Identity: Imprenta Gofer S.L.
Dir. Postcard for the purpose of notifications and summons: Polígono Industrial Granda II - Eucaliptos 4, 33199, Granda - Siero, Asturias
Phone: 985 231 630 / 984 186 146
DPD Contact: email@example.com
For what purpose do we process your personal data?
The personal data we process responds to the following purposes:
- Attention to your queries and requests: Response Management to Queries, Claims or Incidents, Requests for technical or corporate information, Resources and/or Activities, carried out by email, telephone, contact form and/or instant messaging.
- Contact with the interested party through the means of communication provided (email, postal address and/or telephone) in order to manage queries arising from the relationship between the parties.
- Offer and Commercial Management of the products and services offered by the Controller. Contact with the interested party to request data that is necessary, in order to manage the design and proposal of products and/or services.
- Internal use, carrying out operations and administrative, economic and accounting management derived from the commercial relationship and/or provision of services.
- Profile Analysis, to the extent that you have unequivocally consented to us “In order to be able to offer you products and services in accordance with your interests, as well as improve your user experience, we will prepare a “profile”, based on the information provided. No automated decisions will be made based on said profile.”
- Consult the advertising exclusion systems that could affect their actions, excluding from the processing the data of those affected who have expressed their opposition or refusal to it through consultation of the advertising exclusion systems published by the control authority. competent.
- Associated management, including its prior communication, that could arise from the development of any structural modification operation of companies or the contribution or transfer of a business or branch of business activity, provided that the treatments were necessary for the good purpose of the operation and guarantee, where appropriate, continuity in the provision of services.
- Dissemination of our best practices regarding the services we have provided and/or the publication and/or communication of graphic material that may incorporate the image of the owner and/or the personnel under his/her charge in corporate and/or media. or other means of public communication to the extent that you have unequivocally consented to it.
- Management of the Contracting and provision of services of the organization, as well as compliance with contractual and regulatory requirements linked to the organization and/or the requested operation.
- Sending commercial communications about products or services similar to those contracted by the client with whom there is a prior contractual relationship, legitimized in accordance with article 21 of the LSSICE.
- Quality control over our products and services, quality management of processes and activities, as well as the evaluation of the satisfaction/perception and performance results of the organization's interest groups.
- Providing evidence to justify campaigns, activities, promotions, contests, projects and subsidies in which the organization participates
- Regulatory Compliance Management (applicable regulations, as well as mandatory internal regulations): Investigation, monitoring and audit of controls established for the prevention of crimes, with access controls to facilities, video surveillance, information and printing systems being able to be established. of documentation for all personal data under the responsibility of the organization and therefore for all the information systems of said entity, as well as the controls that the entity could establish for the investigation of accidents and/or incidents that may occur. , as well as breaches of rules, crimes or illicit behavior.
- Evaluation of Asset Solvency and Credit in order to confirm the economic viability of the requested operation, as well as, where appropriate, the communication and management associated with the claim for the agreed amounts for the provision of the service.
- Statistical and historical purposes that allow us to improve the commercial strategy of our products and services, your data being previously anonymized.
- The management and audit of the management systems and regulatory compliance of the organization's processes and facilities.
- Contact and send personal communications, invitations to events, congratulate you on special dates, carry out quality and satisfaction surveys, as well as to periodically inform you of developments, news and corporate information, and provide you with offers of products and services of interest to you. by telephone, written or electronic means, if you have consented and/or requested.
- To the extent that you have provided us with your resume to join the company, we will process your data for the management of the job selection processes, and if you have consented, for the purposes described in the additional consents.
How long do we keep your data?
- The data provided will be kept as long as the relationship of legality of treatment is maintained, its deletion is not requested by the interested party after formalized written termination of the relationship with the interested party, with the exception of its conservation for the formulation, exercise or the defense of claims by the data controller or with a view to the protection of the rights of another natural or legal person and/or for reasons of legal obligation.
- In any case, at the end of the relationship the data of the interested party will be duly blocked, as provided for in current data protection regulations.
- Accounting and Tax Documentation - For Tax purposes: The accounting books and other mandatory record books according to the applicable tax regulations (IRPF, VAT, IS, etc.), as well as the documentary supports that justify the entries recorded in the books (including computer programs and files and any other documentation that has fiscal significance), must be kept, at least, during the statute of limitations for Tax Crimes - General Tax Law and Penal Code, 10-year statute of limitations for infractions.
- Accounting and Tax Documentation - For Commercial Purposes: Books, correspondence, documentation and justifications concerning your business - Commercial Code – 6 years.
- Solvency Files: Data referring to certain, overdue and demandable and unclaimed debts -LOPD – 5 years
- The data processed for the sending of commercial communications will be kept until you revoke the consent granted.
- Therefore, the data will be kept as long as the commercial relationship remains in force, based on the conservation periods established by the current regulations noted above, as well as the legal or contractual periods provided for the exercise or prescription of any action. of liability for breach of contract by the interested party or the Organization (Civil Code establishes a period of 5 years to be able to carry out an action for civil liability, a period that counts from the date on which compliance with the obligation can be required).
What is the legitimacy for the processing of your data?
The processing of your data is legitimized in:
- Compliance with the request you make to us. The data requested is necessary for the correct provision of the same.
- The legal basis for the processing of your data is the fulfillment of the request you make to us. The data requested is necessary for the correct provision of the same.
- The execution of a contract, request, offer, order and/or commercial contract, for which the data provided may be communicated to third parties who provide us, where appropriate, specific products and/or services that were necessary for the management of the contracted provision of services, in order to adequately address, where appropriate, the guarantees and responsibilities of the products and services supplied.
- Comply with a legal obligation: Administrative, commercial, tax, fiscal, accounting, civil and financial regulations, and consumer and user defense legislation, as well as the regulations inherent to the contracted operation and those associated with the sector. li>
- Satisfy a legitimate interest of the Controller: Processing of data as part of a commercial relationship and/or contract, which are necessary for its maintenance or compliance, fraud prevention, cases of legitimate interest in which the controller could be a harmed party. and the processing and communication of the non-compliant data to third parties is necessary in order to manage regulatory compliance and the defense of the interests of the data controller as well as the legitimate interest of direct marketing enabled by the LSSICE (sending of commercial electronic communications on products or services similar to those contracted by the client with whom there is a prior contractual relationship), as well as cases of legitimate interest in specific treatments contemplated in the LOPDGDD.
- The consent of the interested party that has been provided to us unequivocally through formal means and/or by checking the boxes enabled for this purpose in the data protection clauses enabled in the base document that has regulated the commercial relationship based on the contact channel.
To which recipients can your data be communicated?
- Organizations or people directly hired or with whom there is a collaboration agreement with the Data Controller for the provision of services linked to the purposes of treatment (by way of example and not limitation): Legal, Tax and Accounting Advice, Entities Collection Management and Credit Insurance, Management Auditors, Accounting and/or Regulatory Compliance, Computer Maintenance, Suppliers, Courier/Transport Companies, Video Surveillance/Alarm Companies, other professionals/companies necessary for the execution of certain services.
- Organizations or bodies of the Public Administration with powers in the matters subject to the purposes of the treatment, to meet their obligations in cases where this is required in accordance with the legislation in force at any time, as well as for the management of the provision of services.
- Third parties that have been expressly authorized by the data owner.
- Financial Entities: Transfer and/or management of payment instruments.
- State Security Forces and Bodies and the Judicial bodies, to the extent required.
- Collaborators or promoters of events, projects and subsidies in which the organization participates, for the technical or economic justification thereof.
- Communication media for the promotion/publication of the organization's activities (public and/or private, such as websites, social networks, newspapers, etc.).
Under what guarantees are your data communicated?
The communication of data to third parties is carried out to entities that certify the provision of a Personal Data Protection System in accordance with current legislation.
- You guarantee that you are over eighteen (18) years of age and that the data you provide to the Data Controller are true, accurate, complete and updated. For these purposes, the user is responsible for the veracity of all the data communicated and will keep the information provided appropriately updated, in such a way that it responds to their real situation.
- Guarantees that you have informed the third parties of whom you provide your data, if you do so, of the aspects contained in this document. Likewise, you guarantee that you have obtained your authorization to provide your data to the Data Controller for the stated purposes.
- You will be responsible for any false or inaccurate information provided through the Website and for any damages, direct or indirect, that this causes to the Data Controller or third parties.
What are your rights?
You have the right to obtain confirmation as to whether we are processing personal data that concerns you, or not.
Interested persons have the right to access their personal data, as well as to request the rectification of inaccurate data or, where appropriate, request its deletion when, among other reasons, the data is no longer necessary for the purposes for which were collected.
In certain circumstances, interested parties may request the limitation of the processing of their data, in which case we will only keep them for the exercise or defense of claims.
In certain circumstances and for reasons related to their particular situation, interested parties may oppose the processing of their data, in which case the Data Controller will stop processing the data, except for compelling legitimate reasons, or the exercise or defense of possible claims.
By virtue of the right to portability, interested parties have the right to obtain the personal data that concerns them in a structured, commonly used and machine-readable format and to transmit it to another controller.
In the event that you have given consent for a specific purpose, you have the right to withdraw consent at any time, without affecting the legality of the processing based on consent prior to its withdrawal.
Where to go to exercise your rights?
If you wish to exercise your rights, please go to the channel established for the exercise of rights by the data controller (oficina@imprentagofer .com) so that we can respond to your request in a managed manner.
What information is required to exercise your rights? To exercise your rights, we need to prove your identity and the specific request you make to us, as we request the following information:
- Documented information (written/email) of the request in which the request is specified.
- Proof of identity as the owner of the data subject to exercise (Name, surname of the interested party and photocopy of the DNI of the interested party and/or of the person representing him, as well as the document accrediting such representation.
- Address for notification purposes, date and signature of the applicant (in the case of writing), or full name and surname (in the case of email), or validation of the request in the private area of the communication channel with a personal password authentication of your identity.
- When the data controller has reasonable doubts regarding the identity of the natural person making the request, they may request that the additional information necessary to confirm the identity of the interested party be provided.
What is the General Procedure for Exercising your rights? Once we have received the required information, we will proceed to respond to your request in accordance with the general procedure for exercising rights. of the Data Controller:
- The data controller shall provide the data subject with information relating to its actions on the basis of a request in accordance with articles 15 to 22 (Rights of the data subject), and in any case within a period of one month from receipt of the application.
- This period may be extended for another two months if necessary, taking into account the complexity and number of applications.
- The person responsible will inform the interested party of any such extensions within a period of one month from receipt of the request, indicating the reasons for the delay.
- Where the interested party submits the request by electronic means, the information will be provided by electronic means where possible, unless the interested party requests that it be provided otherwise.
- If the data controller does not process the interested party's request, it will inform you without delay, and no later than one month after receipt of the request, of the reasons for not acting and the possibility of filing a claim. before a supervisory authority and to take legal action.
- The information provided will be free of charge, except for a reasonable fee for administrative costs.
- The data controller may refuse to act on the request, although he or she will bear the burden of demonstrating the manifestly unfounded or excessive nature of the request.
What claim methods exist?
If you consider that your rights have not been duly taken care of, you have the right to file a claim with the competent data protection authority (www.agpd.es).
How did we obtain your data?
Your data has been obtained through one of the following means:
- Through the interested party himself or his legal representative.
- Through third parties with which the data controller maintains a commercial relationship or provision of services.
- Through public organizations related to the purpose of the contracted service provision.
- Through third parties at the request of the contracting party.
What category of data do we process?
Identification and contact data (name, surname, telephone or email, etc.); commercial information data; economic, financial and/or payment conditions data; other types of data: name, surname and NIF of legal representative, contact information of people in the organization involved or related to the service that is the subject of the contract/request.
The data structure that we process may contain specially protected data, the processing of which is necessary for the correct execution of the products/services contracted by the interested party, and which will be processed by the organization as data processor. Generally, such data is dissociated and/or anonymized.
How is your personal data stored securely?
Imprenta Gofer follows strict criteria for selecting service providers in order to comply with your obligations regarding data protection and undertakes to sign with them the corresponding data processing contract through which it will impose, among others, the following obligations: apply appropriate technical and organizational measures; process personal data for the agreed purposes and following only the documented instructions of Imprenta Gofer and delete or return the data to the user once the provision of the services is completed. These agreements do not affect your rights under data protection law. For more information about these agreements, please do not hesitate to contact us.
Confidentiality and information of third parties who provide us with personal data
With the acceptance and/or validation of the process that serves as the basis for the formalization of your relationship with Imprenta Gofer, you expressly consent to the processing of data in accordance with the provisions of the clause and additional information on data protection, and undertake to inform and have the consent of third parties who provide us with personal data for said processing.
Likewise, the user undertakes to inform in the name and on behalf of Imprenta Gofer in an express, precise and unequivocal manner the owners of the data of whom information is transferred to Imprenta Gofer - within the month following the moment of communication of the data to Imprenta Gofer-, of the data processing carried out.