Privacy policy

Privacy policy

Who is responsible for the processing of your data?

INGENIERIA Y DISEÑO EUROPEO, S.A.  Tax ID No.: A33386756

Address: C/ PROFESOR POTTER, 105, 33203, GIJON.

Tfno: 985 175 705

Mail: idesa@idesa.net

Web: www.idesa.net

DPO: dpdasturias@prodat.es

 You can contact us in any way to communicate with us.

We reserve the right to modify or adapt this Privacy Policy at any time. You are advised to review it, and if you have registered and you access your account or profile, you will be informed of any changes.

 If you are one of the following groups, consult the following information:

             + WEB OR E-MAIL CONTACTS

What data do we gather through the Web?

We can process your IP, what operating system or browser you use, and even the length of your visit, anonymously.

If you provide us with information in the contact form, you will identify yourself so as to be contacted, if necessary.

  • Answering your questions, applications or requests.
  • Managing the requested service, answering your application, or processing your request.
  • Information by electronic means, which relates to your request.
  • Commercial or events information by electronic means, provided that there is express authorization.
  • Performing analysis and improvements on the Web, about our products and services. Improving our commercial strategy.

What is the legal basis for processing your data?

The acceptance and consent of the interested party: In the cases where it is necessary to fill in a form and click on the “submit” button to make a request, completing the form and submitting it will necessarily imply that you have been informed and have expressly given your consent to the content of the clause annexed to said form or acceptance of the privacy policy.

All our forms show the symbol * when data are obligatory. If you do not complete these fields, or do not tick the acceptance checkbox for the privacy policy, sending the information will not be allowed. The following formula is usually shown: “□I am over 14 and I have read and accept the Privacy Policy.”

 + NEWSLETTER CONTACTS

What data do we collect through the newsletter?

You can subscribe to the Newsletter on the Web, if you provide us with an e-mail address, to which the Newsletter will be sent.

We will only store your e-mail in our database, and then we will send you e-mails periodically, until you request cancellation, or we stop sending e-mails.

You will always have the option to cancel your subscription, in any communication.

For what purposes do we process your personal data?

  • Managing the requested service.
  • Information by electronic means, which relates to your request.
  • Commercial or events information by electronic means, provided that there is express authorization.
  • Performing analysis and improvements in mailing, to improve our business strategy.

 What is the legal basis for processing your data?

Acceptance and consent of the interested party: In the cases where you subscribe, you must accept by ticking a checkbox and then click on the “submit” button. This will necessarily imply that you have been informed and have expressly granted your consent to receiving the newsletter.

If you do not tick the acceptance checkbox for the privacy policy, sending of the information will not be allowed. The following formula is usually shown: “□ I am over 14 and I have read and accept the Privacy Policy.”

             + CLIENTS

For what purposes do we process your personal data?

  • Preparation of budgets and monitoring them by means of communications between both parties.
  • Information by electronic means, that relates to your request.
  • Commercial or events information by electronic means, provided that there is express authorization.
  • Managing the administrative, communications and logistics services performed by the person in charge.
  • Billing and declaration of any relevant taxes.
  • Making any transactions as appropriate.
  • Control and debt recovery management.


            + SUPPLIERS

For what purposes do we process your personal data?

  • Information by electronic means, that relates to your request.
  • Commercial or events information by electronic means, provided that there is express authorization.
  • Managing the administrative, communications and logistics services performed by the person in charge.
  • Billing.
  • Making any transactions as appropriate.
  • Billing and declaration of any taxes as appropriate.
  • Control and debt recovery management.

What is the legal basis for processing your data?

The legal basis is the acceptance of a contractual relationship, or otherwise your consent when you contact us or offer us your products by any means.


            + SOCIAL NETWORK CONTACTS

For what purposes do we process your personal data?

  • Answering your questions, applications or requests.
  • Managing the requested service, answering your application, or processing your request.
  • Connecting with you and creating a community of followers.

 What is the legal basis for processing your data?

The acceptance of a contractual relationship in the environment of the social network in question, and in accordance with its Privacy policies.

Facebook       http://www.facebook.com/policy.php?ref=pf

Instagram      https://help.instagram.com/155833707900388

Twitter          http://twitter.com/privacy

Linkedin         http://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv

Google*        http://www.google.com/intl/es/policies/privacy/

*(Google+ y Youtube)

How long do we keep personal data?

We can only consult or cancel your data in a restricted way as they are part of a specific profile. We will process them as long as you let us do it, being friends or clicking on "I like it", "continue" or similar buttons.

Any rectification of your data or restriction on information or publications must be made through the configuration of your profile or user on the social network itself.

             + JOB SEEKERS

For what purposes do we process your personal data?

  • Organization of selection processes for hiring employees.
  • Giving you an appointment for job interviews and assessing you as a candidate.
  • If you have given us your consent, we can pass it on to collaborating companies or similar, with the only purpose of helping you find a job.
  • If you tick the checkbox for acceptance of the privacy policy, you give us your consent to pass your job application on to the entities that make up the group of companies in order for you to be included in their personnel selection processes.

You are also informed that we will destroy your CV safely after a year has gone by since it was received.

What is the legal basis for processing your data?

The legal basis is your unequivocal consent, when you send us your CV.

             + SUGGESTIONS BOX

What data do we gather through the Web?

We can process your IP, what operating system or browser you use, and even the length of your visit, anonymously.

If you provide us with information in the contact form, you will identify yourself so as to be contacted, if necessary.

For what purposes do we process your personal data?

    • Answer your suggestions, complaints or requests.

What is the legal basis for processing your data?

        The acceptance and consent of the interested party: In the cases where it is necessary to fill in a form and click on the “submit” button to make a request, completing the form and submitting it will necessarily imply that you have been informed and have expressly given your consent to the content of the clause annexed to said form or acceptance of the privacy policy.

         All our forms show the symbol * when data are obligatory. If you do not complete these fields, or do not tick the acceptance checkbox for the privacy policy, sending the information will not be allowed. The following formula is usually shown: “□I am over 14 and I have read and accept the Privacy Policy.”

             + USERS OF THE INTERNAL INFORMATION SYSTEM

For what purpose do we process the personal data you provide us?

Process the information processed through the INTERNAL INFORMATION SYSTEM

The recipient of the communications will be the person in charge of the Internal Information System of INGENIERIA Y DISEÑO EUROPEO, S.A., who fully respects the privacy of the users of the application, treating their personal data with protection and confidentiality. Therefore, it informs users that:

In compliance with the provisions of the personal data protection regulations and the whistleblower protection regulations, we process your data and the information you provide us (as well as the personal data of other people you may provide us with) for the purposes specified in this privacy policy.

No automated decisions will be made, or profiles will be made in relation to the information and data collected.

What is the legitimacy for the processing of your data?

The processing of personal data, in the cases of internal communication, shall be understood to be lawful by virtue of the provisions of articles 6.1.c) of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, 8 of Organic Law 3/2018, of December 5, and 11 of Organic Law 7/2021, of May 26, when, in accordance with the provisions of articles 10 and 13 of this law, it is mandatory to have of an internal information system.

If it is not mandatory, the treatment will be presumed to be covered by article 6.1.e) of the regulation.

The processing of personal data in the cases of external communication channels will be understood to be lawful by virtue of the provisions of articles 6.1.c) of Regulation (EU) 2016/679, 8 of Organic Law 3/2018, of December 5, and 11 of Organic Law 7/2021, of May 26.

How long do we keep the data provided?

The data of the person making the communication and of the employees and third parties must be kept in the system only for the time essential to decide on the appropriateness of initiating an investigation into the facts. In any case, after 3 months from the introduction of the data, they must be deleted from the system unless the purpose of the conservation is to leave evidence of the operation of the model for the prevention of the commission of crimes by the legal person, in accordance with the provisions in article 24 of Organic Law 3/2018, of December 5, Protection of Personal Data and Guarantee of Digital Rights (hereinafter LOPDGDD).

In no case will personal data that are not necessary for the knowledge and investigation of the information be processed, and, where appropriate, they will be immediately deleted. Likewise, all personal data that may have been communicated and that refer to conduct that is not included in the scope of application of Law 2/2023 will be deleted.

If it is proven that the information provided or part of it is not true, it will be immediately deleted from the moment said circumstance is confirmed, unless said lack of truthfulness may constitute a criminal offence, in which case it will be kept the information for the necessary time during which the judicial procedure is processed.

To which recipients can your data be communicated?

Organizations or people directly contracted by the Treatment Manager for the provision of services related to the treatment purposes: Collaborators and Subcontracted Entities for the management of the ethical channel, advisors, consultants, and auditors of the organization´s regulatory compliance system.

Access to personal data contained in the internal information systems will be limited (i) to the person responsible for the Internal Information System and to whoever manages it directly as System Manager*, (ii) to the person responsible for resources human rights, if disciplinary measures are applied (iii) to the person responsible for the legal services of the entity (if legal measures should be adopted in relation to the events reported), (iv) to those in charge of the treatment that are eventually designated, and (v) to the data protection officer.

Security Forces and Bodies: To the extent that a justified right of access is required in the investigation of a regulatory breach. The processing of data by other people, or even its communication to third parties, will be lawful when it is necessary for the processing of sanctioning or criminal procedures that, where appropriate, may apply. The identity of the informant may only be communicated to the judicial authority, the Public Prosecutor´s Office, or the competent administrative authority within the framework of a criminal, disciplinary or sanctioning investigation. Disclosures made under this section will be subject to safeguards established in applicable regulations. In particular, the informant will be transferred before revealing his or her identity, unless such information could compromise the investigation or the judicial procedure.

Under what guarantees are your data communicated?

Acceptance of these conditions implies the collection of personal data that users enter into the Ethical Channel application and their unequivocal consent so that INGENIERIA Y DISEÑO EUROPEO, S.A. treats them for the purpose of managing their complaints and/or information (communications), with the recipient of the events reported therein being the Head of the Internal Information System of INGENIERIA Y DISEÑO EUROPEO, S.A.

By accepting this policy, users guarantee that the personal data provided is true, complete, and up-to-date and that they will communicate any changes to them as soon as possible.

Likewise, with the acceptance and/or validation of the communication processing process enabled in the system form, you declare to be over 14 years of age, have legal capacity, and expressly consent to the processing of data in accordance with the provisions of clause e additional information on data protection. In the cases in which he represents a minor under 14 years of age or a person with legal incapacity, he responsibly declares that he has parental authority or guardianship of the minor or the corresponding legal representation, whose justification may be required by the Treatment Manager to legitimize the accepted consent.

Users must know that the communications presented will be considered confidential and reserved information. To this end, the identity of those reporting in good faith will be especially safeguarded, and they will be protected against any kind of retaliation due to the communication made.

The Person Responsible for the Internal Information System will not reveal, at any time, the data of the person submitting the communication, collected in the web form that collects the personal data of the complainant unless it is required to do so, judicially or by the competent authority.

The Person Responsible for the Internal Information System, in view of the complaint, and with reasons, deems it strictly necessary, provided that the reporting person expressly gives his or her consent.

There are objective reasons to understand that the complaint has been made in bad faith (based on false documentation) and the person responsible for the Internal Information System provides the identity of the complainant, for the sole purpose of promoting the disciplinary measures that result from application.

The user is recommended not to provide anyone with their identification, password, or the alphanumeric reference of their communication. The communication of data that may be made to other third parties and/or data processors is carried out to entities that certify the availability of a Personal Data Protection System in accordance with current legislation.

----------------------

Do we include third-party personal data?

          No. As a general rule we only process data sent by their owners. If you supply us with third-party data, before you do so you must inform such third party and ask for its consent; otherwise, you hold us harmless for non-compliance with this requirement.

 And children’s data?

          We do not process data about children under 14 years of age. Therefore, please refrain from supplying such data if you are not that age or, as the case may be, from supplying data about third parties who are not that age. INGENIERIA Y DISEÑO EUROPEO, S.A. declines any responsibility for non-compliance with this provision.

 Do we make electronic communications?

  • They are made only to deal with your application if electronic communication is one of the means of communication you have supplied us with.
  • If we make any commercial communications, it will be because they have been previously and expressly authorized by you.

 What security measures do we apply?

          You can keep your mind at rest: We have adopted an optimal level of protection for the Personal Data that we handle, and we have installed all the means and technical measures at our disposal according to the state of technology to avoid personal data loss, misuse, alteration, unauthorized access and theft.

 Who will your data be transferred to?

          Your data will not be transferred to third parties, unless there is a legal obligation to do so. Specifically, your data will be communicated to the Inland Revenue and to banks and financial entities for collection for the service provided or product acquired and to those in charge of data processing, as necessary to perform the agreement.

           In the event of purchase or payment, if you choose an application, platform, bank card, or another on-line service, your data will be transferred to that platform or will be processed in its environment, always with the utmost security.

          When we let them know, the web development and maintenance company, or the hosting company, will have access to our web. These companies will have signed a service provision agreement that obliges them to uphold the same privacy standards as we do.

          When US applications are used, any international data transfer will adhere to the Privacy Shield agreement, which guarantees that US software companies comply with European data protection policies as regards privacy.

 Your rights

  • To know if we are processing your data or not.
  • To access your personal data.
  • To request rectification of your data if they are wrong.
  • To request suppression of your data if they are no longer necessary for the purposes for which they were collected or if you withdraw the consent you gave us.
  • To request limited processing of your data, in certain situations, in which case we will keep them only in accordance with the regulations in force.
  • To port your data, which you will be supplied with in a structured, commonly used or mechanical reading form. If you prefer, we can send them to the new manager you designate. This is valid only in certain cases.
  • To file a claim with the Spanish Data Protection Agency or competent control authority, if you feel that we have not treated you properly.
  • To withdraw your consent for any processing for which you gave your consent, at any time.

If any of your data changes, we will be grateful if you let us know, so as to keep them updated.

 Would you like a form to exercise your rights?         

  • We have forms for you to exercise your rights. You can apply for them by e-mail or if you prefer you can use the forms prepared by the Spanish Data Protection Agency or third parties.
  • These forms must be electronically signed or accompanied with photocopy of your ID document.
  • If someone represents you, you must attach copy of their ID document, or they must sign with their electronic signature.
  • Forms can be submitted in person at or sent by letter or by mail to the address of the person in charge indicated at the beginning of this text.

 How long do we take to reply to the exercise of your rights?

          It depends on the right, but at the most a month after your request and two months if the issue is very complex and we notify you that we need more time.

 Do we process cookies?

          If we use cookies that are not the necessary ones, you may consult the cookies policy on the relevant link from our web home.

 How long do we keep your personal data?

  • Your personal data are kept for as long as you have a relation with us.
  • Once that relation is terminated, the personal data processed for each purpose will be kept for the legally established periods, including the period within which a judge or a court may request them, the lapse period for legal actions being taken into account.
  • Processed data will be kept for as long as the legal deadlines referred to above do not expire, if there is a legal obligation to keep them, or, if there is no legal deadline, until the interested party requests to have such data suppressed or the consent given by such interested party is withdrawn.
  • We will keep all information and communications about your purchase or the provision of our service for as long as the guarantees over products or services are valid, so as to deal with possible claims.
Web design: ticmedia.es