Who is responsible for the processing of your data?
INGENIERIA Y DISEÑO EUROPEO, S.A. Tax ID No.: A33386756
Address: C/ PROFESOR POTTER, 105, 33203, GIJON.
Tfno: 985 175 705
Mail: idesa@idesa.net
Web: www.idesa.net
DPO: dpdasturias@prodat.es
You can contact us in any way to communicate with us.
We reserve the right to modify or adapt this Privacy Policy at any time. You are advised to review it, and if you have registered and you access your account or profile, you will be informed of any changes.
If you are one of the following groups, consult the following information:
+ WEB OR E-MAIL CONTACTS
What data do we gather through the Web?
We can process your IP, what operating system or browser you use, and even the length of your visit, anonymously.
If you provide us with information in the contact form, you will identify yourself so as to be contacted, if necessary.
What is the legal basis for processing your data?
The acceptance and consent of the interested party: In the cases where it is necessary to fill in a form and click on the “submit” button to make a request, completing the form and submitting it will necessarily imply that you have been informed and have expressly given your consent to the content of the clause annexed to said form or acceptance of the privacy policy.
All our forms show the symbol * when data are obligatory. If you do not complete these fields, or do not tick the acceptance checkbox for the privacy policy, sending the information will not be allowed. The following formula is usually shown: “□I am over 14 and I have read and accept the Privacy Policy.”
+ NEWSLETTER CONTACTS
What data do we collect through the newsletter?
You can subscribe to the Newsletter on the Web, if you provide us with an e-mail address, to which the Newsletter will be sent.
We will only store your e-mail in our database, and then we will send you e-mails periodically, until you request cancellation, or we stop sending e-mails.
You will always have the option to cancel your subscription, in any communication.
For what purposes do we process your personal data?
What is the legal basis for processing your data?
Acceptance and consent of the interested party: In the cases where you subscribe, you must accept by ticking a checkbox and then click on the “submit” button. This will necessarily imply that you have been informed and have expressly granted your consent to receiving the newsletter.
If you do not tick the acceptance checkbox for the privacy policy, sending of the information will not be allowed. The following formula is usually shown: “□ I am over 14 and I have read and accept the Privacy Policy.”
+ CLIENTS
For what purposes do we process your personal data?
+ SUPPLIERS
For what purposes do we process your personal data?
What is the legal basis for processing your data?
The legal basis is the acceptance of a contractual relationship, or otherwise your consent when you contact us or offer us your products by any means.
+ SOCIAL NETWORK CONTACTS
For what purposes do we process your personal data?
What is the legal basis for processing your data?
The acceptance of a contractual relationship in the environment of the social network in question, and in accordance with its Privacy policies.
Facebook http://www.facebook.com/policy.php?ref=pf
Instagram https://help.instagram.com/155833707900388
Twitter http://twitter.com/privacy
Linkedin http://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv
Google* http://www.google.com/intl/es/policies/privacy/
*(Google+ y Youtube)
How long do we keep personal data?
We can only consult or cancel your data in a restricted way as they are part of a specific profile. We will process them as long as you let us do it, being friends or clicking on "I like it", "continue" or similar buttons.
Any rectification of your data or restriction on information or publications must be made through the configuration of your profile or user on the social network itself.
+ JOB SEEKERS
For what purposes do we process your personal data?
You are also informed that we will destroy your CV safely after a year has gone by since it was received.
What is the legal basis for processing your data?
The legal basis is your unequivocal consent, when you send us your CV.
+ SUGGESTIONS BOX
What data do we gather through the Web?
We can process your IP, what operating system or browser you use, and even the length of your visit, anonymously.
If you provide us with information in the contact form, you will identify yourself so as to be contacted, if necessary.
For what purposes do we process your personal data?
• Answer your suggestions, complaints or requests.
What is the legal basis for processing your data?
The acceptance and consent of the interested party: In the cases where it is necessary to fill in a form and click on the “submit” button to make a request, completing the form and submitting it will necessarily imply that you have been informed and have expressly given your consent to the content of the clause annexed to said form or acceptance of the privacy policy.
All our forms show the symbol * when data are obligatory. If you do not complete these fields, or do not tick the acceptance checkbox for the privacy policy, sending the information will not be allowed. The following formula is usually shown: “□I am over 14 and I have read and accept the Privacy Policy.”
+ USERS OF THE INTERNAL INFORMATION SYSTEM
For what purpose do we process the personal data you provide us?
Process the information processed through the INTERNAL INFORMATION SYSTEM
The recipient of the communications will be the person in charge of the Internal Information System of INGENIERIA Y DISEÑO EUROPEO, S.A., who fully respects the privacy of the users of the application, treating their personal data with protection and confidentiality. Therefore, it informs users that:
In compliance with the provisions of the personal data protection regulations and the whistleblower protection regulations, we process your data and the information you provide us (as well as the personal data of other people you may provide us with) for the purposes specified in this privacy policy.
No automated decisions will be made, or profiles will be made in relation to the information and data collected.
What is the legitimacy for the processing of your data?
The processing of personal data, in the cases of internal communication, shall be understood to be lawful by virtue of the provisions of articles 6.1.c) of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, 8 of Organic Law 3/2018, of December 5, and 11 of Organic Law 7/2021, of May 26, when, in accordance with the provisions of articles 10 and 13 of this law, it is mandatory to have of an internal information system.
If it is not mandatory, the treatment will be presumed to be covered by article 6.1.e) of the regulation.
The processing of personal data in the cases of external communication channels will be understood to be lawful by virtue of the provisions of articles 6.1.c) of Regulation (EU) 2016/679, 8 of Organic Law 3/2018, of December 5, and 11 of Organic Law 7/2021, of May 26.
How long do we keep the data provided?
The data of the person making the communication and of the employees and third parties must be kept in the system only for the time essential to decide on the appropriateness of initiating an investigation into the facts. In any case, after 3 months from the introduction of the data, they must be deleted from the system unless the purpose of the conservation is to leave evidence of the operation of the model for the prevention of the commission of crimes by the legal person, in accordance with the provisions in article 24 of Organic Law 3/2018, of December 5, Protection of Personal Data and Guarantee of Digital Rights (hereinafter LOPDGDD).
In no case will personal data that are not necessary for the knowledge and investigation of the information be processed, and, where appropriate, they will be immediately deleted. Likewise, all personal data that may have been communicated and that refer to conduct that is not included in the scope of application of Law 2/2023 will be deleted.
If it is proven that the information provided or part of it is not true, it will be immediately deleted from the moment said circumstance is confirmed, unless said lack of truthfulness may constitute a criminal offence, in which case it will be kept the information for the necessary time during which the judicial procedure is processed.
To which recipients can your data be communicated?
Organizations or people directly contracted by the Treatment Manager for the provision of services related to the treatment purposes: Collaborators and Subcontracted Entities for the management of the ethical channel, advisors, consultants, and auditors of the organization´s regulatory compliance system.
Access to personal data contained in the internal information systems will be limited (i) to the person responsible for the Internal Information System and to whoever manages it directly as System Manager*, (ii) to the person responsible for resources human rights, if disciplinary measures are applied (iii) to the person responsible for the legal services of the entity (if legal measures should be adopted in relation to the events reported), (iv) to those in charge of the treatment that are eventually designated, and (v) to the data protection officer.
Security Forces and Bodies: To the extent that a justified right of access is required in the investigation of a regulatory breach. The processing of data by other people, or even its communication to third parties, will be lawful when it is necessary for the processing of sanctioning or criminal procedures that, where appropriate, may apply. The identity of the informant may only be communicated to the judicial authority, the Public Prosecutor´s Office, or the competent administrative authority within the framework of a criminal, disciplinary or sanctioning investigation. Disclosures made under this section will be subject to safeguards established in applicable regulations. In particular, the informant will be transferred before revealing his or her identity, unless such information could compromise the investigation or the judicial procedure.
Under what guarantees are your data communicated?
Acceptance of these conditions implies the collection of personal data that users enter into the Ethical Channel application and their unequivocal consent so that INGENIERIA Y DISEÑO EUROPEO, S.A. treats them for the purpose of managing their complaints and/or information (communications), with the recipient of the events reported therein being the Head of the Internal Information System of INGENIERIA Y DISEÑO EUROPEO, S.A.
By accepting this policy, users guarantee that the personal data provided is true, complete, and up-to-date and that they will communicate any changes to them as soon as possible.
Likewise, with the acceptance and/or validation of the communication processing process enabled in the system form, you declare to be over 14 years of age, have legal capacity, and expressly consent to the processing of data in accordance with the provisions of clause e additional information on data protection. In the cases in which he represents a minor under 14 years of age or a person with legal incapacity, he responsibly declares that he has parental authority or guardianship of the minor or the corresponding legal representation, whose justification may be required by the Treatment Manager to legitimize the accepted consent.
Users must know that the communications presented will be considered confidential and reserved information. To this end, the identity of those reporting in good faith will be especially safeguarded, and they will be protected against any kind of retaliation due to the communication made.
The Person Responsible for the Internal Information System will not reveal, at any time, the data of the person submitting the communication, collected in the web form that collects the personal data of the complainant unless it is required to do so, judicially or by the competent authority.
The Person Responsible for the Internal Information System, in view of the complaint, and with reasons, deems it strictly necessary, provided that the reporting person expressly gives his or her consent.
There are objective reasons to understand that the complaint has been made in bad faith (based on false documentation) and the person responsible for the Internal Information System provides the identity of the complainant, for the sole purpose of promoting the disciplinary measures that result from application.
The user is recommended not to provide anyone with their identification, password, or the alphanumeric reference of their communication. The communication of data that may be made to other third parties and/or data processors is carried out to entities that certify the availability of a Personal Data Protection System in accordance with current legislation.
----------------------
Do we include third-party personal data?
No. As a general rule we only process data sent by their owners. If you supply us with third-party data, before you do so you must inform such third party and ask for its consent; otherwise, you hold us harmless for non-compliance with this requirement.
And children’s data?
We do not process data about children under 14 years of age. Therefore, please refrain from supplying such data if you are not that age or, as the case may be, from supplying data about third parties who are not that age. INGENIERIA Y DISEÑO EUROPEO, S.A. declines any responsibility for non-compliance with this provision.
Do we make electronic communications?
What security measures do we apply?
You can keep your mind at rest: We have adopted an optimal level of protection for the Personal Data that we handle, and we have installed all the means and technical measures at our disposal according to the state of technology to avoid personal data loss, misuse, alteration, unauthorized access and theft.
Who will your data be transferred to?
Your data will not be transferred to third parties, unless there is a legal obligation to do so. Specifically, your data will be communicated to the Inland Revenue and to banks and financial entities for collection for the service provided or product acquired and to those in charge of data processing, as necessary to perform the agreement.
In the event of purchase or payment, if you choose an application, platform, bank card, or another on-line service, your data will be transferred to that platform or will be processed in its environment, always with the utmost security.
When we let them know, the web development and maintenance company, or the hosting company, will have access to our web. These companies will have signed a service provision agreement that obliges them to uphold the same privacy standards as we do.
When US applications are used, any international data transfer will adhere to the Privacy Shield agreement, which guarantees that US software companies comply with European data protection policies as regards privacy.
Your rights
If any of your data changes, we will be grateful if you let us know, so as to keep them updated.
Would you like a form to exercise your rights?
How long do we take to reply to the exercise of your rights?
It depends on the right, but at the most a month after your request and two months if the issue is very complex and we notify you that we need more time.
Do we process cookies?
If we use cookies that are not the necessary ones, you may consult the cookies policy on the relevant link from our web home.
How long do we keep your personal data?
