Confidentiality, professional secrecy and security are essential values for Esteyco S.A., who undertakes to assure user’s privacy. Therefore, following the principles of appropriateness, fairness and transparency of the General Data Protection (EU, 2016/679, “GDPR”), we are providing you with the following information to explain how we process the personal data that you provide when you deal with us.
Entity responsible for data processing.
ENTITY: ESTEYCO S.A.
REGISTERED OFFICE: Avda. Burgos 12B-Bajo, 28036 Madrid
Why do we process your personal data?
At ESTEYCO we process the information you provide in order to maintain our commercial/professional relationship, manage the sending of any information that you request from us or answer any queries you may have, manage the contractual relationship between us, process your application and provide you with offers regarding our services and/or products and any events, projects and activities that may interest you and for which you have given your express consent.
How long will we keep your personal data for?
Your data will be kept until the purposes described above have been met, and subsequently to comply with our responsibilities and any legal requirements.
What is the legal justification for processing your data?
The legal basis for processing your data may be to pursue a potential or existing contractual relationship, legitimate interest, legal qualification and/or your own consent. The data that we seek is adequate, appropriate and strictly necessary and in no case are you under any obligation to provide it to us, although not doing so may affect the completion of the service or make it impossible to provide.
Who will we pass your data on to?
Esteyco will assign your data only to the Esteyco Foundation in order to manage the sending of information. Under any other circumstances we will only forward your data to third parties with your express consent or in order to comply with a legal obligation.
However, your data may be processed by providers of Esteyco who, as part of their service, may potentially have access to your data or require it to be processed in order for them fully to provide their service The corresponding Data Controller contract has been entered into with any such companies, obliging them to implement the necessary security measures to assure the confidentiality, integrity, availability and permanent robustness of data-processing systems and services, in order to avoid any loss, erasure or destruction of data or any undue or unauthorised access to it.
What are your rights when you provide us with your data?
Your data-protection rights are as follows:
– Right of access: to obtain information about whether your data is being processed, the purpose of any processing, the source of the data any assignments made or planned.
– Right of correction: to request that any of your data that is inaccurate or incomplete be corrected.
– Right of erasure: to request the removal or erasure of personal data when it is no longer needed, when consent is withdrawn, when it has been processed improperly, etc. In this case, it must be possible to block such data and subsequently erase any copies, links or reproductions of it. All the above is provided that no legal obligation or action necessary to defend claims is hindered.
– Right of objection: to request that certain processing of personal data not be carried out.
– Right to request the limitation of processing: to request that your personal data not be applied to the processing operations that would otherwise correspond.
– Right to the portability of data: to request that your data be forwarded to another entity or to yourself, in a structured, commonly used, mechanically legible format. Such a request may only be made for data that requires your consent or a contractual agreement in order to be processed, provided that the processing is done by automated means.
You may exercise these rights by writing to Esteyco at its office or to the email address provided for this purpose, firstname.lastname@example.org, including in both cases a photocopy of your identity card (DNI/NIE) or other equivalent identification document.
Models, forms and more information on your rights are available on the website of the national control authority, the Spanish Data Protection Agency (“AEPD”), at www.agpd.es.
You have the option and the right to withdraw your consent given at any time for any specific purpose, without doing so affecting the licit character of any processing based on your consent prior to its withdrawal.
Pursuant to section 22 of the Information Society Services and Electronic Commerce Act 2002 (34/2002) you may withdraw consent previously given for the sending of commercial messages by email or equivalent media by sending an email to email@example.com.
Security and updating of your personal data
With a view to safeguarding the security of your personal data, we inform you that Esteyco has taken all the necessary technical and organisational steps to assure the protection of any personal data provided. This is to prevent unauthorised tampering, loss, processing or access, as required by law, although there is no such thing as absolute security. In order for us to keep your personal data updated, it is important for you to inform us whenever any changes occur.
Esteyco informs you that your data will be processed with the maximum diligence and confidentiality by all personnel involved in any of the stages of processing. As explained above, we will not assign or disclose your data to any third party other than the Esteyco Foundation unless it is with your express consent or in order to comply with a legal requirement.