General Regulation of Data Protection (RGDP) – Dicembrer 2018
We inform you that the personal data of our customers will be treated in accordance with the current legislation on personal data protection, users’ privacy and the secrecy and security of personal data, in accordance with the provisions of Organic Law 3/2018, of 5 December, on Protection of Personal Data and Guarantee of Digital Rights (LOPD-GDD) and the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data (GDPR).
In order to comply with the aforementioned Regulation, we have updated our Privacy Policy.
PROCESSING OF CUSTOMER DATA
In ANAYET LATITUD NORTE S.L. we process the information you provide us in order to provide you with the requested service and make your billing. The data provided will be kept for as long as the business relationship is maintained or for as long as necessary to comply with legal obligations and meet possible responsibilities that may arise from the fulfillment of the purpose for which the data were gathered. The data will not be transferred to third parties except in cases where there is a legal obligation. You have the right to obtain information about whether in ANAYET LATITUD NORTE S.L. we are processing your personal data, so you can exercise your rights of access, rectification, deletion and portability of data and opposition and limitation to their treatment at ANAYET LATITUD NORTE S.L., POLÍGONO MUNICIPAL, VIAL 4, NAVE 9. 31500 TUDELA – NAVARRA or at the electronic address ADM@TRANSPYR.COM, identifying yourself sufficiently in your request by electronic means or, failing that, by means of a duly signed application. However, if the controller has reasonable doubts as to the identity of the natural person making the request, he may ask for additional information necessary to confirm his identity. Also, and especially if you consider that you have not obtained full satisfaction in the exercise of your rights, you may submit a complaint to the national supervisory authority by contacting the Spanish Data Protection Agency, C/ Jorge Juan, 6 – 28001 Madrid.
RECORD OF PROCESSING ACTIVITIES
a) Responsable
Identify: ANAYET LATITUD NORTE S.L. NIF: B31968068 Postal address: POLÍGONO MUNICIPAL, VIAL 4, NAVE 9. 31500 TUDELA – NAVARRA E-mail: ADM@TRANSPYR.COM Telephone: 696176836
b) Purpose of processing
Management of customer relations
c) Categories of stakeholders
Customers: People with whom a business relationship is maintained as customers
d) Data categories
The necessary for the maintenance of the business relationship. Invoicing, sending postal or e-mail advertising, after-sales service and loyalty. Identification: name, NIF, postal address, telephone numbers, e-mail. Personal characteristics: date and place of birth, age, sex, nationality.
e) Categories of addressees
Service providers
f) International transfer
No international transfers planned
g) Deletion period
The provisions of tax law regarding the limitation of liability
ATTENTION TO THE RIGHTS EXERCISE
The controller shall inform all employees about the procedure for addressing data subjects’ rights, clearly defining the mechanisms by which the rights can be exercised (electronic means, reference to the Data Protection Officer if any, postal address, etc.) and taking into account the following:
Upon presentation of their national identity document or passport, the holders of personal data (interested) may exercise their rights of access, rectification, deletion, opposition, portability and limitation of processing. The exercise of rights is free.
The controller shall reply to the data subjects without undue delay and in a concise, transparent, intelligible form, in clear and simple language and retain evidence of the fulfilment of the duty to respond to requests for exercise of rights made.
Where the application is submitted by electronic means, information shall be provided by such means where possible, unless the person concerned requests otherwise.
Requests must be answered within 1 month of receipt, with the possibility of an extension for another 2 months taking into account the complexity or number of requests, but in that case the person concerned must be informed of the extension within one month from receipt of the request, indicating the reasons for the delay.
Right of access: In the right of access, you will provide the data subjects with a copy of the personal data available together with the purpose for which they have been collected, the identity of the recipients of the data, the intended retention periods or the criteria used to determine them, the existence of a right to request the rectification or deletion of personal data and the restriction or objection to their processing, the right to file a complaint with the Spanish Data Protection Agency and if the data has not been obtained from the interested party, any information available on its origin. The right to obtain a copy of data cannot adversely affect the rights and freedoms of other data subjects.
Right of rectification: In the right of rectification, we will proceed to modify the data of the interested parties that were inaccurate or incomplete according to the purposes of the processing. The person concerned shall indicate in his request which data he refers to and the correction to be made, providing, where necessary, documentary evidence of the inaccuracy or incompleteness of the data subject to processing. If the data has been communicated by the controller to other controllers, it must notify them of the rectification of these unless it is impossible or requires a disproportionate effort, providing the data subject with information about such recipients, if requested.
Right to deletion: In the right to erasure, data of the data subjects will be deleted when they express their refusal to process and there is no legal basis for this, are not necessary in relation to the purposes for which they were collected, withdraw the consent given and there is no other legal basis for the processing or it is unlawful. If the deletion results from the exercise of the right to object to the processing of your data for marketing purposes, the identification data of the data subject may be retained in order to prevent future processing. If the data has been communicated by the controller to other controllers, it must notify them of the deletion unless this is impossible or requires a disproportionate effort, providing the data subject with information about such recipients, if requested.
Right of opposition: In the right of opposition, when the data subjects express their refusal to the processing of their personal data with the controller, this will stop processing them provided that there is no legal obligation preventing it. Where the processing is based on a public interest task or the legitimate interest of the controller, in response to a request for the exercise of the right of opposition, the controller shall cease processing the data unless compelling reasons are established that prevail over the interests, rights and freedoms of the data subject or are necessary for the formulation, exercise or defense of claims. If the data subject opposes processing for direct marketing purposes, the personal data will no longer be processed for these purposes.
Right of portability: Under the right of portability, if the processing is carried out by automated means and is based on consent or is carried out within the framework of a contract, data subjects may request to receive a copy of their personal data in a structured format, commonly used and machine-readable. They also have the right to request that they be transmitted directly to a new controller, whose identity shall be disclosed where technically possible.
Right to restriction of processing: In the right to limitation of processing, the data subjects may request the suspension of the processing of their data to contest its accuracy while the controller carries out the necessary verifications or in case the processing is carried out on the basis of the legitimate interest of the controller or in compliance with a mission of public interest, while verifying whether these grounds prevail over the interests, rights and freedoms of the data subject. The data subject may also request retention of the data if he or she considers that the processing is unlawful and instead of erasure requests limitation of the processing, or if even not in need of it for the purposes for which it was collected, the person concerned needs them for the purpose of formulating, exercising or defending claims. The fact that processing of data of the data subject is limited shall be clearly indicated in the systems of the controller. If the data has been communicated by the controller to other controllers, it must notify them of the limitation of processing unless this is impossible or requires a disproportionate effort, providing information about these recipients to the data subject, if requested.
If the request of the data subject is not acted on, the controller shall inform him without delay and at the latest one month after receipt of the request, the reasons for its failure to act and the possibility of submitting a complaint to the Spanish Data Protection Agency and of exercising legal actions.