We are firmly committed to privacy, that’s why personal data protection is important to us.
We process data in accordance with the provisions of Regulation (EU) 2016/679 General Data Protection, Organic Law 3/2018 on Protection of Personal Data and Guarantee of Digital Rights and other regulations on the matter.
This Privacy Policy was revised in July 2024 to comply with the duties to provide information and act with transparency for the website and data controller, to make the data controller’s general terms and conditions on the matter available to any data subject and not solely the users of the website. There may be variations prior to its next revision.
These terms and conditions are applicable both on the part of the aforementioned data controller or main data processor and other controllers / joint controllers who are part of the main processor’s business structure.
Main data controller:
Data Controller: GP LIMITE ANDAMUR S.L.
Tax Identification Number/Tax Code: B30424162
Address: POL. IND. SAPRELORCA, CENTRO DE NEGOCIOS ANDAMUR. 30817 LORCA (MURCIA)
Email address: info@andamur.com
Other controllers / joint controllers who apply these same terms and conditions in the same manner as the main processor:
Data Controller: ROAD SOLUTION S.L.U.
Tax Identification Number/Tax Code: B01910677
Address: POL. IND. SAPRELORCA, CENTRO DE NEGOCIOS ANDAMUR. 30817 LORCA (MURCIA)
Email address: info@andamur.com
Data Controller: ANDAMUR EUROPE S.A.
Tax Identification Number/Tax Code: A04181640
Address: CTRA. NACIONAL 340, EL LIMITE. 04600 HUERCAL-OVERA (ALMERIA)
Email address: info@andamur.com
The source of the data we process may be any of the following categories:
The different categories of data that we may process depending on the type of data subject (user, client, supplier, employee, etc.) and the nature of the controller’s activities and different data processing are:
Generally, data are processed to successfully conduct the activities involved in the normal running and management of the controller’s business activity. Although, we may specify different processing purposes depending on the possible categories of data subjects:
Other general purposes the controller may implement are:
Data may be processed via methods and applications provided to users for the purpose of improving service quality, maintaining commercial relationships, and marketing activities. Such processing may include some of the purposes detailed herein.
Generally, personal data will be kept for at least the duration of the relationship with the data subject, until a request is made to delete it, whilst responsibilities may arise from it, or whilst there is some legal obligation to keep it.
With regard to candidate and job applicant data, data will be deleted immediately when they are no longer of interest to the controller. On the contrary, if they are of interest to the business, they will be kept with all due protection and restrictions and will only be processed when recruitment processes are in effect.
If clients have stopped a commercial relationship, data may be kept to offer them conditions or services provided that it is legitimate to do so.
Data captured by video surveillance systems shall be kept for a period of up to thirty (30) days after they were captured, excluding exceptions set forth in Law that allow for the restricted preservation of files until a corresponding ruling is issued.
Data from the visitor register, access control, and other processing for the purposes of private security will be kept for up to thirty (30) days or for another longer period in the event of some responsibility arising due to which they must be kept for a longer period. During this period, the information shall remain restricted at the disposal of the competent authorities.
The data controller has a data protection plan with a record of preservation periods that they follow in the management of the various applicable preservation periods.
In any case, data shall be deleted to ensure confidentiality.
The data controller follows and applies the various existing legitimate bases that are applicable to each processing purpose. These are:
The personal data of data subjects shall not be disclosed to any third-party by default. However, there are various exceptions: a) categories of subsidiary companies, which the partners have a stake in or belong to the same business group as the data controller, who may act as data controllers, joint controllers, or processors, as applicable; b) banks where payments are deposited; c) businesses which the data controller engages for credit rating services, risk reports, and commercial reports, including the services that manage files relating to the fulfilment or non-fulfilment of monetary obligations; d) authorised data processers and auxiliary services involved in the provision of the business’ goods and services; e) other legitimate interested parties and/or third parties provided for by law; f) public authorities and bodies exercising their competences.
For data processors (suppliers, auxiliary services, etc,) involved in the handling of our services who are registered in a third country, transfers are conducted within the European Economic Area with the proper appropriate guarantees and agreements between the parties to follow and comply with the provisions of European privacy regulations.
As a data subject, at any time you may ask to exercise any of your following data protection rights:
To do so, you have to contact us via the email or postal addresses stated at the beginning of this document.
You can also contact our designated data protection officer or the Data Protection Agency to find out more about your rights or request the supervisory authority safeguard said rights.
In our IT system we implement the necessary technical and organisational measures to ensure an appropriate level of data confidentiality, integrity, availability, and resilience.
Nevertheless, as far as permitted by law, we do not bear any responsibility for the damages or harm caused by third-party interference in our IT system. Any breach of security will be suitably and immediately reported to the competent authority and/or State security forces or services.
Our policy on the sending of information electronically (email, instant messaging, etc.) is limited to sending only messages which we deem may be of interest to our users and interested parties concerning the work and activities of the business or which you have given your consent to receive.
If you would prefer not to receive these messages, we offer you the option to exercise your right to cancel and withdraw from receiving these messages, in accordance with the provisions of Title III, article 22 of Law 34/2002 on Information Society Services and Electronic Commerce.
The data controller may be active on social media through the relevant profiles. This section and any other legal terms and conditions and privacy terms and conditions on the website are applicable for the processing of data from users who follow or in some way connect with said profiles.
The data controller uses these profiles for the purposes of communication, business development, marketing, and advertising.
Users who follow and/or interact with out profiles shall abstain from:
The data controller reserves the right to withdraw any content they deem inappropriate with no prior notice. Likewise, they exempt themselves from any responsibility linked to the relevant security measures on each platform. The user is responsible for making themselves aware of them and the platform’s legal terms and conditions of use.
The data provided by any data subject via the methods available on our Data Controller’s Channel shall be processed on the basis of informed consent, the controller’s legitimate interest, and compliance with legal obligations.
The purpose of processing will be the management and monitoring of possible messages and complaints pursuant to the conditions set forth for the operation of the Data Controller’s Channel.
The data of any data subject or affected party, who sends a message or files a complaint, of workers, and third parties will be kept solely for the time required to determine whether investigation is necessary. In any case, the information provided will be deleted to ensure confidentiality when the periods set out in law for the preservation or storage of evidence expire.
No automated decisions or profiles shall be made on the information and data collected.
The data may be disclosed to third parties when doing so is required to take disciplinary measures or to manage any legal proceedings, where appropriate.
Data subjects may exercise their data protection rights under the terms and conditions detailed in this privacy policy.
Users must be aware that the information and data they provide are confidential and reserved.
Any person wishing to access job postings may provide their details and professional information to the data controller via the various channels. The preferred option would be the “work with us” section.
These data shall be processed in accordance with the privacy terms and conditions in this document for the purpose of managing applications for any possible job postings by the controller’s organisation or subsidiaries or companies belonging to the same business organisation.
Processing shall be carried out based on the informed consent of the data subject and other valid legitimate bases.
Any data provided, if it is of no professional interest to the organisation or when it is no longer necessary for the purposes for which it was collected, shall be deleted to ensure the confidentiality thereof.
Data subjects may withdraw their consent and exercise their data privacy rights in accordance with the terms and conditions set out in this privacy policy.
© Copyright - Andamur