Security Policy and Protection of Personal Data
Your privacy is important to us, therefore, in this Policy we explain what personal information we collect through our website and the possible interactions with you and how we use them. We kindly ask you, before providing your personal data, to read it carefully and make sure that you have understood it properly.
As responsible for this website, we seek to offer the greatest legal guarantees in relation to the privacy of our users and to explain as clearly and transparently as possible everything that has to do with the processing of personal data within this website.
CEMOSA has adapted this website to the requirements of current regulations on the protection of personal data, in particular to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, RGPD) and other related regulations.
Responsible for the Treatment
CEMOSA is responsible for the processing of your data.
In the event that you use the services of the website (www.cemosa.es) that interact with you, you are providing us with personal information of which CEMOSA is responsible for its treatment.
In CEMOSA, taking into account the requirements of the RGPD, we apply the following principles when dealing with your personal data:
- Principle of legality, loyalty and transparency: We will always require your consent to the processing of your personal data, for one or several specific purposes, and we will inform you of this previously, with absolute transparency.
- Principle of minimization of data: We will only request the data strictly necessary in relation to the purposes for which those are required.
- Principle of limitation of the conservation period: the data will be kept for no longer than necessary for the purposes of the treatment, depending on the purpose, we will inform you of the corresponding conservation period.
- Principle of integrity and confidentiality: Your data will be treated in such a way as to guarantee proper security and confidentiality. For your information, we take all necessary precautions in order to prevent unauthorized access or improper use of user data by third parties.
Purpose of the Treatment
At CEMOSA we collect and process your personal data to provide our services with the highest possible quality. In particular, we use the data that you provide us and in accordance with the authorizations that you grant us for the following purposes:
- Manage the contacts of the organization and respond to information requests.
- Manage the relationship with the Users, as well as the provision of services offered through the Web (or on which the User has made any query / request) and, in general, the management, development and fulfillment of the relationship established between CEMOSA and those who provide their personal data through the Website.
- Handle possible job applications that may be received and manage the possible selection procedure for CEMOSA.
- Manage doubts, queries, complaints and claims that may be made to CEMOSA.
- Send newsletters or when the User has given his authorization or registered for a specific service. In this case, at the time of collecting the data, the User will have the opportunity to refuse to have the data used for said purpose. In addition, in each submission it will be possible to unsubscribe.
When personal data is collected through the form, it will be necessary to provide, at least, those marked with an asterisk, since if these data are not provided, CEMOSA will not be able to manage the requested service.
In addition, with the delivery of the data and/or with the completion of the form/s, you authorize CEMOSA to use the email address or telephone number as communication method as well as guarantee that the information provided is true, exact, complete and updated, expressly consenting to the use, treatment and communication thereof for the purposes stated.
If data from third parties is provided, the person who provided them guarantees to have informed them of the terms included in this section.
If you also go to CEMOSA offices, know that your image can be recorded, being kept for a month from its collection. After that period, your image will be deleted.
To carry out other treatments different from the previous ones, it will be necessary to obtain your express consent, of which you will be duly informed when necessary.
Conservation period of your data
All personal data provided will be kept for the necessary time to fulfill the purpose for which they were collected and to determine the possible liabilities that could derive from said purpose and the treatment of the data. When your data becomes unnecessary for that purpose, we will keep blocked those personal data that may be necessary during the legally established deadlines to address any question regarding their treatment; once this legal term has expired, the data will be deleted.
Legitimation for the processing of your data
The legal basis for the treatment of the data resides in the consent expressed by you, by the existence of a legal obligation, by the existence of a contract of which you are a party or by CEMOSA legitimate interest. In each form where your data is collected, you will be informed of the specific legitimation basis.
CEMOSA may communicate your data, exclusively for the purposes indicated in the section “Purpose of the Treatment” when a legal obligation falls on it, specifically:
- Public Administration bodies to comply with legally required obligations, such as: the Tax Agency, the General Treasury of Social Security, Provincial Councils, in compliance with legal obligations of a labor or fiscal nature; Professional Associations to perform occupational risk prevention services; to European projects members, as legitimately concerned; to Judicial Organs, the Security Forces and Corps in case of images recorded and if they were required by them.
- Other non-CEMOSA entities as banking entities for collection/payment operations of the associated services, and to insurance institutions as well as judiciary in case of exercising any claim.
In each form where your data is collected, you will be informed of the recipients or recipients’ categories.
Likewise, we may communicate your data to our Treatment Managers, whose intervention may be needed to provide our services and who will act at all times in accordance with our instructions to ensure proper and adequate treatment of your data. Access to your data by our Treatment Managers will always be in the necessary proportion for the purposes assigned.
Rights of concerned party
You have the right to know if at CEMOSA we are processing personal data that concerns you or not.
As an interested party, you have the right to access your personal data, as well as to request the rectification of those that are inaccurate or, where appropriate, request their removal when, among other reasons, the data is no longer necessary for the purposes that were originally collected. In certain circumstances, you may request to limit the processing of your data, in which case we will only keep them for claims exercise or defense. Likewise, you may also oppose processing your data, in which case CEMOSA will stop processing it unless there exists legitimate reasons as well as the exercise or defense of possible claims.
In addition, you may withdraw at any time your consent for the processing of your personal data, with the same facility with which you provided it.
When exercising your right to the data portability, you will have the right to have the personal data transmitted directly from responsible to responsible, if it is technically possible.
You will not be subject to a decision based solely on automated processing, including profiling, which has legal effects on it or significantly affects you in a similar way, unless there is any circumstance that justifies it.
You can exercise your rights of access, rectification, removal and portability of your data, limitation and opposition to its processing, as well as not being subject to decisions based solely on the automated processing of your data and revocation of consent, when appropriate, in writing with reference “Data Protection” accompanied by one photocopy of your DNI to: CEMOSA, Legal Department, Benaque Street, No. 9 – Málaga, 29004.
If you do not receive any reply from us within one month, you will have the right to effective judicial protection and to present a claim to the supervisory authority, in this case, the Spanish Data Protection Agency, if you consider that the treatment of personal data that concerns you violates the Regulation.
In accordance with the provisions of Law 34/2002 of July 11, related to Information Society Services and Electronic Commerce, in the event that the user does not wish to receive electronic commercial communications in the future or desires to unsubscribe in the newsletter system previously subscribed to, where appropriate, the user may express such wish by sending an email to the following email address: email@example.com.
CEMOSA has profiles in some of the main Internet social networks (LinkedIn), so that it is responsible for the treatment of its follower’s data, fans, subscribers and commentators in all these cases. The treatment that CEMOSA can carry out will be the one that the social network allows to the corporate profiles. CEMOSA may inform its followers by any means that the social network allows about its activities, services, etc. In no case will CEMOSA extract data from social networks.
Data accuracy and veracity
You guarantee that the personal data provided through the different available channels are true and you are compelled to communicate any modification of them.
As a user, you are solely responsible for the accuracy and correctness of the data that you send to CEMOSA and waive the entity from any liability, damages or losses arising therefrom.
Secret and Security
CEMOSA is committed to respect personal data confidentiality when using and processing it, in accordance with the purpose for which they were collected, as well as to comply with its obligation to save them and adopt all measures to avoid alteration, loss, treatment or unauthorized access, in accordance with the provisions of current data protection regulations.
Regarding the confidentiality of the processing, CEMOSA will ensure that any person who is authorized to process personal data (including its staff, collaborators and providers), will be under the appropriate obligation of confidentiality (be it a contractual or legal duty).
When a security incident occurs, you will be notified as soon as reasonably possible and provided with information related to the Security Incident.
CEMOSA reserves the right to modify this policy in order to adapt it to the new legislation or jurisprudence, as well as industry practices. In these cases CEMOSA will announce on this page the changes introduced, with reasonable anticipation to its implementation.
This policy has been updated on May 25, 2018. The updated version of this policy is the only one valid until there is a new one replacing it.