PRIVACY POLICY.
Privacy is important to ITACA. This policy contains the practices related to the processing of personal data on ITACA's websites, such as the type of data collected, tracking, use and disclosure of such data.
At ITACA we understand that the privacy and security of personal data is of vital importance. This policy therefore sets out what we do with the information and what we do to keep it secure. It also explains where and how we collect information, as well as the data protection rights of the data subject.
This policy applies to those who access and use our website services and those who interact with ITACA on social media (our "Services").
This policy defines our commitment to protecting personal information. We recommend that you read our privacy policy before continuing to browse.
This privacy policy was last updated on 20 de febrero de 2023
1. Identification of the controller's business name
In accordance with the provisions of REGULATION (EU) 2016/ 679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter GDPR) we inform that personal data obtained from the data subject, as well as data generated in the context of the activity of our website will be processed by:
Company name: |
INNOVACIONES TECNICAS APLICADAS A CERAMICAS AVANZADAS SAU (ITACA) |
N.I.F/C.I.F.: |
A12505293 |
Address: |
Partida Rambleta s/n from Pobla Tornesa 12191 (Castellón). |
Residence: |
Spain |
E-mail: |
esp-info@esmalglass-itaca.com |
Telephone numbers: |
964 657 800 |
Object: |
Chemical Industry |
Who is ITACA's Data Protection Officer and how can you contact him/her?
The Data Protection Officer is the person in charge of protecting the fundamental right to the protection of personal data at ITACA and is responsible for compliance with data protection regulations. You can contact the Data Protection Officer at the following address:
DPO contact: dpo@altadiagroup.com
2. General privacy principles.
ITACA collects and processes personal information by adopting the following principles:
Data are processed in a fair, lawful and transparent manner.
Data are collected for specified, explicit and legitimate purposes and are not processed in a way incompatible with those purposes.
The data are adequate, relevant and limited to what is necessary in relation to the purposes for which the processing is carried out.
The data is accurate and up to date. Inaccurate data will be updated or deleted.
Data is retained in an identifiable format for no longer than necessary.
Data are processed securely through appropriate and effective technical and organisational measures against unauthorised or unlawful processing and against accidental loss, destruction or damage, by applying appropriate technical or organisational measures ("integrity and confidentiality").
We are committed to the principles of data protection by design and data protection by default.
3. How we collect your personal data and how it is used.
Directly from the owner: We may collect personal data when you make an enquiry through contact forms, or when you are assigned a login account, among others.
From cookies: We may collect information from "cookies" that we may store on a user's device. Cookies are small data files stored on your hard drive or in the memory of your device. For more information on the use and purpose of cookies, please see our cookie policy.
Logs: In the context of our website activity we may record certain information and store it in log files when you interact with our Services. This information may include internet protocol (IP) or other device addresses or identification numbers, as well as browser type, internet service provider, etc.
4. Assumptions where our website asks for your personal data
When enquiries are made via the contact form or via our e-mail.
When requesting any of the services and/or products we offer.
5. Purposes for which we process your personal data.
At ITACA we process the data necessary to manage and optimise our services and commercial relations with our users and clients. In addition, we also use this information to send advertising of interest to users, related to our products and services.
Personal data is collected and processed for the following purposes:
Stakeholder category |
Purpose |
Cookies |
|
Web Query User |
|
Legal basis for processing and compulsory or optional nature of processing
The legal bases are linked to the purposes of the previous point according to the letters assigned in the table.
Stakeholder category |
Legitimation for data processing |
Cookies |
|
Web Query User |
|
Data provided voluntarily by the data subject
Stakeholder category |
Data provided by the data subject |
Cookies |
|
Web Query User |
|
Retention of personal data.
ITACA only stores your personal data to the extent that we need it in order to be able to use it for the purposes of point 5, and according to the legal basis for processing it and in accordance with applicable law. Your personal information will be kept for as long as a contractual and/or commercial relationship exists or as long as you do not exercise your right to erasure, cancellation and/or limitation of the processing of your data.
Once the relationship with you has been terminated for any of the aforementioned reasons, the information will be kept duly blocked, without being used for any purpose, as long as it may be necessary for the exercise or defence of claims, or as long as any type of judicial, legal or contractual liability may arise from its processing, which must be attended to and for which its recovery is necessary.
Data that are processed for direct marketing purposes will be retained indefinitely until the data subject requests their deletion.
Specifically:
Stakeholder category |
Conservation period |
Cookies |
|
Web Query User |
|
Recipients or third parties to whom we may disclose personal data.
9.1 Personal Data may be shared for the purposes set out in paragraph 5 in the following cases:
In general for all categories of data subjects personal data may be shared:
For compliance with our legal obligations: when disclosure is necessary to comply with our obligations under laws, regulations, legal process or governmental requests affecting us.
For the formulation, exercise or defence of claims or when the courts are acting in their judicial role: In certain circumstances, disclosure of personal data may be mandatory because it is subject to a subpoena, warrant or summons.
In the event of a sale, merger, acquisition or similar transaction: In the event of a merger, acquisition, sale of all or substantially all of our assets or other similar sale transaction, personal data may be transferred as part of that transaction. In such an event, the data subject will be notified of such a transfer.
For the provision of services by suppliers acting on our behalf Occasionally, we enter into contracts with carefully selected third parties so that they can assist us in providing the services on the Site such as:
Servicios de alojamiento Hosting with the purpose of providing hosting and e-mail services.
IT consultancy and web design services: to provide technical support on the code created for the web.
Aggregated or Non-Identifiable Data: We may share aggregated or other non-personally identifiable information that does not identify the data subject in order to improve the experience of our Services.
9.2 Personal Data may be shared outside the EU for the purposes set out in paragraph 5 in the following cases:
Data recipients |
Stakeholder category |
Commission adequacy decision o Adequate safeguards |
Technology Services Platform (Service Provider contracted by the Organisation) |
|
The Data Controller contracts its virtual infrastructure which provides for the management of email, calendar, documents, office applications, file hosting, etc. on a "cloud computing" model through G Suite services belonging to the Google LLC Organisation and under the Commission's Standard Contractual Clauses of art 46 of the GDPR - Information available at: |
10. Security measures adopted in relation to the processing of personal data
ITACA implements and applies appropriate technical and organisational security mechanisms and measures to ensure a level of security of the processing that is appropriate to the risk.
To this end, ITACA has, on the basis of an objective assessment, identified, analysed and evaluated risks of varying likelihood and severity to the rights and freedoms of natural persons and, consequently, has implemented appropriate and effective security mechanisms, safeguards and measures to eliminate or mitigate the identified risks. In particular, appropriate and effective technical and organisational measures are taken to mitigate the risks of accidental or unlawful destruction, loss or alteration of personal data transmitted, stored or otherwise processed, or unauthorised communication or access to such data.
Likewise, ITACA guarantees compliance with the duty of professional secrecy and confidentiality for all its employees, contractors and third party users of personal data.
11. Rights of the Stakeholder.
The user may send communications and exercise his or her data protection rights in accordance with the formalities imposed by data protection regulations.
In all our operations relating to your privacy, we strive to comply with current legislation, which contains a number of rights for the data subject, as listed below:
Your rights |
What does it mean? |
Right to information |
You have the right to be presented with clear, concise, transparent and easy to understand information about how we use your personal data and your rights. We provide you with this information in this Policy in point 5 below. |
Right of access |
You have the right to access the personal data we hold about you (subject to certain limits). Manifestly unfounded, excessive or repetitive requests may not be granted. To exercise this right, please contact us by any of the means indicated below. |
Right of rectification |
You have the right to have your personal data rectified if they are inaccurate or no longer valid or to have them completed if they are incomplete. To exercise this right, please contact us by any of the means indicated below. If you have an account, it may be easier for you to correct them yourself by modifying your profile. |
Right to erasure/right to be forgotten |
In certain cases, you may have the right to have your personal data erased or deleted. It should be noted that this is not an absolute right, as we may have legal or legitimate grounds for retaining it. If you would like us to delete your personal data, please contact us by any of the means indicated below. |
Right to withdraw consent at any time where data processing is based on consent |
In the event that consent has been granted for any of the purposes informed and determined in the processing referred to, we inform you that you have the right to withdraw your consent at any time, without affecting the lawfulness of the processing based on the consent prior to its withdrawal. For information on which processing operations are based on consent, please refer to point 5 of this policy. If you wish to withdraw your consent, please contact us by any of the means indicated below. |
Right to object to processing based on the satisfaction of legitimate interests |
You can object to our processing of your data at any time if the processing is based on the satisfaction of legitimate interests. For information on which processing operations are based on consent, we refer you to point 5 of this policy. If you wish to exercise this right, please contact us by any of the means indicated below. |
Right to lodge a complaint with a supervisory authority |
We also inform you that if you are not satisfied with the exercise of your rights or the way to exercise them, you may file a complaint with the Supervisory Authority. If you would like more information about this right and how to exercise it, please contact the AGPD: http://www.agpd.es/ Tel. 901 100 099 and 91.266.35.17. C/ Jorge Juan,6 28001-Madrid. Please do not hesitate to contact us by any of the means indicated below before lodging a complaint with the competent data protection authority. |
Right to data portability |
You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable form, so that it can be transferred to another controller, where the processing is based on the performance of a contract or on your consent and the processing is carried out by automated means. For information on which processing operations are based on consent, please refer to point 5 of this policy. For more information, please contact us by any of the means indicated below. |
Right to restrict processing |
You have the right to request the restriction of the processing of your data. If you exercise this right, the processing of your data will be subject to limitations, so we may store it, but we may no longer use or process it. This right can only be exercised in certain circumstances defined by the General Data Protection Regulation, as follows:
If you wish to exercise this right, please contact us by any of the means indicated below. |
Right to disable cookies |
You can disable cookies at any time. As a general rule the configuration of Internet browsers is usually set by default to accept Cookies, however, you can easily disable them by changing the browser settings. Many cookies are used to improve the usability or functionality of websites, therefore disabling them may prevent you from enjoying all or part of the services provided through our website, you may experience usability problems or you may experience problems with your session if you log in. If you wish to limit or block all cookies set by our websites (which may prevent you from using certain parts of the website) or by any other websites/applications, you can do so through your browser settings. |
How can you exercise your data protection rights?
In order to exercise your rights, you must write to the following address: Partida Rambleta s/n from Pobla Tornesa 12191 (Castellón), or to the following e-mail: esp-info@esmalglass-itaca.com indicating "RGPD Valencia" in the subject line. You must specify which of the rights you are requesting to be satisfied and, in turn, must be accompanied by a photocopy of your ID card or equivalent identification document. If you are acting through a representative, legal or voluntary, you must also provide a document accrediting the representation and an identification document of the same, if you wish to have a model for this purpose:
Or use an official Agency template: https://www.aepd.es/reglamento/derechos/index.html
Or ask us for a model: dpo@altadiagroup.com
When filling in the free text fields, it is not permitted to enter personal information relating to personal data revealing ethnic or racial origin, political opinions, religious or philosophical convictions, or trade union membership, and the processing of genetic data, biometric data aimed at univocally identifying a natural person, data relating to health or data relating to the sex life or sexual orientations of a natural person, as well as personal data relating to criminal convictions and offences. In the event of entering any information relating to the aforementioned aspects in any of our forms or by e-mail, they will be immediately deleted from our information systems without being able to deal with the query made, as such data are not necessary or relevant for the purposes determined in the processing of this website.
We
sometimes provide links to other websites, but these websites are not
under our control. Therefore, we will not be liable for any problems
arising in connection with the use of personal data, the content of
the website or the services offered by these websites.
The User declares that the data provided, whether their own or that of third parties they represent, are true, truthful and is responsible for communicating any modification or update of the same. The user shall be liable for any direct or indirect damage that may be caused to ITACA or any third party as a result of providing false, fraudulent, inaccurate, incomplete or out-of-date personal data.
The data requested by the User indicated with an asterisk (*) will be strictly necessary to contact the User. In no case will the fact of not providing more data than strictly necessary imply a decrease in the quality of the service.
15. Data of minors or incapacitated persons
The use of the Service is not permitted to minors, so if you are under 16 years of age, please refrain from using the services of our website.
ITACA may request additional information or documentation in order to verify the age of the data subject, taking into account available technology.
16. Updating of data
The user is the only source of information about their personal data, so ITACA requests that, in order to keep their data updated and updated at all times in accordance with the principles of the RGPD, communicate to the address indicated for the exercise of the rights of access, rectification, cancellation and opposition, any changes to them, as well as the cessation of their activity in the entity they represent, where appropriate, to proceed to the cancellation and/or historical treatment of the same.
17. Consent to advertising mailings.
According to the LSSI Law. ITACA will not send commercial communications by e-mail or any other equivalent means of electronic communication that have not been previously authorised by the recipient through the authorisation systems used by ITACA.
In the case of those users with whom there is a previous contractual relationship, ITACA is authorised to send commercial communications concerning ITACA products or services that are similar to those that were initially contracted with the client. In any case, the user may voluntarily request to opt out of receiving further commercial information through the Customer Service channels after proving their identity, or by unsubscribing from the advertising e-mail itself.
Personal data will be kept in our information systems indefinitely in order to carry out commercial communications of the company's products and services, provided that the right to object to such advertising mailings is not exercised.
18. Social Networking
When you become a fan, follower or analogue of ITACA in the different social networks and in the context of this treatment, you must take into account that ITACA can only consult or delete your data in a restricted way by having a specific profile. Any rectification of your data or restriction of information or publications must be made through the configuration of your profile or user on the social network itself. By default you consent:
a) The processing of your personal data in the environment of said social network and in accordance with its privacy policies.
b) ITACA's access to the data contained in your profile or biography, depending on your privacy settings in each network, these will be more or less extensive.
c) To have news published about our events, or our comments may appear on your wall or biography.
d) To receive communications about our products/events.
If you want to stop following us, just click on the option "Stop being a fan" or "Stop following".
19. Modification of this privacy policy
ITACA reserves the right to modify this policy to adapt it to future legislative or jurisprudential developments, as well as to industry practices, previously informing users of any changes that may occur.
Continued use of ITACA by the User shall constitute ratification of the present document, with the modifications and changes that may have been introduced.
For the same reasons as stated above, ITACA reserves the right to modify or discontinue the ITACA Service in whole or in part, whether or not notice is given to the User. ITACA shall not be liable to the User or to any third party for having exercised its right to modify or discontinue the ITACA Service