Basic information on data processing (Regulation (EU) 2016/679 and LO 3/2018)
|Data processor||INVERSIONS CATALANES DEL CARIBE, S.A.
c/ Benito Medrano, 4
Polo, Sector centro
Polo, Barahona (Dominican Rep.)
RNC Nº 1-30-74677-1
|Objective of processing||Offer and manage our consulting services in the production and marketing of coffee.|
|Legal basis||Consent obtained from the person concerned
Execution of the service contract.
|Transferee||The data will not be communicated to third parties, unless required by law or as necessary to fulfil the purpose of the processing.|
|Rights of individuals||Parties concerned have the right to exercise the rights of access, rectification, limitation of processing, deletion, portability and opposition by sending their request to our address.|
|Data retention period||While the commercial relationship is in effect or for the years required to meet the legal obligations entailed.|
|Claims||Parties concerned can contact the AEPD to submit any claim believed to be pertinent.|
|Additional information||You can view additional detail below and in the “Questions about privacy” information.|
Questions about privacy
We offer the following information about the processing of your personal data in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016, (GDPR), and Organic Law 3/2018, of 5 December, on the Protection of Personal Data and guarantee of digital rights (LOPDGDD):
Who is responsible for processing your data?
Identity: INVERSIONS CATALANES DEL CARIBE, S.A.
RNC Nº 1-30-74677-1
Address: C/ Benito Medrano, 4, Polo, Sector centro, Polo, Barahona (Dominican Rep.)
Tel. Dominican Rep.: (+1) 809 367 0537
Tel. Spain: (+34) 938 60 3318
What is the purpose of processing your personal data?
- We process the information provided to us to manage our coffee production and marketing consulting services.
- In the event you contact us via the contact form on our website, we will process your data to manage your query.
- If you give us your consent, we may also process your data to send you information about our activities, products or services.
- If you send us a CV, we will process the data in order to manage our CV data base for the hiring of personnel.
How long do we keep your information?
- The personal data provided will be kept as long as you are a user of our services or want to receive information, and then during the terms established to comply with our legal obligations, which in the case of accounting and tax documentation for commercial purposes will be 6 years in accordance with Art. 30 of the Commercial Code. For fiscal purposes, it will be 4 years in accordance with articles 66 to 70 of the General Tax Law.
- Curricula are saved for one year.
What is the legal basis for processing your data?
The legal basis for processing them is found in the execution of the service contract and in the consent it gives us.
Regarding information that is sent by children under 16, an essential requirement will be that it be done with parental consent, by the minor’s guardian or legal representative, so that the personal data can be subject to processing. Otherwise, the child’s legal representative must notify us as soon as they are aware of the situation.
Which third party recipients will your data be shared with?
The data will not be communicated to third parties, unless required by law or necessary to fulfil the purpose of the processing.
What are your rights when you provide us with your data?
- Anyone has the right to obtain confirmation about whether we are processing their personal data.
- Parties concerned have the right to access their personal data, as well as to request the rectification of inaccurate data or, where appropriate, request its deletion when, among other reasons, the data is no longer necessary for the purposes for which it has been gathered.
- In certain circumstances the parties concerned may request the limitation of the processing of their data; in this case, we will only keep them for the exercise or defence of claims.
- Furthermore, under certain circumstances and for reasons related to their situation, the parties concerned may object to the processing of their data. In this case we will desist from processing their data, except in the case of compelling legitimate reasons or for the exercise or defence of potential claims.
- Parties concerned are also entitled to the portability of their data.
- Any party concerned will have the right not to be the subject of a decision based solely on automated processing, including profiling, that has legal effects on it or significantly affects it in a similar way.
- Finally, concerned parties have the right to file a claim with the competent Control Authority.
How can you exercise your rights?
By sending a document, attaching a copy of a document that identifies it, to our physical or electronic address.
How did we obtain your data?
The personal data we process comes from the concerned party. The concerned party guarantees that the personal data provided is true and is responsible for communicating any modification to them. The data that is marked with an asterisk is required to provide the requested service.
What data do we process?
The categories of data that we may process when rendering our services are as follows:
- Identification data
- Postal or electronic addresses
In the case of curricula, we also process:
- Personal data
- Academic and professional characteristics
The data is limited, as we only process that required for providing our services and the management of our activity.
What security measures do we apply?
We apply the security measures established in Article 32 of the GDPR; therefore, we have adopted all security measures required to ensure a level of security appropriate to the risk of the data processing we perform, with mechanisms that allow us to guarantee confidentiality, integrity, availability and permanent resilience of processing systems and services.
These measures include, but are not limited to:
- Information on data processing policies for personnel.
- Periodic backups.
- Data access control.
- Regular verification, evaluation and rating processes.