Privacy Policy

Following the principles of legality, loyalty and transparency, we put at your disposal this Privacy Policy based on Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 and Organic Law 3/2018, of December 5, Protection of Personal Data and development standard.

Who is responsible for the processing of your data?

Multidisciplinary group in the field of Environmental Technologies, hereinafter CRETUS.

SOCIAL NAME: Multidisciplinary group in the field of Environmental Technologies, hereinafter, CERTUS.

CIF: Q1518001A

SOCIAL ADDRESS: Colexio San Xerome. Obradoiro Square s / n 15782

CONTACT: Juan Manuel Lema Rodicio

Telephone: + 34-881-816773

Email: juan.lema@usc.es

For what purpose do we treat your personal data?

In CRETUS, depending on the category of interested party, we treat the information you provide us with the following purposes:

– Potential clients: Manage the potential commercial and / or professional relationship, manage the sending of requested information and / or resolve the queries raised in the different forms or contact details. The category of data that, mainly, we are going to deal with: contact details and query data

Clients: Manage the commercial and / or professional relationship that unites us. Process orders, requests or any type of request that is made by the user through any of the contact forms that are made available. The category of data that, mainly, we are going to deal with are: identifying, contact and economic data.
Suppliers: Manage the commercial and / or professional relationship. The category of data that, mainly, we are going to deal with are: identifying, professional, contact and economic data.
Candidates: Manage the personnel selection process. The category of data that, mainly, we are going to deal with are: Identification, employment details, academic data, skills, personality and any other that includes the candidate.
Sending commercial communications (email, fax, SMS, MMS, social communities or any other electronic or physical means, present or future): Give information of interest about our activities, our services, relevant news and news regarding research and development What we do The sending of commercial communications will be made to those who have a prior contractual relationship, unless otherwise opposed, and, if there is no prior relationship, when they expressly consent.
Training / Events: Data related to training courses and / or events for the qualification of personnel for a better performance of their activity. The data that we request is adequate, relevant and strictly necessary and in no case is required to provide them, but its non-communication may affect the purpose of the service or the impossibility of providing it.

 

What is the legitimacy for the processing of your data?

The legal basis for the processing of your personal data, depending on the category of interested party, may be:

INTERESTED

LEGAL BASE

POTENTIAL CUSTOMERS

Art. 6.1.a GDPR: Consent of the interested party. Art. 6.1.b GDPR: application, at the request of the interested party, of pre-contractual measures (budgets, custom sheets, service offers …).
Art. 6.1.f GDPR: Legitimate interest (send requested information, answer the questions asked …).

CUSTOMERS / TRAINING / EVENTS

Art. 6.1.b GDPR: execution of a contract in which the interested party is a party.
Art. 6.1.f GDPR: Legitimate interest (send requested information, answer the questions asked …).

SUPPLIERS

Art. 6.1.b GDPR: execution of a contract in which the interested party is a party.
Art. 6.1.f GDPR: Legitimate interest (send requested information, answer the questions asked …).

CANDIDATES

Art. 6.1.a GDPR: Consent of the interested party.

COMMERCIAL COMMUNICATIONS

Commercial communications by electronic means: Regulations on information society services:

– Contractual relationship: It will be possible to send commercial communications related to the product initially contracted.
– Non Clients (Potential): It can be made effective when expressly requested or expressly accepted. In any case you can object to the sending in any communication.
Commercial communications by non-electronic means: Following the criteria set forth above, Art. 6.1.f GDPR: Legitimate interest will apply.

How long will we keep your personal data?

Your data will be kept for the minimum time necessary for the correct provision of the service offered as well as to meet the responsibilities that may arise from it and any other legal requirement in case of potential clients, customers, collaborators and suppliers. Contractual regulations, General Tax regulations and consumers and users, among others, will be taken into account.

Candidate data will be kept for a maximum period of one year, unless otherwise opposed.

Commercial communications will be sent until the client objects to sending them through the mechanisms established in each email.

To which recipients will your data be communicated?

CRETUS will not communicate your data to any third party, unless expressly informed.

Additionally, we inform you that certain data, in accordance with current regulations or the contractual relationship that CRETUS maintains, may be communicated to:

Banks and financial institutions for the collection of contracted services and / or products purchased.
Public administrations with competence in CRETUS activity sectors, when established by current regulations.
To carry out administrative procedures, your data may be communicated to the Universities. You will be informed about it.
On the other hand, those responsible for the treatment of the Company may have access to personal data, that is, the service providers that have to access their personal data for the development of their functions.

What are your rights when you provide us with your data?

The data protection rights of which the interested parties are holders are:

Right to request access to personal data related to the interested party
Right of rectification or deletion
Right of opposition
Right to request the limitation of your treatment
Right to data portability
The holders of the personal data obtained, may exercise their rights of protection of personal data by sending a written communication to the registered office of CRETUS or to the email enabled for this purpose, email: juan.lema@usc.es, including in both cases photocopy of your ID or other equivalent identification document.
Models, forms and more information available on your rights on the website of the national control authority, Spanish Agency for Data Protection, hereinafter, AEPD, www.aepd.es.

Can I withdraw consent?

You have the possibility and the right to withdraw consent for any specific purpose granted at the time, without affecting the legality of the treatment based on the consent prior to its withdrawal.

Where can I claim if I consider that my data is not treated correctly?

If an interested party considers that their data is not treated correctly by CRETUS, they can direct their claims to the email or to the corresponding data protection authority, the AEPD being the one indicated in the national territory, www.aepd.es.

Security and update of your personal data

In order to safeguard the security of your personal data, we inform you that CRETUS has adopted all the necessary technical and organizational measures to guarantee the security of the personal data provided. All this to avoid its alteration, loss, and / or unauthorized treatments or access, as required by the regulations, although absolute security does not exist. It is important that, so that we can keep your personal data updated, inform us whenever there is a modification of them.

Confidentiality

CRETUS informs you that your data will be treated with the utmost zeal and confidentiality by all personnel involved in any of the phases of the treatment.