0 Items
MENU  

PROCESSING OF PERSONAL DATA (contact) and privacy policy

 

PROCESSING OF PERSONAL DATA AND PRIVACY POLICY

In accordance with current data protection legislation, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter, GDPR), and Organic Law 3/2018 of 5 December on Data Protection and Guarantee of Digital Rights (hereinafter, LOPD-GDD), the user is informed in accordance with the provisions of Articles 13 of the GDPR and 11 of the LOPD-GDD:

 

I. CONTROLLER


Who is responsible for processing your data?

 

    • Company name: GRUPO CYBENTIA MOBILITY Y CYBERSECURITY SL
    • Tax ID number: B88191994
    • Address: Calle Hermanos Lumière, 11 -PARQUE TECNOLÓGICO DE ÁLAVA, CP 01510, Vitoria-Gasteiz
    • Email: ADMIN@CYBENTIA.COM / CONTACTO@CYBENTIA.COM 
  • Website: WWW.CYBENTIA.COM
  • Registration details in the Commercial Register: VOLUME: 38158 BOOK: GENERAL COMPANIES FOLIO: 31 SECTION 8 PAGE: M-679033

 

II. PURPOSE


For what purpose will we process your personal data?

 

GRUPO CYBENTIA MOBILITY Y CYBERSECURITY SL processes your information for the following purposes:

 1. Maintain the commercial relationship and provide the contracted service.

 2. Prepare a quote tailored to your needs.

 3. Manage email communications with interested parties.

 4. Carry out the company’s selection processes.

 5. Management of the company’s employees and human resources.

 6. Sending commercial information related to our sector. 

 

How long will we keep your data?

 

The personal data you provide will be kept for as long as the commercial relationship remains in force. However, in order to be as transparent as possible with you, we would like to inform you that the general calculations we work with are as follows:

 

 

  • General identification data (email, name, surname, telephone number, etc.): for the duration of the commercial relationship or until consent is revoked. In any case, they will be deleted when they are no longer used for the purpose for which they were collected.

 

  • Law on Offences and Penalties in the Social Order (obligations regarding affiliation, registrations, cancellations, contributions, payment of salaries, etc.); Arts. 66 et seq. General Tax Law (accounting books, etc.): four (4) years.

 

  • Personal actions without a specific time limit (Article 1964 of the Civil Code): five (5) years

 

  • Accounting, tax and labour (Article 30 of the Commercial Code – accounting books, invoices, etc.): six (6) years.

 

  • Labour: contracts, working time records, salary and contribution receipts, identification documents, four (4) years; in the case of occupational risk prevention reports, illness or accident files, contracts with prevention services, five (5) years.

 

  • Data subject to the Law on the Prevention of Money Laundering and Terrorist Financing (Article 25): ten (10) years.

 

  • Selection processes: two (2) years from the submission of the curriculum vitae. 

 

  • Likewise, given the sending of commercial information, even if the relationship between the parties is terminated, the data controller will continue to store your information for the purpose of sending newsletters related to our products and services. You may always exercise your rights under current legislation by contacting us through the channel that is most convenient for you.

 

  • Disaggregated and anonymised data: no time limit

 

Despite the existence of these general time limits, we inform you that we will periodically review our systems to delete any data that is not legally necessary. 

 

III. LEGITIMACY


What is the legitimacy for the processing of your data?

 

Depending on the purposes for which our data is collected, the processing of your data is necessary:

 

To manage the commercial relationship you have entered into and contracted with us.  

      • Execution of a contract (enabled by Article 6.1.b GDPR)
      • Consent of the data subject (enabled by Article 6.1.a GDPR)

To provide you with a quote tailored to your needs.

    1. Execution of a contract and/or pre-contractual relationship (enabled by Article 6.1.b GDPR)

Managing email communications with data subjects.

    1. Consent of the data subject (enabled by Article 6.1.a GDPR)
    2. Legitimate interest (covered by Article 6.1.f GDPR)

Carrying out the company’s selection processes.

    1. Consent of the data subject (enabled by Article 6.1.a GDPR)

Management of the company’s employees and internal human resources

    1. Contractual performance (covered by Article 6.1.b GDPR)

Sending commercial communications. 

    1. Consent of the data subject (enabled by Article 6.1. GDPR)
    2. Consent of the data subject (covered by Article 20 LSSICE)
    3. Legitimate interest (enabled by Article 6.1.f GDPR and 21.2 LSSICE)

Furthermore, all data collected is necessary for the provision of the service. However, data marked with an asterisk (*) is mandatory. If the mandatory data is not provided, the controller will not be able to provide the contracted service. 

 

Finally, we inform you that only persons over the age of 14 may provide personal data on this website. In accordance with the LOPD and GDD, in the case of minors under the age of 14, the consent of their parents or guardians is mandatory in order for us to process their personal data.

 

Furthermore, only persons over the age of 18 may contract our services. In the case of minors under the age of 18, the consent of their parents or legal guardians is mandatory in order for us to provide the services offered, unless the minor is emancipated.

 

 

IV. RIGHTS OF DATA SUBJECTS


What are my rights regarding data protection?

 

In accordance with the provisions of Articles 13 GDPR and 11.2.c) LOPDGDD, you may exercise any of the following rights by writing to us at the postal address CALLE HERMANOS LUMIÈRE, 11, 11 -PARQUE TECNOLÓGICO DE ÁLAVA-,  CP 01510, VITORIA-GASTEIZ or by email to ADMIN@CYBENTIA.COM and CONTACTO@CYBENTIA.COM. In any case, according to current regulations, you have the following rights in accordance with the provisions of Articles 15 to 22 of the GDPR and 12 to 18 of the LOPDGDD:  

 

  • Right to request access to personal data relating to the data subject.

 

  • Right to request rectification or erasure.

 

  • Right to request the restriction of processing.

 

  • Right to object to processing.

 

  • Right to portability.

 

You may request the forms to exercise your rights from the Data Controller via the email address indicated in the data controller’s details. Additionally, you may lodge a complaint with the Spanish Data Protection Agency (AEPD). For more information, see Section VII of this document.

 

V. RECIPIENTS


To whom will your data be communicated?

 

You will always be informed and, where appropriate, your express consent will be requested to transfer your personal data or carry out international transfers in accordance with current regulations (Articles 13.1.e) and 44 of the GDPR, as well as Articles 11.1 and 40 of the LOPDGDD 3/2018). Therefore, we inform you that the third parties with whom the Data Controller works have their servers located within the EU, EEA or Switzerland, with adequate security measures in place to ensure proper and confidential data processing. 

Apart from the aforementioned cases and except where legally required, your data will not be transferred or communicated to any third party, except in cases provided for by law or when strictly necessary for the provision of a service. In general, data may be transferred to:

  • Technology service providers.
  • Payment service providers.
  • Courier and parcel delivery companies.
  • Third parties or intermediaries, in their capacity as service providers, operating on our behalf (administrative agencies, consultancies, self-employed collaborators, etc.).    
  • Third parties responsible for processing, collaborators or those with a close commercial relationship with the data controller for the sole purpose of providing our services.

 

Data transfers will be carried out with the strictest confidentiality, using the necessary measures, such as signing confidentiality agreements or adhering to the privacy policies established on their respective websites. The User may refuse to transfer their data to the Data Processors by means of a written request, using any of the aforementioned methods. The data controller will not transfer or communicate your data to any third party, except in cases provided for by law or when the provision of a service involves the need for a contractual relationship with a Data Processor. Thus, the User accepts that some of the personal data collected may be provided to these Data Processors (payment platforms, agencies, intermediaries, etc.), when necessary for the effective performance of a contracted service or purchased product. The User also accepts that, in the case of the provision of services, these may be, totally or partially, subcontracted to other persons or companies, who will be considered Data Processors, with whom the corresponding confidentiality agreement has been agreed, or who have adhered to their privacy policies, established on their respective websites. The User may refuse to transfer their data to the Data Processors by means of a written request, using any of the aforementioned methods.               

 

 

VI. SOURCE OF YOUR DATA 


How have we obtained your data?

 

The personal data used by GRUPO CYBENTIA MOBILITY Y CYBERSECURITY SL comes from the data subject themselves, in compliance with the provisions of Articles 13 GDPR and 11 LOPDGDD mentioned above, or from group companies or collaborators, about which you can obtain more information by writing to the email addressADMIN@CYBENTIA.COM and CONTACTO@CYBENTIA.COM or at the office of the Data Controller at the postal address indicated in this document.

 

 

What categories of data do we handle?

The categories of personal data processed: 

 

Identification data 

First name 

Surnames

ID card / Foreign National Identification Number / Passport or equivalent document

Postal addresses 

Email addresses

Gender

Date of birth

Place of birth

Contact telephone number (mobile/landline)

 

Commercial information: own and third parties

 

Financial details 

Bank account number

Credit card number

 

Curriculum vitae

Academic data

Qualifications

Hobbies

Membership of associations or clubs

 

Sensitive data will be processed in accordance with the provisions of Articles 9 GDPR and 9 LOPDGDD, informing the data subject in all cases about what data will be used by the controller.

 

VII. ADDITIONAL INFORMATION

 

  • Security measures: Users of the controller’s website are informed that we have taken all the technical and organisational security measures within our power to prevent the loss, misuse, alteration, unauthorised access and theft of data, thereby guaranteeing the confidentiality, integrity and quality of the information contained therein, in accordance with the provisions of current data protection legislation. The personal data collected in the forms is processed solely by the data controller’s staff or designated data processors. The website also has SSL encryption, which allows users to securely send their personal data through the website’s contact or registration forms.

 

  • Confidentiality: The information provided by the User will, in all cases, be considered confidential and may not be used for purposes other than those described herein. The controller undertakes not to disclose or reveal information about the User’s claims, the reasons for the advice requested or the duration of their relationship with the User. 

 

  • Accuracy of data: The User declares that all the data provided by them is true and correct and undertakes to keep it up to date. The User shall be responsible for the accuracy of their data and shall be solely liable for any conflicts or disputes that may arise as a result of the falsity of such data. In order for us to keep personal data up to date, it is important that the User informs the data controller whenever there has been any change in their data.

 

  • Documentation prepared by LegalDPO (https://legaldpo.es/), based on information provided by the Data Controller. The content complies with current regulations in February 2023 and may vary in accordance with legislative changes or jurisprudential criteria, with the owner being responsible for verifying the validity of the regulations at all times.   

VIII. SUPERVISORY AUTHORITY

We make every effort to comply with data protection regulations, as this is our most valuable asset. However, we inform you that if you believe that your rights have been infringed, you may lodge a complaint with the Spanish Data Protection Agency (AEPD), located at C/ Jorge Juan, 6. 28001 – Madrid. More information about the AEPD. http://www.agpd.es/. Documentation prepared by LegalDPO. https://legaldpo.es/ 

IX. PURPOSE

For what purpose will we process your personal data?

 

GRUPO CYBENTIA MOBILITY Y CYBERSECURITY SL processes your information for:

 

  • Maintain the commercial relationship and provide the contracted service.

 

  • Provide a quote tailored to your needs.

 

  • Manage email communications with interested parties.

 

  • Carry out the company’s selection processes.

 

  • Managing the company’s employees and human resources.

 

  • Sending commercial information related to our sector: ADVERTISING SERVICES 

 

  • Managing training activities

 

How long will we keep your data?

 

The personal data you provide will be kept for as long as the commercial relationship remains in force. However, in order to be as transparent as possible with you, we would like to inform you that the general calculations we work with are:

 

  • General identification data (email, name, surname, telephone number, etc.): for the duration of the commercial relationship or until consent is revoked. In any case, they will be deleted when they are no longer used for the purpose for which they were collected.

 

  • Accounting, tax and employment: six (6) years.

 

  • Labour: ten (10) years.

 

  • Selection processes: two (2) years from the delivery of the curriculum vitae. 

 

  • Likewise, given the sending of commercial information, even if the relationship between the parties is terminated, GRUPO CYBENTIA MOBILITY Y CYBERSECURITY SL will continue to store your information for the purpose of sending newsletters related to our products and services. You may always exercise your rights under current legislation by contacting us through the channel that is most convenient for you.

 

Despite the existence of these general time limits, we inform you that we will periodically review our systems to delete any data that is not legally necessary. 

 

X. LEGITIMACY

 

What is the legitimacy for the processing of your data?

 

Depending on the purposes for which our data is collected, the processing of your data is necessary:

To manage the commercial relationship you have entered into and contracted with us.

    • Execution of a contract (enabled by Article 6.1.b GDPR)
    • Consent of the data subject (enabled by Article 6.1.a GDPR)

To provide you with a quote tailored to your needs.

    • Execution of a contract and/or pre-contractual relationship (enabled by Article 6.1.b GDPR)

 Managing email communications with data subjects.

    • Consent of the data subject (enabled by Article 6.1.a GDPR)
    • Legitimate interest (covered by Article 6.1.f GDPR)

 Carrying out the company’s selection processes.

    • Consent of the data subject (enabled by Article 6.1.a GDPR)

 Management of the company’s employees and internal human resources

    • Contractual performance (covered by Article 6.1.b GDPR)

 Sending commercial communications. 

    • Consent of the data subject (enabled by Article 6.1. GDPR)
    • Consent of the data subject (enabled by Article 20 LSSICE)
    • Legitimate interest (enabled by Article 6.1.f GDPR)

 

  1. Managing training activities
    1. Execution of a contract (enabled by Article 6.1.b GDPR)
    2. Consent of the data subject (enabled by Article 6.1.a GDPR)

 

Furthermore, all data collected is necessary for the provision of the service. However, data marked with an asterisk (*) is mandatory. If the mandatory data is not provided, GRUPO CYBENTIA MOBILITY Y CYBERSECURITY SL will not be able to provide the contracted service.

 

XI. RIGHTS OF DATA SUBJECTS

 

What are my rights regarding data protection?

 

In accordance with the provisions of Articles 13 GDPR and 11.2.c) LOPDGDD, you may exercise any of the following rights by writing to us at the postal address CALLE HERMANOS LUMIÈRE, 11, 11 -PARQUE TECNOLÓGICO DE ÁLAVA-,  CP 01510, VITORIA-GASTEIZ or by email to ADMIN@CYBENTIA.COM and CONTACTO@CYBENTIA.COM In any case, according to current regulations, you have the following rights in accordance with the provisions of Articles 15 to 22 of the GDPR and 12 to 18 of the LOPDGDD:  

 

  • Right to request access to personal data relating to the data subject.

 

  • Right to request its rectification or erasure.

 

  • Right to request the restriction of processing.

 

  • Right to object to processing.

 

  • Right to portability.

 

You may request the forms to exercise your rights from the Data Controller via the email address indicated in the data controller’s details. Additionally, you may lodge a complaint with the Spanish Data Protection Agency (AEPD). Further information can be found in Section VII of this document. 

 

XII. RECIPIENTS

 

To whom will your data be communicated?

 

You will always be informed and, where appropriate, your express consent will be requested to transfer your personal data or carry out international transfers in accordance with current regulations (Articles 13.1.e) and 44 of the GDPR, as well as Articles 11.1 and 40 of LOPDGDD 3/2018). 

 

XIII. SOURCE OF YOUR DATA

 

How have we obtained your data?

 

The personal data used by GRUPO CYBENTIA MOBILITY Y CYBERSECURITY SL comes from the data subject themselves, in compliance with the provisions of Articles 13 GDPR and 11 LOPDGDD mentioned above, or from group companies or partners, about which you can obtain more information by writing to the email addresses ADMIN@CYBENTIA.COM and CONTACTO@CYBENTIA.COM or at the office of the Data Controller at the postal address indicated in this document.

 

 

What categories of data do we handle?

The categories of personal data processed: 

 

Identification data 

First name 

Surnames

ID card / Foreign National Identification Number / Passport or equivalent document

Postal addresses 

Email addresses

Gender

Date of birth

Place of birth

Contact telephone number (mobile/landline)

 

Business information

 

Financial details 

Bank account number

Credit card number

 

Curriculum vitae

Academic details

Qualifications

Hobbies

Membership of associations or clubs

 

 

Sensitive data will be processed in accordance with the provisions of Articles 9 GDPR and 9 LOPDGDD, informing the data subject in all cases about what data will be used by the controller.

 

XIV. SUPERVISORY AUTHORITY

 

At GRUPO CYBENTIA MOBILITY Y CYBERSECURITY SL, we make every effort to comply with data protection regulations, as this is our most valuable asset. However, we inform you that if you believe that your rights have been infringed, you may lodge a complaint with the Spanish Data Protection Agency (AEPD), located at C/ Jorge Juan, 6. 28001 – Madrid. More information about the AEPD. http://www.agpd.es/ . Documentation prepared by LegalDPO. https://legaldpo.es/ 



PARTNERSHIPS
Logo de ISMS Forum Spain Logo Clúster de Movilidad Logo del Global Mobility Call Logo de Aslan Logo IFAES Logo IEBS Logo de Vitoria Gasteiz Logo Centro Zaragoza Logo Mondragon Unibertsitatea Logo Universidad Complutense Logo INCIBE Logo SERNAUTO Logo UPV Logo CYBASQUE Logo GAIA Logo M2F Logo women 4 cyber Logo AEDIVE Logo SPRI Logo Diputación ÁLAVA Logo BIC ARABA Logo UC3M
SUPPORTS
Logo de la UE Logo de Unitede Nations Global Marketplace Logo de l Gobierno Vasco Logo del Ayuntamiento de Vitoria Logo de Cyberzaintza Logo Parque tecnológico de Álava Logo de Cámara de Álava Logo de INCIBE Logo Madridmasd Logo de Fundación Parque Científico de Madrid Logo de CyberMadrid
I+D+i RESEARCH
Investigación I+D+i
Financiado con el Kit Digital
Grupo CYBENTIA
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.