BASIC INFORMATION ON DATA PROTECTION (EU Regulation UE 2016/679)
RESPONSIBILITY: P. FERRO GPF, S.L. (B15588478)
PURPOSE: User request management, contractual relation maintenance and management. Sending commercial information regarding GROUP GPF’s products and services, provided that prior consent has been obtained. Valuing and managing, when applicable, the CV provided.
LEGITIMACY: Contract execution, user requests and consent.
ADDRESSEES: Group GPF’s companies detailed in http://www.grupogpf.com/NuestroGrupo.
RIGHTS: Rights of access, rectification or suppression, limitation of data processing, opposition and the right to the portability of your data are all permitted. To do so, please send an e-mail to email@example.com.
DETAILED INFORMATION ON DATA PROTECTION (EU Regulation UE 2016/679)
1.- Who is responsible for processing the user’s data?
• Owner: P. FERRO GPF, S.L., hereinafter “GROUP GPF”
• CIF (Fiscal Identification Code): B15588478
• Website: www.grupogpf.com | www.grupoplasticosferro.com
• Head office: Paseo Marítimo 7-8 Bajo, 15002, A Coruña
• Registry data: Listed in the Companies’ Register of A Coruña, Sheet 100 and following, Volume 1.912, Page C-18.027, Entry no.1
• E-mail address: firstname.lastname@example.org
• European brand: “GPF GRUPO PLASTICOS FERRO” EUIPO record: https://euipo.europa.eu/eSearch/#details/trademarks/009075656
2.- What type of user information do we collect and process?
GROUP GPF will process the following user’s personal data:
• Identification data: name and surnames, DNI (ID card).
• Contact data: telephone number, e-mail and address.
• Academic and professional data in those cases of personnel selection.
If the user were to provide third-party information, he/she will take the responsibility for having previously informed him/her and for having his/her consent for this, according to article 14 of the Data Protection General Register (hereinafter RGPD).
3.- For what purpose do we process the user’s personal data?
GROUP GPF processes personal data for the purposes described below, depending on the reason for which they have been provided:
a) Providing the contracted services, maintaining the contractual relationship and following it up.
b) Contacting, processing, managing and responding to a user’s request, application, incident or query (either by e-mail, contact form or telephone).
c) Managing, when applicable, the user’s participation in the customer’s private area.
d) Managing, when applicable, sending commercial communications about products and services marketed by GROUP GPF through electronic and/or conventional means.
e) Creating, when applicable, a user profile in order to offer the user GROUP GPF’s products and services according to his/her interests.
f) Assessing and managing, when applicable, the curriculum vitae provided by the user for selection processes matching his/her professional profile and carrying out the necessary actions for selecting and recruiting personnel.
4.- What is the legitimacy of processing the user’s data?
• The legal basis for processing personal data for the purposes a), b) and c) is executing the corresponding service provision, and it is an imperative obligation for this.
• The legal basis for processing personal data for the purposes d), e) and f) is the consent explicitly granted by the user.
5.- For how long will GROUP GPF process the user’s personal data?
• The data regarding customer relationship management, invoicing and service charges shall be kept for as long as the contract is in force. Once this relationship has ended, when applicable, the data may be stored for the time required by the applicable legislation and until any responsibilities deriving from the contract have expired.
• The data regarding the management of requests and enquiries shall be kept for the time needed to give a response to them, with a maximum period of one year.
• The data regarding sending commercial communications and creating commercial profiles of our products or services shall be kept until the user withdraws his/her consent for this end.
• The data regarding the curriculum vitae for selection processes shall be kept for a period of two years.
6.- To which recipients will the user’s personal data be communicated?
• To the financial entities through which the management of charges and payments is coordinated.
• Competent Public Administrations in those cases prescribed by law.
• To the companies belonging to Group Plásticos Ferro (P. FERRO GPF, S.L.; PLASTICOS FERRO, S.L.U.; FERROPLAST MAROC, S.A.R.L.; TUBERIAS Y PERFILES PLASTICOS, S.A.U.; PLASTICOS IMA, S.A.U.; BRASELI TUBOS Y ACCESORIOS, S.A.U.; FERRO SYSTEMS, S.L.U.; TÉCNICA DE ENVASES PESQUEROS, TEP, S.A.; ELECTROMECÁNICOS VIVEIRO, S.A.U.; COMPAÑÍA BF DE COMERCIO, S.A.U.; GRUPO PLASTICOS FERRO FRANCE, S.A.S.; ABC CONFORT, S.L.U.; PLASTICOS EL PINAR, S.A.U.; PLASTICOS LANTARON, S.A.U.; TRANSFORMADOS PLASTICOS EGA, S.A.U.; PLASTICOS FERRO BILBAO, S.L.; P.FERRO INVERSIONES, S.L.
• To those in charge of Grupo Plásticos Ferro’s Personal Data Processing.
7.- What are the user’s rights?
Any user who provides his personal data to GROUP GPF will be able to exercise the following rights:
• Access, rectification, opposition, erasure, portability and limitation of data processing, as well as refusing the automatic processing of personal data gathered by GROUP GPF.
• Likewise, any user has the right to withdraw any consent granted at any time.
These rights may be exercised by the user free of charge, by referring to the request specified in the application through the contact details contained in part 1 (head office or e-mail).
GROUP GPF reminds the user of his/her right to bring an action or a complaint before the competent control authority, whenever he/she considers that his rights have been violated. The competent authority in Spain is the Spanish Data Protection Agency (www.aepd.es).
8.- How can commercial and promotional communications be cancelled?
The user has the right to withdraw the consent given at any time for sending commercial communications, simply by notifying it to GROUP GPF and informing that he/she does not wish to continue receiving commercial communications. For that purpose, the user may withdraw his/her consent by referring to the request through the contact details contained in part 1.
9.- Which safety measures have we implemented?
GROUP GPF is committed to ensuring compliance with the obligation of personal data privacy and storage, treating the user’s personal data in strict confidentiality at all times, adopting for such purposes the technical and organisational measures needed in order to guarantee the security of the data and to prevent any alteration, loss, unauthorised processing or access, taking into account the state of the technology, the nature of the data stored and the risks to which they are exposed.
Version: 14 March 2019