services
INTERNATIONAL DATA TRANSFERS
There are no international data transfers.
RIGHTS OF THE INTERESTED PARTY AGAINST THE RESPONSIBLE FOR THE TREATMENT
The data owner has the right to:
• Access your data
• Rectify your data
• Delete your data
In some cases and in accordance with what is established in each case, you may also
• Transfer your data to another Controller
• Object to all or part of the treatment
• Limit the use of your personal data
The interested party may at any time withdraw the consent he has given to carry out data processing.
If his rights are not satisfied, he can file a claim with the Spanish Data Protection Agency at C / Jorge Juan 6, 28001, Madrid.
LACK OF AUTOMATED DECISION PROCESSES
The data being processed are not subject to automated decision processes.
SECURITY MEASURES
The data controller has adapted appropriate organizational and technical security measures so that data processing is carried out with all security measures and guarantees for the interested party.
DATA PROTECTION POLICY UPDATE
The Data Controller reserves the right to update this privacy policy, informing interested parties of changes in it if necessary.