AENOR GROUP DATA PROTECTION POLICY
In compliance with EU Regulation 2016/679 of the European Parliament and the Council, of 27th April, 2016, and the current regulations on data protection, we inform you that the entity responsible for processing your data is AENOR INTERNACIONAL, SAU (Tax ID No: A83076687), with offices at Calle Génova, 6, Madrid 28004 and contact details: firstname.lastname@example.org, hereinafter AENOR.
AENOR informs you that we process the personal information you provide us with to manage contractual relationships, and offer interested parties and AENOR customers information on activities, products and services related to AENOR. Specifically. this includes information on:
- Books, publications, standards, subscriptions and informative seminars on these matters.
- Training actions and informative seminars regarding training.
- Compliance assessment and audit services, as well as workshops to inform of, present or disseminate new products.
- Certification of persons and informative workshops.
- Software licences and briefing sessions on software innovations.
- Similarly, AENOR will be able to send you its monthly online magazine.
Communications regarding activities, products and services may be sent by any medium, including electronic media. The data subject must explicitly consent to the sending of commercial communications by ticking the corresponding boxes on any of the data request application forms, for example those included on our website.
2. THE DATA THAT IS PROCESSEDThe data processed by AENOR within the framework of the relationship with the data subject and determined by the purposes for which consent has been given are included in the following categories:
- Identification and contact details, by way of example and not limited to: name, surname(s), telephone or email.
- Commercial information data according to the indications received.
3. CONSERVATION OF THE DATA
The personal data provided will be kept while they are needed to respond to the contractual relationship, to respond to requests or applications made, and in any case while their erasure is not requested by the data subject, as well as for the time necessary to fulfil the corresponding legal obligations in each case according to each type of data.
4. RECIPIENTS TO WHOM THE DATA WILL BE DISCLOSED.
The details of the data subject may be communicated to the SPANISH ASSOCIATION FOR STANDARDISATION (UNE) or to companies within the AENOR GROUP (https://www.en.aenor.com/en-el-mundo/red-exterior) exclusively for the purposes indicated.
They may also be transferred in cases in which a legal obligation exists.
5. LEGITIMATION FOR THE PROCESSING OF YOUR DATA
The legal basis for managing the relationship with customers and other data subjects and to offer information on AENOR activities and related products and services can be the execution of a contract or the unequivocal consent of the data subject in the event of there being no prior contractual relationship.
6. RIGHTS OF THE DATA SUBJECT
Any person has right to obtain confirmation of whether we, at AENOR, are handling personal data that concern them. Data subjects and customers have the right to access their personal details, as well as request the rectification of inaccurate details and, where applicable, to request their removal when, among other reasons, the data is no longer needed for the purposes for which it was collected.
In certain circumstances, and for reasons related to their specific situation, customers or data subjects can object to the processing of their data. AENOR will cease to process said data except in cases of imperative legal causes, or the exercise or defence of possible claims.
Under certain circumstances, customers or data subjects can request the limitation of data processing, such that AENOR will only store the details and use them in cases authorised by law.
When the details are gathered in a structured format, customers or data subjects can ask AENOR for the transferral of their data to other responsible persons or to receive their data in electronic format, to store on their own devices, without the need to transfer them to other responsible persons.
The interested party will be able to exercise said rights by sending an email to email@example.com, attaching a photocopy of their National Identity Card or alternative identifying document and indicating clearly the right they wish to exercise. They may also make such a request by post to the aforementioned address.
Finally, we inform the interested parties that they can present a complaint relating to the processing of their personal data to the Controlling Authority (www.aepd.es).