Privacy Policy
PRIVACY POLICY
1. Introduction.
We have a high level of commitment to people's privacy, so the protection of personal data is important to us.
We process data in accordance with EU Regulation 2016/679, the General Data Protection Regulation, Organic Law 3/2018 on the Protection of Personal Data and the Guarantee of Digital Rights, and other applicable regulations.
This Privacy Policy was revised in October 2023 to comply with the website's and the controller's general obligations regarding information and transparency, and to provide all interested parties, not just website users, with the controller's general terms and conditions. Changes may apply until the next revision.
2. Who is responsible for processing your data?
Responsible: SATNo 9843 CAMPOTEJAR DEL SEGURA
NIF/CIF: F73121386
Address: CTRA. FORTUNA KM 7, EL FENAZAR. 30509 MOLINA DE SEGURA (MURCIA)
Email: satcampotejar@satcampotejar.com
3. What is the origin and type of data we process?
The origin of the information we process may be any of the following categories:
· Forms in paper, electronic or digital format.
· Communication and messaging systems: email and messaging applications, telephone, etc.
· Other legitimate sources and origins of information.
The different categories of data that we may process depending on the type of data subject (user, client, supplier, employee, etc.) and the nature of the data controller's activity and the different data processing procedures are:
· Identification data, for example: name and surname, image.
· Identification codes or keys, for example: username, employee code.
· Postal or electronic contact addresses, for example: telephone, email, social media profile.
· Personal and professional data, for example: age, date of birth, qualifications, professional experience, CV.
· Economic, financial, and insurance data; for example, bank details, credit card details, etc.
· Economic and non-economic payroll data and other employment-related information; for example: job title, payroll document, etc.
· Transaction data, for example: goods and services supplied and received.
· Special category data, for example: health, union membership, racial origin.
· Other data and information necessary or implicit in the development of our activities, services and purpose.
MANDATORY OR OPTIONAL NATURE OF THE INFORMATION PROVIDED BY THE INTERESTED PARTY.
By ticking the corresponding boxes and entering data in the fields marked as mandatory (for example, with an asterisk) in the contact form or presented in download forms, the interested party expressly, freely, and unequivocally accepts that their data are necessary for the controller to process their request. The inclusion of data in the remaining fields is voluntary.
The data subject guarantees that the personal data provided to the data controller is accurate and undertakes to communicate any changes to it. The data requested through the website, marked as mandatory, is necessary to provide an optimal service to the data subject. If not all data is provided, there is no guarantee that the information and services provided will be fully tailored to the data subject's needs.
4. For what purpose do we process your personal data?
In general, data is processed to successfully carry out the actions implicit in the normal development and management of the controller's activity. However, we may specify different processing purposes depending on the potential categories of data subjects:
· Clients and potential clients: management and maintenance of commercial, pre-contractual, and contractual relationships; internal administration; financial management; advertising and marketing; customer service.
· Collaborators, creditors, and suppliers: management and maintenance of commercial relations, internal administration, and financial management.
· Employees: management, development, and maintenance of the employment relationship, human resources management, communications, training activities, occupational risk prevention, time recording, and other purposes arising from legal obligations and the development of labor relations.
· Candidates: management of incoming resumes, management of job offers, and personnel selection.
· Web and social media users: customer service and management of communications between the parties.
· Visitors: visitor assistance and access control to the facilities.
Any existing information from any other category of data subjects processed by the controller will be processed within the scope of its activity, in strict compliance with the applicable regulations and under the general criteria of this Privacy Policy.
Other general purposes that the controller may implement are:
· Creation of a commercial profile, with the aim of improving your experience by personalizing offers and communications. No individualized decisions will be made based on this profile, and the actions will be based on legitimate interest.
· Video surveillance, for the security of property and people, as well as the corresponding labor control based on legitimate interest.
· Telephone switchboard, in order to record communications for security, guarantee, and quality of service, based on legitimate interest.
Financial management and control of monetary obligations. In the case of debtors with certain, overdue, and payable outstanding payments, the controller may report this circumstance to creditworthiness files, debtor files, and debt management or collection services, among others, based on legitimate interest.
Communications: Development and execution of communications using available contact information and media (email, instant messaging, etc.) with internal (employees) and external (clients, potential clients, collaborators, suppliers, etc.) interested groups. The purposes of such communications may be informational, organizational, commercial, and advertising, as appropriate based on informed consent and the legitimate interest of the controller.
· Other purposes derived from the nature of the controller, motivated by the normal development and exercise of its activity, from a valid legitimizing basis.
5. How long will we retain your data?
In general, personal data will be retained at least as long as there is a relationship with the data subject, as long as its deletion is not requested, as long as liability may arise, or as long as there is a legal provision for its retention.
Regarding the data of candidates and job seekers, they will be deleted immediately when they are no longer of interest to the controller.
The data controller has an inventory of retention periods in its data protection plan, which it observes to manage the different applicable retention periods.
Data deletion will always be carried out ensuring their confidentiality.
6. What is the legitimacy for processing your data?
The controller observes and applies the various existing legal grounds applicable to each processing purpose. These are:
a) Informed consent of the interested party.
b) Pre-contractual or contractual commitments.
c) Legitimate interest of the controller.
d) Applicable legal obligations.
e) Other legally prescribed legitimizing bases.
7. To which recipients will your data be communicated?
Data subjects' data will not be disclosed to any third party by default, except for: a) auxiliary services, authorized data processors, or other implicit third parties necessary for the proper provision of goods and services; b) competent authorities and public administrations in the exercise of their functions; c) other legitimate interested parties and legally provided third parties.
8. What are your rights when you provide and/or we process your data?
As an interested party, you may at any time request that we exercise any of the following data protection rights:
· Access to the data subject's personal data to confirm whether or not data concerning them is being processed and to obtain further information about this processing.
· Rectification or deletion of personal data concerning the data subject when, among other reasons, it is inaccurate or no longer necessary for the purposes for which it was collected.
· Limit the processing of the data subject's personal data in certain circumstances, in which case they will only be retained for the purpose of exercising or defending legal claims, for the protection of another person's rights, or for reasons of public interest.
· Receive the personal data concerning you that you have previously provided to us, in a structured format whenever possible. (Data portability).
· Object to the processing of your data in certain circumstances and for reasons related to your particular situation. The company will stop processing your data except for compelling legitimate reasons or to exercise or defend against potential legal claims.
· Revoke consent, which may lead to the annulment or cancellation of the existing business or contractual relationship, if any. This does not affect any processing carried out prior to the withdrawal of consent.
To do so, simply contact us using the email or postal address indicated above.
Optionally, you can also contact our designated data protection officer or the Data Protection Agency to learn more about your rights or request protection of these rights by the supervisory authority.
9. Data security.
We adopt the necessary technical and organizational measures in our information system to guarantee an adequate level of confidentiality, integrity, availability, and resilience of data in order to protect the rights and freedoms of data subjects.
The controller complies with the provisions and principles described in the GDPR to process data lawfully, fairly, and transparently with respect to the data subject, and adequately, relevantly, and limited to what is necessary in relation to the purposes for which they are processed.
However, to the extent permitted by law, we assume no liability for damages resulting from alterations that third parties may cause to our information system. Any breach of security will be promptly and appropriately reported to the competent authority and/or state law enforcement agencies.
10. Sending communications or information.
Our policy regarding the sending of information via electronic means (email, instant messaging, etc.) is limited to sending only communications that we consider of interest to our users and interested parties, related to the company's functions and activities, or that you have consented to receive.
If you prefer not to receive these messages, we will offer you the opportunity to exercise your right to cancel and opt out of receiving these messages, in accordance with Title III, Article 22 of Law 34/2002 on Information Society Services and Electronic Commerce.
11. Social networks.
The controller may have a presence on social media through the corresponding profiles. This section and any legal and privacy terms present on the website apply to the processing of data of users or interested parties who become followers or are in any way linked to said profiles.
The purposes of using these profiles by the controller are communication, business development, marketing and advertising, processing queries submitted to the controller and providing user support, providing information about actions, activities, and events organized by the controller or in which the controller participates, and interacting through official profiles.
The legitimate grounds set out in section 6 above are supplemented in this case because the user or data subject may have a profile on the same social network as the controller and have decided to join or connect with the controller's profile, thereby demonstrating interest in the information published by the controller. Therefore, by following the controller's profiles, you provide your consent for the processing of the data available on your profile.
Users can access the privacy policies and terms of the corresponding social network at any time, as well as configure any privacy features that may be implemented on their profile. Users' posts will be visible to other users, so they are ultimately responsible for their own privacy.
Users who follow and/or participate in our profiles will refrain from:
a) To publish content or information that is contrary to the law, morality, and good faith. Any use or behavior that is illicit, annoying, inappropriate, or that could generate negative opinions on the profile or violate the rights of others is prohibited.
b) Behaving in a manner contrary to the principles of legality, honesty, responsibility, protection of human dignity, protection of minors, protection of public order, protection of privacy, consumer protection, and intellectual and industrial property rights.
The controller reserves the right to remove any content deemed inappropriate without prior notice. The controller is also not responsible for the security measures applicable to each platform, and users should be aware of these measures, along with the platform's legal terms and conditions of use.
The data controller shall be expressly exonerated from any liability that may arise from the use of social media by minors or persons with special needs. The data controller's social media networks do not knowingly collect any personal information from minors; therefore, if the user is a minor, they should not register, use the data controller's social media networks, or provide any personal information. Particularly in Spain, the processing of a minor's personal data may only be based on those aged 14 and over. Furthermore, if any rule or regulation so requires, or the user has special needs, the intervention of their parental authority or guardian, or their legal representative with a valid document accrediting such representation, will be necessary.
12. Employment and candidate management
Those interested in accessing job offers from the controller may provide their data and professional information to the controller through various channels, preferably through existing forms, email addresses, and other means available for this purpose, where applicable.
This data will be processed in accordance with these privacy terms for the purpose of managing applications for potential job, internship, and training opportunities offered by the responsible entity and any subsidiary companies or companies belonging to the same business organization, where applicable.
The processing will be carried out based on the informed consent of the interested party or another valid legitimate basis.
If the data provided is no longer of professional interest to the entity or is no longer necessary for the purposes for which it was collected, it will be deleted, ensuring its confidentiality and anonymity.
Any interested party may revoke their consent and exercise their privacy rights under the terms set forth in this privacy policy.