In accordance with the provisions of the General Data Protection Regulation GDPR (EU) 679/2016 and Organic Law 3/2018, of 5 December, on Personal Data Protection and Guarantee of Digital Rights, you are provided with the following information on the processing of your personal data.
Who controls the processing of your personal data?
Data Controller and Data Protection Officer
What data do we process?
At NAUTIMA, S.A. we process the personal data that you provide by filling in the forms provided for this purpose on this website, as well as any personal data resulting from the provision or contracting of our services or products and/or any personal data resulting from the commercial relationship that you have with us. In addition, we process the personal data generated by your activity on our website, which includes your browsing data obtained through the website.
How long will we keep your personal data?
We keep your personal data in our systems and files for as long as is needed to carry out the purposes of the processing, and to comply with applicable legislation. Your personal data will be kept for as long as there is a contractual and/or commercial relationship with you, or as long as you do not exercise your right to the deletion and/or restriction of processing of your data. The length of time for which personal data is kept will vary depending on the purposes of the processing, and in general terms:
Your personal data will be kept for as long as it is useful for the purposes indicated and, in any case, for legally mandated periods and for length of time necessary to address any possible liabilities arising from the processing of said data.
We have appropriate technical and organisational security measures in place to protect your personal data against unauthorised or unlawful processing, accidental loss, destruction or damage, and to ensure the integrity and confidentiality of your personal data. The technical and organisational security measures implemented make it possible to: guarantee the permanent confidentiality, integrity, availability and resilience of the processing systems and services; restore the availability of and access to personal data promptly in the event of a physical or technical incident; and regularly verify, evaluate and assess the effectiveness of the technical and organisational measures implemented to ensure the security of the processing.
These technical and organisational security measures have been designed taking into account our IT infrastructure, the state of the art in accordance with current standards and practices, the cost of implementation and the nature, scope, context and purposes of the processing, as well as the risks of varying likelihood and severity of the processing to your personal data.
What is the legitimacy for the processing of your data?
Legitimacy: The legitimacy to process your personal data is based on:
-Executing and maintaining a contractual and commercial relationship with you, such as contracting the organisation’s products and services, and managing and processing requests for quotes for the organisation’s products and/or services, all in accordance with the provisions of Article 6.1.B of GDPR (EU) 679/2016 and Organic Law 3/2018, of 5 December (LOPDPGDD).
-Your express consent for one or more purposes, such as sending you our own or third-party advertising communications or newsletters, managing how curricula vitae are sent, and taking part in activities or competitions, all in accordance with the provisions of article 6.1.A of GDPR (EU) 679/2016 and Organic Law 3 /2018, of 5 December (LOPDPGDD ).
-Compliance with various legal obligations, all in accordance with the provisions of Article 6.1.C of GDPR ( EU ) 679/2016 and Organic Law 3/2018, of 5 December (LOPDPGDD ).
-Meeting the legitimate interests pursued by the data controller or by a third party, e.g. for security reasons, to improve our services and/or to manage requests or queries.
During the data collection process, and in each place on the website where personal data is requested, the user will be informed by means of a hyperlink or by the inclusion of appropriate mentions on the form itself of the mandatory nature or otherwise of the collection of their personal data.
The personal data requested in the forms on the website are, in general, mandatory (unless otherwise specified in the required field) in order to comply with the established purposes. Therefore, if the personal data requested is not provided, or is not provided correctly, the request cannot be fulfilled.
There is an obligation to provide your personal data when contracting a service or product, and/or when requesting a quote or offer.
The sending of advertising communications, newsletters or bulletins about our products and services is based on the consent that you are asked for, and under no circumstances does the withdrawal of this consent affect the contractual or commercial relationship that you have with us.
If you have authorised us to send advertising for our services and products, your personal data may be used to manage the sending of advertising offers and newsletters by electronic means. In these cases, the provisions of articles 20 and 21 of Law 34/2002, of 11 July 2002, on information society services and electronic commerce, apply to the use and processing of your personal data for the purpose of sending advertising by electronic means.
If you have ticked the option to receive advertising, or if you have subscribed to our newsletter, you can cancel this option at any time.
With which recipients will your data be shared?
What rights do you have in the processing of your personal data?
You expressly accept the inclusion of the personal data collected while browsing the website and/or provided by filling in any forms, as well as any data resulting from a possible commercial relationship, in the organisation’s automated personal data files.
The organisation guarantees the confidentiality of users’ personal data. However, when required to do so, the organisation will disclose personal data to the relevant public authorities, along with any other information in its possession or which is accessible through its systems, in accordance with the legal and regulatory provisions applicable to each case. Personal data may be kept in the files owned by NAUTIMA, S.A. even after the commercial relations formalised through the organisation’s website have ended, solely for the purposes indicated above and, in any case, for the legally established periods, at the disposal of administrative or judicial authorities.
Use of social media
When you interact with our website through various social media platforms, such as when you connect to or follow us or share our content on social media platforms (Facebook, Twitter, LinkedIn, Instagram or others), we may receive information from these platforms, including information about your profile, user ID associated with your social media account, and any other public information that you allow to be shared with third parties on said platforms.
The organisation uses social media as a way to provide information about the services it offers, as well as any other activity or event that it carries out and wishes to publicise, but at no time will it obtain personal data from users interacting on said social media platforms, unless there is express authorisation to do so.
This data is only used within the social media platform itself and is not incorporated into any processing system.
In cases of registration and/or access through a social media account, the organisation may collect and access certain information from your user profile on said platform, solely for the purposes indicated above.