DATA PROTECTION PRIVACY POLICY

Protecting your personal data is very important for CALMELL, S.A., a company belonging to the CALMELL Group. We have adopted solid principles for the entire group through the informative Data Protection Policy. We are committed to ensuring that your personal information is protected and not misused.

By providing us with your personal data and using our websites, we understand that you have read and understood the terms relating to the personal data protection information that is set out therein.

In this informative note we provide you with detailed information on who is the data controller, for what purpose your personal data is going to be processed, the legal grounds for processing, how we collect your data, why we collect it, how we use it, your rights, and the procedures we have put in place to protect your privacy.

  1. SCOPE OF APPLICATION

This document applies to all companies of the CALMELL Group.

  1. OWNERSHIP OF THE DATA AND PURPOSE FOR USING THEM.

When you use the various electronic and hardcopy registration forms at CALMELL, S.A., you are providing us with personal data that is incorporated into our database. You also generate information as a result of your interaction with us that we may retain. All data processing carried out by CALMELL, S.A. and the CALMELL Group companies is always and in every case based on the express consent of the user.

To obtain consent, electronically, the user must mark the checkboxes that accompany the data collection form. Without express authorisation, the data will not be processed, the website will provide notice to the effect that it will not allow the process to continue when processing is necessary. Our website generates a record of each of the consents given by the user in order to prove its effective provision and date.

By “express consent” we understand that which implies a positive act on the part of the user, processing is never based on the user’s mere silence or inaction.

Likewise, the data that you provide us so as to access any service or feature that we make available to you through the website will be subject to processing, and we will always inform you about the processing that will be carried out and we will obtain your consent expressly.

Furthermore, we make forms available to web users so they can contact us and send us their suggestions.

When we collect information from the user by other means, for example, a written form, we shall obtain consent to processing via a signature on a hardcopy document.

  1. DATA CONTROLLER.

Your data is incorporated into the file whose controller is:

Fiscal ID Number: A-08244287
Name or company name: CALMELL, S.A.
Address: C/ Fresser, 12 – 08110 Montcada i Reixac, Barcelona
Email: dpo@calmell.net

  1. INFORMATION ABOUT THE CALMELL GROUP COMPANIES

AFFIX ELECTRÓNICA, S.L.
Fiscal ID Number: B-60712650
C/ Fresser, 12 – 08110 Montcada i Reixac, Barcelona

TARGET EMPRESARIAL, S.L.
Fiscal ID Number: B-62172358
C/ Fresser, 12 – 08110 Montcada i Reixac, Barcelona

METABYTS, S.L.
Fiscal ID Number: B-80504426
C/ Fresser, 12 – 08110 Montcada i Reixac, Barcelona

 

  1. LEGAL GROUNDS FOR PROCESSING YOUR PERSONAL DATA

To comply with our legal and regulatory obligations, we rely on the following provisions:

  1. Article 6.1. GDPR. On the express consent you have given us to process your data.
  2. Article 6.2. GDPR. For the execution of a contract to which you as an interested party are a party, or for the application, at your request, of contractual measures.

 

  1. WHAT PERSONAL DATA OF YOURS DO WE PROCESS?

The data collected may cover one or several categories of personal data, depending on the purpose to be carried out and the acceptance of the processing powers granted to us. These can be:

  • Identification information: name, National Identity Document, postal address, email, telephone numbers.
  • Personal characteristics: academic and professional.
  • Social circumstances: family situation, marital status.
  • Employment situation: employment, location, employer name.
  • Banking, financial, and transactional data: bank account, payment details.

We never request personal data related to your race or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data or data related to your sexual orientation, unless required to do so under a legal obligation.

  1. FOR WHAT PURPOSE DO WE COLLECT YOUR PERSONAL INFORMATION?

The main reason why we collect your personal information is to facilitate and improve the service that you expect from us as a customer.

  1. HOW DO WE COLLECT INFORMATION?

We may collect personal information about you by different means, in some cases you will contact us to share your personal information, and in others we collect your personal data by other means such as:

  • Websites / social network pages that contain information made public by you, such as your website or social network, for example.
  • Databases made public by third parties.
  • Publications/databases provided by authorities or official bodies, such as the Official State Gazette, for example.
  • Our corporate clients and/or their brands and affiliates.
  • Third parties such as credit analysis and fraud prevention agencies or data intermediaries in accordance with data protection legislation.

 

  1. WITH WHOM DO WE SHARE YOUR PERSONAL DATA?

In order to fulfil the purposes discussed above, we only disclose your personal data to:

  • Service providers who perform services on our behalf.
  • Independent agents, intermediaries or brokers, financial and commercial partners with whom we have frequent links, financial and judicial authorities, state agencies and public bodies at your request or under legal cover.
  • Certain regulated professionals such as lawyers, notaries, or auditors.
  • Group companies

 

  1. DATA TRANSFERS OUTSIDE THE EEA

In the case of international transfers originating in the European Economic Area (EEA) where the European Commission has recognised that a non-EU State has provided an adequate level of data protection, your personal data may be transferred on those grounds.

For those transfers to non-EU States whose level of protection has not been recognised by the European Commission, we will resort to a derogation applicable to that specific situation or implement the following security measures to ensure the protection of your personal data:

  • Standard contractual clauses approved by the European Commission.
  • Binding corporate rules, when applicable.

To obtain a copy of these security measures or information on where they are available, you can send a request in writing as indicated in point 9.

  1. HOW LONG WILL WE KEEP YOUR PERSONAL DATA?

We will keep your personal data for the maximum time required in order to comply with applicable laws and regulations or for another period regarding our operational requirements, such as proper account running, facilitating customer management, and responding to legal claims or regulatory requests. For example, most of the customer’s information is kept for the duration of the contractual relationship and subsequent to its termination, the detailed information on this point is contained in our cookie policy present on the company’s websites.

  1. WHAT ARE YOUR RIGHTS AND HOW CAN YOU EXERCISE THEM?

In accordance with the applicable regulation, you have the following rights:

  • Access: You can obtain information regarding the processing of your personal data and a copy of the same.
  • Rectification: Where you consider that your personal data is incorrect or incomplete, you can request that such data be modified in an appropriate manner.
  • Erasure: You can request the deletion of your personal data to the extent permitted by law.
  • Restriction: You can request that the processing of your personal data be restricted.
  • Objection: You can object to your data being processed considering your particular situation. You have the absolute right to object to the processing of your personal data for direct marketing purposes, including profiling related to direct marketing.
  • Withdraw consent: In cases where you have given your consent for your personal data to be processed, you have the right to withdraw it at any time.
  • To the portability of your data: Where applicable, you have the right to have the data returned to you or, where possible, transferred to a third party.

If you wish to exercise the abovementioned rights, please send a letter or email to the following addresses: C/ Fresser, 12 – 08110 Montcada i Reixac, Barcelona, or to dpo@calmell.net including a copy or scanned copy of your Fiscal ID Number or a supporting document so we can check your identity.

In accordance with the applicable legislation, in addition to the abovementioned rights, you have the right to make a complaint to the competent oversight authority, the Spanish Data Protection Agency (AEPD), whose address is Calle Jorge Juan, 6, PC 28001, Madrid, if, within a month, we have not replied to your request to exercise your rights.

  1. YOU CAN FOLLOW ANY UPDATES TO THE PRIVACY POLICY OF CALMELL, S.A.

In a world of constant technological change, we need to constantly update our Privacy Policy.

We encourage you to review the latest version of our online policy and we will notify you of any changes through our website or another regular communication channel.

  1. CONTACT US

If you have any questions regarding the use of your personal data under this Privacy Policy, please send us a letter to C/ Fresser, 12 – 08110 Montcada i Reixac,
Barcelona or an email to dpo@calmell.net contacting our Data Protection Representative and we will review your request.

It is important that you should be aware of what the consequences of cancelling your data as a user of WWW.CALMELL.COM are, we therefore inform you that, if you request the cancellation of said data, you will lose the account with which you registered, and it will be necessary for you to re-register again as a new user.

  1. SECURITY MEASURES

CALMELL, S.A. has carried out an exhaustive risk analysis of all the data processing carried out. As a result of said analysis, each process has been defined and an attempt has been made to minimise possible risks, guaranteeing with the utmost diligence that the Fundamental Rights of users will be protected within CALMELL, S.A’s organisational environment.

CALMELL, SA is aware of the user’s concern for security, therefore, it has chosen to implement the strictest security levels that the proper functioning of the website, its features, and its services, will allow, thus preserving the integrity of the stored data and information. The services are provided using our own technological resources and, sometimes, those of third parties, which have the necessary security measures to ensure the impossibility of unauthorised access in accordance with current ordinary technical and technological know-how. At WWW.CALMELL.COM we want the service that our customers receive to offer a satisfactory and secure user experience, which is why we only choose providers with a reputable track record and technical solvency allowing them to comply with current legal security regulations, to avoid your data being lost, misused, or accessed by unauthorised persons.

  1. AGE TO BE A USER OF WWW.CALMELL.COM

In general, to be a user of WWW.CALMELL.COM, you will need to be A LEGAL ADULT. If our team discovers that any user account belongs to a minor, we may contact you to establish your age. To do this, we may request that you provide your National Identity Document (DNI) or another equivalent document within a certain period. Should this not be provided or where we establish that the profile has been created by a minor, we can proceed to block or definitively cancel your user profile.

  1. COOKIES AND LOG FILES:

The WWW.CALMELL.COM website uses cookies to facilitate the relationship between visitors and our content and to allow us to compile statistics about the visitors we receive. In compliance with Directive 2009/136/CE, implemented in our legal system by the second section of article 22 of the Information Society Services Law, following the guidelines of the Spanish Data Protection Agency, we proceed to inform you in detail about how we use them on our website.

What we call cookies are small files that are recorded in the browser used by each visitor to our website so that the server can remember that user’s visit later when they access our content again. This information does not reveal your identity, or any personal data, nor does it access the content stored on your PC, but it does allow our system to identify you as a specific user who has previously visited the website, viewed certain pages, etc. And it also allows us to save your personal preferences and technical information such as visits made or the specific pages you visited.

If you do not want cookies to be saved in your browser or you prefer to receive information each time a cookie requests installation, you can configure your browsing options to do so. Most browsers allow cookies to be managed in 3 different ways:

  • Cookies are always rejected.
  •  The browser asks if the user wants to install each cookie.
  • Cookies are always rejected.

Your browser may also include the ability to select in detail the cookies you want to be installed on your computer. Specifically, the user can normally accept any of the following options:

  • Reject cookies from certain domains.
  • Reject third-party cookies.
  • Accept cookies as non-persistent (they are deleted when the browser is closed).
  • Allow the server to create cookies for a different domain.