E. ERHARDT Y CÍA. S.A. will process data on a confidential basis, with all the legal and security assurances required under the General Data Protection Regulation (EU Regulation 2016/679), hereinafter called the GDPR, Framework Act [Ley Orgánica] 3/2019 of 5 December on the Protection of Personal Data and Assurance of Digital Rights, Act 34/2002 of 11 July on Services for the Information Society and Electronic Commerce and all other applicable current Spanish legislation.
- Owner: E. ERHARDT Y CÍA. S.A.
- Headquarters C/ Ercilla, 19 5ª (48009 BILBAO).
- Tax ID nº A48003628.
To assure proper processing of your data, E. ERHARDT Y CÍA. S.A. has designated a Data Protection Officer (DPO), whom you may contact at the following address: firstname.lastname@example.org.
2. INFORMATION & CONSENT
3. OBLIGATION TO PROVIDE DATA
You are only obliged to provide personal data via the forms or email address of the Website when they are signposted as compulsory, or when they are required to fulfil the purpose of the query made. In such cases, failure to provide data correctly or at all means that the said purposes cannot be met, even though you may still be able to view the contents of the Website freely.
4. PURPOSES FOR WHICH USERS' PERSONAL DATA WILL BE PROCESSED ON THE WEBSITE
Personal data provided via the form or any messages sent to the email address of the Website will be processed for the purposes of managing the query submitted, sending information on products or services about which Users have expressed an interest and/or providing services requested.
5. WEBSITE USER DATA PROCESSED
The type of personal data obtained from Website Users and processed to deal with their queries, send them the commercial information requested and provide the services requested are identity details (full name), contact data (email address) and such other date as may be provided by Users themselves in the open "message" fields.
6. LAWFUL BASIS FOR THE PROCESSING OF USER DATA
Your data will be processed on the basis of the performance of the contract if the queries submitted via the Website imply the application at your request as the data subject of pre-contractual measures.
The lawfulness of the commercial messages concerned with services or products similar to those requested or contracted lies in the lawful interest of the data controller.
7. PARTIES WITH WHOM USER DATA MAY BE SHARED
The personal data provided may be passed on for the purposes indicated above to other member companies of the Erhardt Group, or to firms cooperating in the provision of services for the management of the contractual relationship sought by you, the User.
8. DATA CONSERVATION
Your personal data and information will be held for as long as necessary to fulfil the purposes for which they were obtained, and to cover any claims or liabilities that may arise as a result of the processing of the said data.
In general, once the query has been dealt with or the service has been provided, data will be blocked and will not be processed further, though they will remain available to the public authorities and the courts in regard to potential liabilities resulting from data processing. Once the statutory period of limitation has elapsed, they will be deleted. However, for data processing in which no liabilities arising from same need be taken into consideration, E. ERHARDT Y CÍA. S.A. will delete the data at the end of the time required to ensure proper completion of the purposes for which they were obtained.
9. EXERCISING OF RIGHTS
You, the User, may at any time write to the postal address indicated in the heading of this policy document or to the email address email@example.com, attaching a photocopy of your ID document, to revoke the consent given, to obtain confirmation of whether your personal data are being processed, to access your personal data, to correct wrong or incomplete data, to request the deletion of your personal data when they are no longer needed for the purposes for which they were obtained, to have their processing restricted if the conditions envisaged in data protection regulations are met, to request the portability of the data that you provided and to bring any concerning the protection of your personal data before the competent supervisory authority.
10. SECURITY MEASURES.
User data will at all times be processed with the utmost confidentiality, maintaining the necessary duty of secrecy in regard to same as envisaged in the applicable regulations. To that end, the necessary technical and organisational measures will be taken to assure the security of your data and prevent any alteration, Los, unauthorised access or processing thereof, taking into consideration the state-of-the-art, the nature of the data stored and the risks to which they are exposed.