Privacy Policy
Introduction
This Privacy Policy has been developed taking into account the provided by Organic Law 3/2018, of December 5, on Data Protection Personal and Guarantee of Digital Rights (LOPD-GDD), as well as by the Regulation 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to processing of personal data and the circulation of these data, hereinafter the GDPR.
This Privacy Policy is intended to inform the holders of the personal data, with respect to which it is being collected information, the specific aspects related to the treatment of your data, among other things, the purposes of the treatments, the contact details for exercise the rights that assist you, the terms of conservation of the information and security measures among other things.
Data Controller
In terms of data protection, HIERROS Y METALES TIRSO S.A., must be considered Responsible for the Treatment, in relation to the files/treatments identified in this policy, specifically in the Data processing section.
Below are the identification data of the owner of this website:
Data Controller:HIERROS Y METALES TIRSO S.A.
Postal address: POLIGONO INDUSTRIAL LA YESERA 52 39612 PARBAYON CANTABRIA Email address: hierros@tirso.org
Data processing
The personal data requested, where appropriate, will consist of only in those strictly essential to identify and attend to the request made by the owner of these, hereinafter the interested party. By On the other hand, personal data will be collected for certain purposes explicit and legitimate, not being subsequently treated in a manner with incompatible with those purposes.
The data collected from each interested party will be adequate, pertinent and not excessive in relation to the corresponding purposes for each case, and they will be updated whenever necessary.
The owner of the data will be informed, prior to the collection of their data, of the general extremes in this policy so that he can provide the express, precise and unequivocal consent for the processing of your data, according to the following aspects.
Purposes of the treatment
The explicit purposes for which each of the treatments are collected in the informative clauses incorporated in each one of the ways of collecting data (web forms, paper forms, locutions or posters and informative notes).
However, the personal data of the interested party will be treated with the sole purpose of providing them with an effective response and attending to the requests made by the user, specified next to the option, service, form or data collection system that the holder uses.
Legitimation
As a general rule, prior to the processing of personal data, HIERROS Y METALS TIRSO S.A. obtains the express and unequivocal consent of the owner of these, through the incorporation of informed consent clauses in the different information collection systems.
However, in the event that the consent of the interested party is not required, the legitimizing basis of the treatment in which HIERROS Y METALES TIRSO S.A. is protected is the existence of a specific law or regulation that authorizes or requires the treatment of the data of the interested party.
Recipients
As a general rule, HIERROS Y METALES TIRSO S.A. does not transfer or communication of data to third parties, except those required by law, however, if necessary, said transfers or communications of data is reported to the interested party through consent clauses informed contained in the different ways of collecting personal data.
Provenance
As a general rule, personal data is always collected directly from the interested, however, in certain exceptions, the data may be collected through third parties, entities or services other than the interested. In this sense, this end will be transferred to the interested party through of the informed consent clauses contained in the different channels collection of information and within a reasonable time, once obtained the data, and at the latest within a month.
Retention periods
The information collected from the interested party will be kept as long as it is necessary. to fulfill the purpose for which the data was collected personal, so that, once the purpose has been fulfilled, the data will be cancelled. Said cancellation will give rise to the blocking of the data, conserving only available to the Public Administrations, Judges and Courts, to address the possible responsibilities arising from the treatment, during the period of prescription of these, fulfilled the mentioned term will proceed to the destruction of the information.
For information purposes, the legal data of conservation of information in relation to different matters:
| DOCUMENT | TERM | REF. LEGAL |
|---|---|---|
| Documentation of a labor nature or related to social security | 4 years | Article 21 of Royal Legislative Decree 5/2000, of August 4, by the that the revised text of the Law on Infractions and Sanctions is approved in the social order |
| Accounting and tax documentation for commercial purposes | 6 years | Art. 30 Commercial Code |
| Accounting and tax documentation for tax purposes | 4 years | Articles 66 to 70 General Tax Law |
| Access control to buildings | 1 month | Instruction 1/1996 of the AEPD |
| Video surveillance | 1 month | Instruction 1/2006 of the AEPD Organic Law 4/1997 |
Navigation data
In relation to the navigation data that can be processed through the site web, in the event that data subject to the regulations are collected, it is recommended consult the Cookies Policy published on our website.
Rights of the interested parties
The regulations on data protection grant a series of rights to the interested parties or holders of the data, users of the website or users of the profiles of the social networks of HIERROS Y METALES TIRSO S.A.
These rights that attend the interested persons are the following:
- Right of access: right to obtain information about whether your own data are being processed, the purpose of the processing being performing, the categories of data in question, the recipients or categories of recipients, the term of conservation and the origin of said data.
- Right of rectification: right to obtain the rectification of the data inaccurate or incomplete personal data.
- Right of deletion: right to obtain the deletion of the data in the following assumptions:
- When the data is no longer necessary for the purpose for which were collected
- When the owner of these withdraws the consent
- When the interested party opposes the treatment
- When they must be deleted in compliance with a legal obligation
- When the data has been obtained by virtue of a company service of the information based on the provisions of art. 8 par. 1 of the European Regulation on Data Protection.
- Right of opposition: right to oppose a certain treatment based on in the consent of the interested party
- Right of limitation: right to obtain the limitation of the treatment of the data when any of the following assumptions occur:
- When the interested party contests the accuracy of the personal data, for a period that allows the company to verify the accuracy of these.
- When the treatment is lawful and the interested party opposes the deletion of data.
- When the company no longer needs the data for the purposes for which were collected, but the interested party needs them for the formulation, the exercise or defense of claims.
- When the interested party has opposed the treatment while it is being verified if the legitimate reasons of the company prevail over those of the interested.
- Right to portability: right to obtain the data in a format structured, commonly used and machine readable, and to transmit them to another data controller when:
- The processing is based on consent
- The treatment is carried out by automated means
- Right to file a claim with the competent control authority.
Interested parties may exercise the rights indicated, by contacting HIERROS Y METALES TIRSO S.A., in writing, sent to the following address: hierros@tirso.org in the Subject line the right that you wish to exercise.
In this sense, HIERROS Y METALES TIRSO S.A. will respond to your request as soon as possible as soon as possible and taking into account thedeadlines set forth in the regulations matter of data protection.
Security
The security measures adopted by HIERROS Y METALES TIRSO S.A. are those required, in accordance with those established in article 32 of the RGPD. In this sense, HIERROS Y METALES TIRSO S.A., taking into account the state of the technique, application costs and the nature, scope, context and purposes of treatment, as well as the risks of varying probability and severity for the rights and freedoms of natural persons, have established appropriate technical and organizational measures to guarantee the level of security appropriate to the existing risk.
In any case, HIERROS Y METALES TIRSO S.A. have mechanisms in place enough to:
- Guarantee confidentiality, integrity, availability and resilience permanent treatment systems and services.
- Restore the availability and access to personal data in a quickly, in the event of a physical or technical incident.
- Verify, evaluate and assess, on a regular basis, the effectiveness of the measures technical and organizational measures implemented to guarantee the security of the treatment.
- Pseudonymize and encrypt personal data, if applicable.