Privacy policy
In compliance with the provisions of the General Data Protection Regulation in relation to the personal data to be provided, PRONUTEC S.A.U. (the COMPANY) informs the user (the USER) that the personal data provided at any time and voluntarily to the COMPANY or its employees shall be processed automatically and included in an automated personal data file created and kept under the company’s responsibility.
WHO IS THE DATA CONTROLER?
- Holder: PRONUTEC S.A.U.
- Address: Parque Empresarial Boroa Parcela 2C-1 48340 – Amorebieta – Vizcaya – Spain
- Telephone: +34 946 313 234
- Email: : pnt@pronutec.com
- Registration Details: Registered in the Mercantile Registry of Vizcaya, Volume 1868, Book 3, Folio 161, Page 12.320, 1st Entry.
- Tax ID Code: A-48.217.962
FOR WHAT PURPOSES SHALL WE PROCESS YOUR PERSONAL DATA?
- To respond to queries, requests, or suggestions made through the contact form, corporate e-mail accounts, or any other means of communication.
- To manage contracting, invoicing, and to guarantee the contracted services.
- To manage to post on our blog and social media.
- To access our private customer area.
- To maintain the commercial relationship with the user, to improve commercial relations, to carry out statistical studies, to customize the services provided.
- To send electronic communications about news and updates on the products and/or services provided, unless otherwise indicated by the user or unless the user opposes or revokes their consent.
- To regularly send commercial information (newsletter), about products, services, and news related to our professional activity, as long as the interested party gives us their consent to do so and while keeping the possibility of revoking said consent at their disposal.
- To send the user promotions, offers, technical, commercial, or advertising communications, events, invitations, or commemorations through postal mail, email, or any other channel or social media, unless otherwise indicated or unless the user opposes or revokes their consent.
- In the event that the user sends us their CV or registers in the different job offers that we may post, we shall process their data in order to evaluate and manage the job application and, if necessary, carry out the necessary actions for the selection and recruitment of personnel, in order to offer the user positions that fit their profile. Unless otherwise indicated, providing the required data is necessary and failure to provide said data shall prevent the selection process from continuing.
- To comply with legally established obligations, as well as to verify compliance with contractual obligations, including fraud prevention.
WHAT DATA CATEGORIES ARE PROCESSED?
Pronutec S.A.U. shall process the data provided by the user, which may be special category data or data of the following categories depending on the scope of the matters entrusted or the inquiries made:
- Identifying data: name, surname, personal ID, passport or legal identification document, postal address, e-mail address, zip code, telephone number.
- Academic and professional data: training/qualifications, position, professional experience, membership in professional associations, in the case of selection processes.
- Electronic communication metadata.
- Commercial information data.
- Economic, financial, insurance, and banking data.
In some cases, the personal data requested are mandatory, thus, failure to provide them shall prove impossible to carry out the requested services. These cases shall be indicated by the person in charge.
The user guarantees that the data provided are true, accurate, complete, and updated, being responsible for any damage or loss, direct or indirect, that may be caused as a result of a breach of this obligation. In the event that the user provides data of third parties, they declare that they have their consent and undertake to transfer the information contained in this clause to them, holding Pronutec S.A.U. harmless in this regard. Nevertheless, Pronutec S.A.U. may carry out checks to verify this fact, adopting the appropriate due diligence measures, in accordance with the data protection regulation.
WHAT IS THE LEGITIMACY OF DATA PROCESSING?
- The legitimacy for processing data collected from queries, requests, or suggestions made by any communication media lies in our own legitimate interest to respond to a potential customer and in the consent, a clear affirmative action of the user who enables us to process their data by making a query solely and exclusively for the purpose of responding to it.
- For managing the contracting of services, payment, invoicing, and corresponding shipments, legitimacy lies in the execution of the contract itself.
- The legitimacy for managing the posting of comments on our blog and our social media lies in our own legitimate interest to know the opinions of the interested parties and in the consent, a clear affirmative action of the user who enables us to process their data by writing said comment solely and exclusively for that purpose.
- For accessing our private customer area, legitimacy lies in the user’s consent given when creating an account for thr said private area and in the contractual relationship maintained with Pronutec S.A.U.
- For sending electronic communications about news and updates on products and/or services contracted, the legitimacy of the data processing lies in the legitimate interest of Pronutec S.A.U. to carry out such processing in accordance with current regulations.
- For periodically sending commercial information (newsletter) about services and news related to our professional activity, legitimacy lies in the user’s consent.
- The legitimacy for processing data in connection with the submission of CVs and registrations in professional offers that we may post is based on the consent of the user who submits their data.
- Finally, for processing data to comply with legally established obligations, as well as to verify compliance with contractual obligations, including fraud prevention, legitimacy lies in its described purpose of fulfilling a legal obligation.
HOW LONG SHALL DATA BE KEPT?
Pronutec S.A.U. shall keep any personal data up to five years after the last commercial relationship, communication with the user, or for the time necessary to fulfill the purposes for which they were collected and as long as the consents granted are not revoked. Thereafter, the data shall be deleted. However, they may be kept for as long as any liability may arise from a legal relationship or obligation or from the execution of a contract or the application of pre-contractual measures requested by the data subject.
Data provided in connection with the job offers that the user wishes to subscribe to shall be kept for two years from the date of the last update. Once this period has elapsed without there being any updates, the data shall be deleted, unless indicated otherwise by the user.
WHAT SECURITY MEASURES DO WE IMPLEMENT TO PROTECT YOUR DATA?
Pronutec S.A.U. is committed to the protection of personal data, user privacy, and cybersecurity; thus, it shall carry out the necessary technical and organizational security measures to prevent the loss, manipulation, disclosure, or modification thereof in order to protect the different types of data covered in this privacy policy.
DATA COMMUNICATIONS
To whom shall data be sent?
Pronutec S.A.U. has contracts with third-party data processors in order to provide its services. Data shall not be disclosed to any other third parties, except for these entities. If it were necessary to communicate such data to third parties for any reason, the user shall be informed in advance and, where appropriate, consent shall be requested and the purposes of the communication and the identity of the third party to whom the data will be communicated shall be specified.
All the foregoing shall be upheld, except where it is legally required to communicate such data to a third party.
USERS’ RIGHTS
What rights does the data subject have?
Persons who provide us with their data have the following rights in relation to such data:
- Right of access
- Right of rectification or suppression
- Right to limit processing
- Right to portability
- Right to object
- Right to revoke consent
For further information about your rights, we suggest you visit the website of the Spanish Data Protection Agency.
The user may exercise these rights by sending a written request to the following address: Pronutec S.A.U., Parque Empresarial Boroa Parcela 2C-1 48340 – Amorebieta – Vizcaya – Spain, or by sending an e-mail to the following address: info@pronutec.com, with the following details: name and surname, address or e-mail for notification purposes, official identification document (personal ID, passport or similar), specific claim giving rise to the request, date, and signature of the interested party.
However, in the event that the USER does not wish to receive the technical, commercial, or advertising communications indicated above, they may communicate this by sending an e-mail to the following address: info@pronutec.com.
Additionally, we inform you that you may file a complaint before the relevant Control Authority, in this case, the Spanish Data Protection Agency, especially if your rights have not been satisfied. You may contact the Spanish Data Protection Agency at their telephone numbers +34 901 100 099 and +34 912 663 517 or by visiting them at C/ Jorge Juan, 6. 28001 – Madrid.
ORIGIN OF THE DATA
All the data collected is provided by the data subject.