Privacy policy

Data controller

The Data Controller is REGICARP SL, C/ Denia, N 36, 03820, Cocentaina (ALICANTE).

Privacy Principles

At REGICARP SL, we undertake to work continuously to guarantee privacy in the processing of your personal data, and to offer you the most comprehensive and clear information we are able to at all times. We encourage you to read this section carefully before providing us with your personal data.

If you are under the age of fourteen years, we ask you not to provide us with your data without your parents’ consent.

In this section, we inform you about how we process the data belonging to people that have a relationship with our organisation. Starting with our principles:

  • We do not request personal information, unless it is necessary in order to provide you with the services you require.
  • We never share personal information with anyone, except to comply with the law, or where we have your express authorisation.
  • We will never use your personal data for purposes other than those expressed in this privacy policy.
  • Your data will always be processed with a level of protection which is in line with the legislation regarding data protection, and we will not subject it to automated decision-making.
  • We have drafted this privacy policy taking into account the requirements of current data protection legislation:
  • Regulation (EU) 1026/679 of the European Parliament and of the Council of 27 April, 2016 regarding the protection of physical persons (GDPR).
  • Organic Law 3/2018, of 5 December, on the Protection of Data of a Personal Nature and the guarantee of digital rights (LOPD).
  • Royal Decree 1720/2007, of 21 December (RLOPD).

This privacy policy has been drafted on 6 December 2018.

With regard to the modification of processing criteria, in the interest of facilitating its comprehension or to adapt it to current legislation, we may modify this privacy policy. We will update the date of it, so you can check its validity.

Processing we carry out

The Data Controller is REGICARP SL, C/ Denia, N 36, 03820, Cocentaina (ALICANTE).

PROCESSING OF EMPLOYEES

Legal basis: GDPR: 6.1.b) Processing necessary for the performance of a contract to which the data subject is a party or for the application of precontractual measures at the data subject’s request.
GDPR: 6.1.c) Processing necessary in order to comply with a legal obligation applicable to the data controller.
Royal Legislative Decree 2/2015, of 23 October, approving the codified text of the Law on the Statute of Rights for Workers.
Purposes of the Processing: ​- Management of contracted staff.
– Personal file. Control of working hours. Training. Pensions plans. Prevention of work-related risks.
– To run staff payroll.
– Management of trade union activity.

Group:
Employees

Data categories:
– Name and surname(s), DNI/CIF/ID document, personal registration number, Social Security/Insurance number, address, signature and telephone number.
– Special data categories: health details (sick leave, occupational accidents and degree of incapacity, not including diagnoses), trade union membership, exclusively for the purpose of paying trade union fees (if applicable), trade union representative (if applicable), proof of attendance for self and third parties.
– Details of personal characteristics: Sex, marital status, nationality, age, date and place of birth and family information. Details of family circumstances: Start date and leaving date, licences, permits and authorisations.
– Academic and professional details: Qualifications, training and professional experience.
– Details of employment and administrative career. Incompatibilities.
– Data from attendance control: date/time of arrival and departure, reasons for absence.
– Economic-financial details: economic payroll details, credits, loans, guarantees, tax deductions, wage reductions corresponding to the previous post (if applicable), legal withholdings (if applicable), other withholdings (if applicable). Bank details.
Categories of Recipients:​​ -Entity entrusted to manage occupational risks.
– General Social Security Treasury
– Trade union organisations.
– Financial entities.
– State Tax Administration Agency.
– Main contractors to whom we provide services as subcontractors.
International Transfers: ​No international transfers of data are planned.
Deadline for deletion: Data will be kept for the time required in order to fulfil the purpose for which it was collected and to determine the potential liabilities that may arise from this purpose and the processing of the data.
The economic details of this processing activity will be preserved in accordance with the provisions of Law 58/2003, of 17 December, General Tax law.
Security Measures: Tailored to the requirements of Regulation (EU) 2016/679, General Data Protection Regulation.

PROCESSING OF CONTACTS
Legal Basis: Data subject’s Consent
Purposes of the processing: ​To handle your request, send you information and track the request.
Group: Contact persons, customers, suppliers
Data categories: Name and surname(s), telephone, email address
Categories of Recipients: ​No transfers to third parties are planned.
International Transfers: ​​No international transfers of data are planned.
Deadline for deletion: ​Contact details will be kept for an indefinite period or until the data subject requests its deletion.
Security Measures: Tailored to the requirements of Regulation (EU) 2016/679, General Data Protection Regulation.

PROCESSING OF CANDIDATES IN RECRUITMENT PROCESSES (HR)
Legal basis: GDPR: 6.1.b) Processing necessary for the performance of a contract to which the data subject is a party or for the application of precontractual
Purposes of the Processing:​ Job recruitment and selection of staff.
Group: Candidates presented to job recruitment procedures.
Data categories: ​- Name and surname(s), DNI/CIF/ID document, personal registration number, address, signature and telephone number.
– Details of personal characteristics: Sex, marital status, nationality, age, date and place of birth and family information.
– Academic and professional details: Qualifications, training and professional experience.
– Employment details.
Categories of Recipients:
No transfers to third parties are planned.
International Transfers:
No international transfers of data are planned.
Deadline for Deletion:
Data will be kept for the time required in order to fulfil the purpose for which it was collected and to determine the potential liabilities that may arise from this purpose and the processing of the data.
Security Measures:
Tailored to the requirements of Regulation (EU) 2016/679, General Data Protection Regulation.

PROCESSING OF SUPPLIERS
Legal basis: GDPR: 6.1.b) Processing necessary for the performance of a contract to which the data subject is a party or for the application of precontractual measures at the data subject’s request.
GDPR: 6.1.c) Processing necessary in order to comply with a legal obligation applicable to the data controller.
Royal Legislative Decree 2/2015, of 23 October, approving the codified text of the Law on the Statute of Rights for Workers.
Law 58/2003, of 17 December, General Tax law.
Purposes of the Processing: – Purchase of products and/or services that we require in order to carry out our activity.
– Control of subcontractors if applicable.
Group: – Suppliers.
– Our suppliers’ workers.
Categories of Data: – Name and surname(s), DNI/NIF/ID document, address, signature and telephone number.
– Employment details: job position. Training in occupational safety.
– Economic, financial and insurance details: Bank details.
Categories of Recipients: – Financial entities. (Payment of invoices))
– State Tax Administration Agency.
International Transfers: ​No international transfers of data are planned.
Deadline for Deletion: Data will be kept for the time required in order to fulfil the purpose for which it was collected and to determine the potential liabilities that may arise from this purpose and the processing of the data, in accordance with Law 58/2003, of 17 December, General Tax law.
Security Measures: Tailored to the requirements of Regulation (EU) 2016/679, General Data Protection Regulation.

PROCESSING OF CUSTOMERS.
Legal basis: GDPR: 6.1.a) The data subject gave their consent for the processing of their personal data for one or several specific purposes.
GDPR: 6.1.b) Processing necessary for the performance of a contract to which the data subject is a party or for the application of precontractual measures at the data subject’s request.
GDPR: 6.1.c) Processing necessary in order to comply with a legal obligation applicable to the data controller.
Royal Legislative Decree 2/2015, of 23 October, approving the codified text of the Law on the Statute of Rights for Workers.
Law 58/2003, of 17 December, General Tax law.
Purposes of the Processing: Supply of our products / services
Group: Customers
Categories of Data: – Name and surname(s), DNI/NIF/ID document, address, signature and telephone number.
– Economic, financial and insurance details: Bank details.
Categories of Recipients: – Financial entities.
– State Tax Administration Agency.
International Transfers: ​No international transfers of data are planned.
Deadline for Deletion: Data will be kept for the time required in order to fulfil the purpose for which it was collected and to determine the potential liabilities that may arise from this purpose and the processing of the data, in accordance with Law 58/2003, of 17 December, General Tax law.
Security Measures: Tailored to the requirements of Regulation (EU) 2016/679, General Data Protection Regulation.

PROCESSING OF VIDEO SURVEILLANCE
Legal Basis: GDPR: 6.1.c) the processing is necessary to satisfy the legitimate interests pursued by the data controller or by a third party.
Organic Law 2/1986, of 13 March, on State Security Forces and Services.
Purposes of the Processing: ​To guarantee the safety of people, goods and facilities and employment regulation
Group: Workers, customers and suppliers, users.
​Categories of Data: Image and sound.
Categories of Recipients: The recordings may be sent to the State Security Forces and Services, if required by them, or if they serve as prove of a crime being committed.
International Transfers: ​No international transfers of data are planned.
Deadline for Deletion: ​​Not exceeding one month.
Security Measures:​ Tailored to the requirements of Regulation (EU) 2016/679, General Data Protection Regulation.

YOUR RIGHTS

You have the right to ask us for a copy of your personal data, to rectify inaccurate data or complete data if it is incomplete or, if applicable, to delete that data when it is no longer required for the purpose for which it was collected.

You also have the right to limit the processing of your personal data and to obtain your personal data in a structured and readable format.

You may oppose the processing of your personal data in some circumstances (in particular, where we don’t need to process it in order to comply with a contractual requirement or other legal requirement, or where the purpose of processing is direct marketing).

Where you have provided us with your consent, you may withdraw it at any time. At that time, we will stop processing your data or, if applicable, we will stop doing so for that specific purpose. If you decide to withdraw your consent, this will not affect the processing that has taken place while your consent was in place.

These rights may be limited; for example if we have to disclose details about another person in order to comply with your request, or if you ask us to delete records that we are obliged to keep as a result of a legal obligation or due to legitimate interest, such as exercising a defense against claims. Or even in cases where the right to freedom of expression and information should prevail.

You can contact us via any means stated in the Data Controller section of this privacy policy, providing a copy of a document that proves your identity (normally your DNI).

Another of your rights is not to be subject to a decision based solely on automated processing, including the creation of profiles that produce legal effects or affect you.

In the event of any breach of your rights, such as, for example, that we have not dealt with your request, you have the right to file a claim with the data protection Control Authority. This may be the authority in your country (if you live outside of Spain) or the Spanish Data Protection Agency (if you live in Spain).

Additional information

Processing your data outside of the European Economic Area.

For the purposes indicated, we may use services from the following suppliers outside of the European Economic Area, but benefitting from the Privacy Shield agreement approved by the European Union’s data protection authority.

  • Facebook/ Instagram (FB Messenger): Social Networks and communications More information: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC
  • Google (Drive / Mail …): Cloud services More information: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI
  • Twitter: Social Network micromessages More information: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active
  • Whatsapp: Mobile instant messaging More information: https://www.privacyshield.gov/participant?id=a2zt0000000TSnwAAG

Links to third party websites

Our website may, occasionally, contain links to other websites. It is your responsibility to make sure you read the data protection policy and legal conditions that apply to each site.

Data from third parties

If you provide us with data from third parties, you accept responsibility for informing them in advance, in accordance with the provisions of Article 14 of GDPR.

Tienda Online
de ventanas
a medida

Nuestras ventanas de pvc a medida han dado el salto a la venta online, sin olvidarnos de la importancia de un trato cercano y profesional.