1. Privacy and Data Protection Policy. Data controller
Pursuant to the reporting duty laid down in article 10 of Act 34/2002, of 11 July, on Information Society and Electronic Commerce Services, the following details about the website are provided: the company that owns www.serviscomplet.com is SERVIS COMPLET, S.L., with registered office for the purposes hereof at Carretera Ca L’Alaio, 2, 08820 in El Prat de Llobregat (Barcelona) and with tax ID number B60375953, recorded in the Commercial Register of Barcelona in general volume 26,449, folio 23, sheet B-103,376, 5th recording. The contact email address is info@servisgroup.es and the telephone number is (+34) 93 423 31 07.
Pursuant to General Data Protection Regulation (EU) 2016/679 and Organic Act 3/2018, of 5 December, on personal data protection and the guarantee of digital rights, we hereby inform you as follows:
DATA PROTECTION
SERVIS COMPLET, S.L. adheres to the guidelines set out in the General Data Protection Regulation and other applicable regulations, and it strives to ensure proper use and processing of users’ personal data. To this end, in relation to services that users may request from SERVIS COMPLET, S.L., along with each personal data collection form, the latter will inform users and ask them to agree to the specific terms and conditions for the processing of their data in each case, informing them about: (i) the data controller, (ii) the purpose of processing, (iii) the legitimate basis for processing data, (iv) potential recipients of the data, (v) the procedure for exercising the rights of access, rectification, objection, erasure, restriction of processing and data portability, and in cases where data has not been collected from the interested party specifically, about (v) the source and categories of data processed. Moreover, SERVIS COMPLET, S.L. wishes to inform users that it complies with Act 34/2002, of 11 July, on Information Society and Electronic Commerce Services and it will seek consent from users to process their email for commercial purposes at all times.
DATA CONTROLLER
Identity: SERVIS COMPLET, S.L. – CIF: B60375953
Postal address: Carretera Ca l’Alaio, 2, 08820 El Prat de Llobregat, Barcelona
Telephone no.: (+34) 93 423 31 07
Email address: info@servisgroup.es
2. Purpose of processing
The purpose of data processing is to enable you access as a registered user to our e-Commerce services and to suitably process your orders (receiving, billing, collecting payment and delivering).
Period for data retention
The data provided shall be retained until the right to erasure is exercised. In any event, the data shall be retained for as long as a commercial relationship exists or for as many years as needed to comply with legal obligations.
3. Legitimate basis for processing data
The legal basis for processing your data stems from consent from the interested party and from the execution of the service purchase and sale agreement.
The prospective offering of products and services is based on consent sought from you and under no circumstances may the withdrawal of this consent impact the provision of the service requested.
4. Intended recipients of the disclosure of your data
Data may be disclosed to:
It is not envisaged that data will be disclosed. They shall only be disclosed to third parties when there is a legal obligation or if you explicitly agree to this.
Moreover, SERVIS COMPLET, S.L. works with suppliers based outside the EU, which have signed up to the EU-US Privacy Shield: Google LLC, which provides “cloud computing” services: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
In order to send commercial information or newsletters, we may use the MailChimp tool, which belongs to the American firm The Rocket Science Group LLC, which has also signed up to the EU-US Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active.
5. User rights
Affected parties are entitled to access, rectify and erase their data; they may apply for the portability of their data; they may object to the processing or seek the restriction of the processing of their data; and, if applicable, they may withdraw consent already provided.
To do so, they may send their request in writing or by email to the address of the controller, specifying the reference “Data Protection”.
To make it easier to identify users, we advise the data holder to enclose a copy of their ID card or passport with their request.
You may exercise your rights:
By writing to the following address, enclosing a photocopy of your national ID card or similar identification document, to SERVIS COMPLET, S.L., Carretera Ca l’Alaio, 2, 08820 El Prat de Llobregat, Barcelona.
You may also exercise your rights by sending an email – signed with a recognised e-signature – to the address info@servisgroup.es.
Channels for claims:
If you believe your rights have not been suitably adhered to, you are entitled to lodge a claim with the Spanish Data Protection Agency.
6. Source of personal data
Personal data will be collected directly from the persons concerned or their representatives.
7. Truthfulness and up-to-date status of the data
Users must complete forms using true, precise, complete and up-to-date information. They should not insert information relating to someone else. SERVIS COMPLET, S.L. shall assume that the data has been supplied by the holder of the same. Users shall be the sole parties liable for any damages – whether direct or indirect – potentially caused to other persons as a result of filling in forms using false, inaccurate, incomplete or outdated data or information relating to another person.
Users must report any change to the data provided to ensure the information held is kept up to date.
8. Security of information
SERVIS COMPLET, S.L has adopted all legally required measures to ensure the protection of personal data. Moreover, it has adopted all technical means at its disposal to prevent the loss, improper use, alteration, access to and theft of personal data provided by users of its website. Users shall bear in mind, however, that online security measures are never entirely inviolable.
We use reasonably reliable and effective technological, organisational and physical measures, checks and procedures to preserve the integrity and security of your data and to assure your privacy.
Moreover, all staff with access to personal data have been trained and are familiar with their obligations when it comes to the processing of your personal data.
With regard to agreements we sign with our suppliers, we incorporate stipulations requiring them to uphold the duty of confidentiality concerning personal data they have access to as a result of the job assigned, as well as to implement the technical and organisational security measures needed to assure permanent confidentiality, integrity, availability and resilience of personal data processing systems and services.
All these security measures are reviewed regularly to ensure their suitability and effectiveness. However, absolute security cannot be assured and there is no security system that is impenetrable. Therefore, if any information subject to processing and under our control is compromised due to a security breach, we will adopt suitable measures to investigate the incident, report it to the supervisory authority and, if applicable, to those users who may have been affected so that they can take appropriate steps.