Privacy Policy

Second Layer of the Information Principle

In accordance with the provisions of current legislation on data protection, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter, RGPD), as well as Organic Law 3/2018, of 5 December, on Data Protection and Guarantee of Digital Rights (hereinafter, LOPD-GDD), the user is informed in accordance with the provisions of articles 13 of the RGPD and 11 of the LOPD-GDD:

1. RESPONSIBLE

Who is responsible for processing your data?

• Company name: EUROCYBCAR SL
• CIF: B01573013
• Address : ALBERT EINSTEIN STREET 15, BIC ARABA BUILDING, ÁLAVA TECHNOLOGY PARK 01500, MIÑANO (VITORIA-GASTEIZ, ÁLAVA)
• Email: ADMIN@EUROCYCAR.COM
• Website: WWW.EUROCYBCAR.COM
• Registration data in the Commercial Registry of Álava: VOLUME: 1668, FOLIO: 138, SHEET: VI-19260, REGISTRATION: 1st, JOURNAL: 54, ENTRY: 3268
•  

1. PURPOSE

For what purpose will we process your personal data?

EUROCYBCAR SL processes your information for:

1. Maintenance of the commercial relationship and provision of the contracted service.

2. Preparation of a budget tailored to your needs.

3. Manage email communications with interested parties.

4. Carry out the company’s selection processes.

5. Management of employees and human resources of the company.

6. Sending commercial information related to our sector

How long will we have your data?

The personal data that you provide us will be kept as long as the current business relationship is maintained. However, in order to have maximum transparency with you, we inform you that the general calculations with which we work are:

• Generic identification data (email, name, surname, telephone number, etc.): for the duration of the business relationship or until consent is revoked. In any case, they will be deleted when they are not going to be used for the purpose for which they were collected.

• Law on Violations and Sanctions in the Social Order (obligations regarding membership, registration, deregistration, contributions, payment of salaries…); Arts. 66 et seq. General Tax Law (accounting books…): four (4) years.

• Personal actions without special term (article 1964 Civil Code): five (5) years

• Accounting, tax and labor (article 30 of the Commercial Code – accounting books, invoices…): six (6) years.

• Labor: contracts, work schedule records, salary and contribution receipts, identification documents, four (4) years; in the case of reports on prevention of occupational risks, records of illnesses or accidents, contracts with prevention services, five (5) years.

• Data subject to the Law on the Prevention of Money Laundering and Financing of Terrorism (Article 25): ten (10) years.

• Selection processes: two (2) years from the delivery of the curriculum vitae.

• Likewise, given the sending of commercial information, even if the relationship between the parties is terminated, the controller will continue to retain your information for the purpose of sending newsletters related to our products and services ^[1]. You may always exercise the rights granted to you by current regulations by contacting us through the most convenient means for you.

• Disaggregated and anonymized data: no deadline

Despite the existence of these general deadlines, we inform you that we will periodically review our systems to proceed to eliminate any data that is not legally necessary.

1. LEGITIMATION

What is the legitimacy for the processing of your data?

Depending on the purposes for which our data is collected, the processing of your data is necessary:

1. Manage the commercial relationship that you have entered into and contracted with us.
   1. Execution of a contract (enabled by Article 6.1.b GDPR)
   2. Consent of the interested party (inhabited by article 6.1.a RGPD)

2. Preparation of a budget tailored to your needs.
   1. Execution of a contract and/or pre-contractual relationship (enabled by article 6.1.b GDPR)

3. Manage email communications with interested parties.
   1. Consent of the interested party (inhabited by article 6.1.a RGPD)
   2. Legitimate interest (enabled by Article 6.1.f GDPR)

4. Carry out the company’s selection processes.
   1. Consent of the interested party (inhabited by article 6.1.a RGPD)

5. Management of employees and internal human resources of the company
   1. Contractual execution (enabled by article 6.1.b GDPR)

6. Sending commercial communications
   1. Consent of the interested party (enabled by article 6.1. GDPR)
   2. Consent of the interested party (enabled by article 20 LSSICE)
   3. Legitimate interest (enabled by article 6.1.f GDPR and 21.2 LSSICE)

Furthermore, all data collected are necessary for the provision of the service. However, data marked with an asterisk (*) are mandatory. If the mandatory data are not provided , the controller will not be able to provide the contracted service.

Finally, we inform you that only persons over 14 years of age may provide personal data on this website. Pursuant to the LOPD and GDD, in the case of minors under 14 years of age, the consent of their parents or guardians is mandatory for us to process their personal data.

Furthermore, only persons over 18 years of age may contract our services. In the case of minors under 18 years of age, the consent of their parents or legal guardians will be mandatory for us to be able to provide the services offered, unless the minor is emancipated.

1. RIGHTS OF INTERESTED PERSONS

What rights do I have regarding data protection?

In accordance with the provisions of articles 13 RGPD and 11.2.c) LOPDGDD, you can exercise any of the following rights by notifying us at the postal address CALLE ALBERT EINSTEIN 15 EDIFICIO BIC ARABA, PARQUE TECNOLÓGICO DE ÁLAVA 01500, MIÑANO (VITORIA-GASTEIZ, ÁLAVA) or by email to ADMIN@EUROCYCAR.COM In any case, according to current regulations, you have the following rights recognized in accordance with the contents of articles 15 to 22 RGPD and 12 to 18 LOPDGDD:

• Right to request access to personal data relating to the interested party.

• Right to request rectification or deletion.

• Right to request limitation of processing.

• Right to object to processing.

• Right to portability.

You may request the forms to exercise your rights from the Controller, through the email address indicated in the controller’s details. Additionally, you may file a claim with the Spanish Data Protection Agency (AEPD). More information in Section VII of this document.

• RECIPIENTS

To which recipients will your data be communicated?

You will always be informed and, where appropriate, your express consent will be requested to transfer your personal data or make international transfers in accordance with current regulations (arts. 13.1.e) and 44 RGPD, as well as art. 11.1 and 40 LOPDGDD 3/2018). Therefore, we inform you that the third parties with whom the Controller works have their servers located within the EU, EEA or Switzerland, with appropriate security measures to guarantee adequate and confidential data processing.

Apart from the cases mentioned above and except by legal obligation, your data will not be transferred or communicated to any third party, except in the cases provided for by law or when it is strictly necessary for the provision of a service. In general terms, the data may be transferred to:

• Technology service providers.
• Payment service providers.
• Courier and parcel companies.
• Third parties or intermediaries, as service providers, who operate on our own behalf (consultants, consultants, self-employed collaborators, etc.).    
• Third parties in charge of processing, collaborators or with a close commercial relationship with the controller for the exclusive purpose of providing our services.

Data transfers will be carried out in compliance with the strictest confidentiality, using the necessary measures, such as the signing of confidentiality agreements, or adherence to their privacy policies established on their respective websites. The User may refuse the transfer of their data to the Data Processors, by means of a written request, using any of the aforementioned means. The controller will not transfer or communicate your data to any third party, except in cases provided for by law or when the provision of a service implies the need for a contractual relationship with a Data Processor. Thus, the User accepts that some of the personal data collected may be provided to these Data Processors (payment platforms, agencies, intermediaries, etc.), when necessary for the effective performance of a contracted service or purchased product. The User also accepts that, in the event of the provision of services, these may be, in whole or in part, subcontracted to other persons or companies, who will be considered Data Processors, with whom the corresponding confidentiality agreement has been agreed, or adhered to their privacy policies, established on their respective websites. The User may refuse the transfer of their data to the Data Processors, by written request, by any of the means previously referenced.              

• ORIGIN OF YOUR DATA

How did we obtain your data?

The personal data used by EUROCYBCAR SL come from the interested party, thus complying with the provisions of articles 13 RGPD and 11 LOPDGDD already mentioned, or from group or collaborating companies, about which you can obtain more information by writing to the email address ADMIN@EUROCYCAR.COM or at the office of the Controller at the postal address indicated in this document.

What categories of data do we handle?

The categories of personal data that are processed:

Identification data

Name

Surnames

DNI / NIE / Passport or equivalent document

Postal addresses

Email addresses

Sex

Birthdate

place of birth

Contact phone number (mobile/landline)

Commercial information: own and third parties

Economic data

Bank account number

Credit Card Number

Curriculum vitae

Academic data

Qualifications

Hobbies

Membership of associations or clubs

The processing of sensitive data will be carried out in accordance with the provisions of articles 9 GDPR and 9 LOPDGDD, informing the interested party in all cases about which data will be used by the controller.

• ADDITIONAL INFORMATION

• Security measures: Users of the website of the controller are informed that the security measures, both technical and organisational, within our reach have been adopted to prevent the loss, misuse, alteration, unauthorised access and theft of data, and to guarantee the confidentiality, integrity and quality of the information contained therein, in accordance with the provisions of current regulations on data protection. The personal data collected in the forms are processed solely by the staff of the controller or by the designated Data Processors. The Website also has SSL encryption that allows the User to securely send their personal data through the contact or registration forms on the website.

• Confidentiality: The information provided by the User will, in all cases, be considered confidential and may not be used for purposes other than those described herein. The controller undertakes not to disclose or reveal information about the User’s claims, the reasons for the advice requested or the duration of its relationship with the User.

• Accuracy of data: The User declares that all data provided by him/her are true and correct and undertakes to keep them updated. The User will be responsible for the accuracy of his/her data and will be the sole party responsible for any conflicts or disputes that may arise from the falsity of the data. It is important that, in order for us to keep personal data updated, the User informs the controller whenever there has been any change in the data.

• Documentation prepared by LegalDPO ( https://legaldpo.es/ ), based on the information provided by the Data Controller. The content complies with the regulations in force in February 2023, and may vary in accordance with legislative changes or jurisprudential criteria, with the owner being obliged to verify the validity of the regulations at all times.

• CONTROL AUTHORITY

We make every effort to comply with data protection regulations, as this is our most valuable asset. However, we inform you that if you believe that your rights have been violated, you may file a claim with the Spanish Data Protection Agency (AEPD), located at C/ Jorge Juan, 6. 28001 – Madrid. More information about the AEPD. http://www.agpd.es/ . Documentation prepared by LegalDPO. https://legaldpo.es/

1. PURPOSE

For what purpose will we process your personal data?

EUROCYBCAR SL processes your information for:

7. Maintenance of the commercial relationship and provision of the contracted service.

8. Preparation of a budget tailored to your needs.

9. Manage email communications with interested parties.

10. Carry out the company’s selection processes.

11. Management of employees and human resources of the company.

12. Sending commercial information related to our sector:ADVERTISING SERVICES

13. Manage training activities

How long will we have your data?

The personal data that you provide us will be kept as long as the current business relationship is maintained. However, in order to have maximum transparency with you, we inform you that the general calculations with which we work are:

• Generic identification data (email, name, surname, telephone number, etc.): for the duration of the business relationship or until consent is revoked. In any case, they will be deleted when they are not going to be used for the purpose for which they were collected.

• Accounting, tax and labor: six (6) years.

• Labor: ten (10) years.

• Selection processes: two (2) years from the delivery of the curriculum vitae.

• Likewise, given the sending of commercial information, even if the relationship between the parties is terminated, EUROCYBCAR SL will continue to retain your information for the purpose of sending newsletters related to our products and services ^[2]. You may always exercise the rights granted to you by current regulations by contacting us through the most convenient means for you.

Despite the existence of these general deadlines, we inform you that we will periodically review our systems to proceed to eliminate any data that is not legally necessary.

• LEGITIMATION

What is the legitimacy for the processing of your data?

Depending on the purposes for which our data is collected, the processing of your data is necessary:

7. Manage the commercial relationship that you have entered into and contracted with us.
   1. Execution of a contract (enabled by Article 6.1.b GDPR)
   2. Consent of the interested party (inhabited by article 6.1.a RGPD)

8. Preparation of a budget tailored to your needs.
   1. Execution of a contract and/or pre-contractual relationship (enabled by article 6.1.b GDPR)

9. Manage email communications with interested parties.
   1. Consent of the interested party (inhabited by article 6.1.a RGPD)
   2. Legitimate interest (enabled by Article 6.1.f GDPR)

10. Carry out the company’s selection processes.
    1. Consent of the interested party (inhabited by article 6.1.a RGPD)

11. Management of employees and internal human resources of the company
    1. Contractual execution (enabled by article 6.1.b GDPR)

12. Sending commercial communications
    1. Consent of the interested party (enabled by article 6.1. GDPR)
    2. Consent of the interested party (enabled by article 20 LSSICE)
    3. Legitimate interest (enabled by Article 6.1.f GDPR)

13. Manage training activities
    1. Execution of a contract (enabled by Article 6.1.b GDPR)
    2. Consent of the interested party (inhabited by article 6.1.a RGPD)

Furthermore, all data collected are necessary for the provision of the service. However, data marked with an asterisk (*) are mandatory. In the event that the mandatory data is not provided, EUROCYBCAR SL   will not be able to provide you with the contracted service.

• RIGHTS OF INTERESTED PERSONS

What rights do I have regarding data protection?

In accordance with the provisions of articles 13 RGPD and 11.2.c) LOPDGDD, you can exercise any of the following rights by notifying us at the postal address CALLE ALBERT EINSTEIN 15 EDIFICIO BIC ARABA, PARQUE TECNOLÓGICO DE ÁLAVA 01500, MIÑANO (VITORIA-GASTEIZ, ÁLAVA) or at the email address ADMIN@EUROCYCAR.COM In any case, according to current regulations, you have the following rights recognized in accordance with the contents of articles 15 to 22 RGPD and 12 to 18 LOPDGDD:

• Right to request access to personal data relating to the interested party.

• Right to request rectification or deletion.

• Right to request limitation of processing.

• Right to object to processing.

• Right to portability.

You may request the forms to exercise your rights from the Controller, through the email address indicated in the controller’s details. Additionally, you may file a claim with the Spanish Data Protection Agency (AEPD). More information in Section VII of this document.

• RECIPIENTS

To which recipients will your data be communicated?

You will always be informed and, where appropriate, your express consent will be requested to transfer your personal data or carry out international transfers in accordance with current regulations (arts. 13.1.e) and 44 GDPR, as well as art. 11.1 and 40 LOPDGDD 3/2018).

• ORIGIN OF YOUR DATA

How did we obtain your data?

The personal data used by EUROCYBCAR SL come from the interested party, thus complying with the provisions of articles 13 RGPD and 11 LOPDGDD already mentioned, or from group or collaborating companies, about which you can obtain more information by writing to the email address ADMIN@EUROCYCAR.COM or at the office of the Controller at the postal address indicated in this document.

What categories of data do we handle?

The categories of personal data that are processed:

Identification data

Name

Surnames

DNI / NIE / Passport or equivalent document

Postal addresses

Email addresses

Sex

Birthdate

place of birth

Contact phone number (mobile/landline)

Commercial information

Economic data

Bank account number

Credit Card Number

Curriculum vitae

Academic data

Qualifications

Hobbies

Membership of associations or clubs

The processing of sensitive data will be carried out in accordance with the provisions of articles 9 GDPR and 9 LOPDGDD, informing the interested party in all cases about which data will be used by the controller.

• CONTROL AUTHORITY

EUROCYBCAR SL makes every effort to comply with data protection regulations, as this is our most valuable asset. However, we inform you that if you believe that your rights have been violated, you may file a claim with the Spanish Data Protection Agency (AEPD), located at C/ Jorge Juan, 6. 28001 – Madrid. More information about the AEPD. http://www.agpd.es/ . Documentation prepared by LegalDPO. https://legaldpo.es/

---

[1]If you do not send commercial communications, you can omit this part.

[2]If you do not send commercial communications, you can omit this part.