Privacy policy
Who is responsible for processing your data?
Identity: CONSTRUCCIONES ORIGINALES PERSONALIZADAS CARAMAÑOLA SL – Tax ID: B21772868
Postal address: CALLE MARTIN LUGONES, NUM 10 FLOOR 1, DOOR E, POLA DE SIERO 33510 SIERO – (ASTURIAS)
Email: info@tunnelingglt.com
Phone: 673869835
You may contact us by any means.
Our files are registered with the Spanish Data Protection Agency in accordance with current legislation and applicable regulations.
If you belong to any of the following groups, please refer to the expandable information below:
+ WEB OR EMAIL CONTACTS
What data do we collect through the Website?
We may process your IP address, operating system or browser, and even the duration of your visit, on an anonymous basis.
If you provide data through the contact form, you will identify yourself so we can get in touch with you if necessary.
For what purposes will we process your personal data?
- Responding to your queries, requests or petitions.
- Managing the requested service, responding to your request, or processing your petition.
- Sending information by electronic means related to your request.
- Sending commercial information or event notifications by electronic means, provided explicit authorisation has been given.
- Carrying out analysis and improvements on the Website, regarding our products and services. Improving our commercial strategy.
What is the legal basis for processing your data?
Acceptance and consent of the data subject: In cases where completing a form and clicking the «send» button is required to make a request, doing so will necessarily imply that you have been informed and have expressly given your consent to the content of the clause attached to said form or to the acceptance of the privacy policy.
All our forms include the * symbol for mandatory fields. If you do not complete those fields, or do not tick the privacy policy acceptance checkbox, the information cannot be submitted. This typically takes the following form: «□ I am over 14 and I have read and accept the Privacy Policy.»
+ NEWSLETTER CONTACTS
What data do we collect through the newsletter?
On the Website, you can subscribe to the Newsletter by providing an email address, to which it will be sent.
We will only store your email in our database and will periodically send you emails until you request to unsubscribe, or we stop sending them.
The Newsletter may include a web beacon, which statistically confirms whether you have opened it, at what time, or how many times. This helps us study the best sending times and what interests you, but we will not have any personal information about you beyond your email address.
You will always have the option to unsubscribe in any communication.
For what purposes will we process your personal data?
- Managing the requested service.
- Sending information by electronic means related to your request.
- Sending commercial information or event notifications by electronic means, provided explicit authorisation has been given.
- Carrying out analysis and improvements on mailing campaigns to improve our commercial strategy.
What is the legal basis for processing your data?
Acceptance and consent of the data subject: When subscribing, you will need to tick a checkbox and click the send button. This will necessarily imply that you have been informed and have expressly given your consent to receive the newsletter.
If you do not tick the privacy policy acceptance checkbox, the information cannot be submitted. This typically takes the following form: «□ I am over 18 and I have read and accept the Privacy Policy.»
+ CLIENTS
For what purposes will we process your personal data?
Those necessary for maintaining the commercial relationship: invoicing, sending postal or email marketing, after-sales service and loyalty programmes.
- Identification data: name and surname(s), Tax ID, postal address, phone numbers, email.
- Banking data: for direct debit payments.
What is the legal basis for processing your data?
The legal basis is your consent. Please note that you may withdraw your consent at any time.
+ SUPPLIERS
For what purposes will we process your personal data?
- Sending information by electronic means related to your request.
- Sending commercial information or event notifications by electronic means, provided explicit authorisation has been given.
- Managing the administrative, communications and logistics services carried out by the Data Controller.
- Carrying out the corresponding transactions. Invoicing and filing applicable taxes. Management, control and debt recovery.
What is the legal basis for processing your data?
The legal basis is the acceptance of a contractual relationship, or otherwise your consent when contacting us or offering us your products through any channel.
+ SOCIAL MEDIA CONTACTS
For what purposes will we process your personal data?
- Responding to your queries, requests or petitions.
- Managing the requested service, responding to your request, or processing your petition.
- Engaging with you and building a community of followers.
What is the legal basis for processing your data?
The acceptance of a contractual relationship within the environment of the relevant social network, and in accordance with its Privacy Policies:
Facebook: http://www.facebook.com/policy.php?ref=pf
Instagram: https://help.instagram.com/155833707900388
How long will we retain your personal data?
We can only view or delete your data in a restricted manner, as you have a specific profile. We will process it for as long as you follow us, are friends with us, or have liked, followed, or clicked similar buttons.
Any rectification of your data or restriction of information or posts must be carried out through your profile or user settings on the social network itself.
Do we include personal data of third parties?
No, as a general rule we only process data provided by the data subjects themselves. If you provide us with third-party data, you must first inform those individuals and obtain their consent; otherwise, you exempt us from any liability for failure to comply with this requirement.
What about data relating to minors?
Whenever we process data relating to minors, we do so with the consent of their parents or guardians.
Will we send communications by electronic means?
- Only to manage your request, if electronic means are one of the contact methods you have provided us with.
- If we send commercial communications, these will have been previously and expressly authorised by you.
What security measures do we apply?
You can rest assured: we have adopted an optimal level of protection for the personal data we handle, and have put in place all technical means and measures available to us, in line with the current state of technology, to prevent the loss, misuse, alteration, unauthorised access and theft of personal data.
To which recipients will your data be disclosed?
Your data will not be transferred to third parties, except where required by law. Specifically, data will be shared with the State Tax Administration Agency and with banks and financial institutions for the collection of payment for services rendered or products purchased, as well as with processors necessary for the execution of the agreement.
In the case of a purchase or payment, if you choose an application, website, platform, bank card, or any other online service, your data will be transferred to that platform or processed within its environment, always with the highest level of security.
What rights do you have?
- To know whether we are processing your data or not.
- To access your personal data.
- To request the rectification of your data if it is inaccurate.
- To request the erasure of your data if it is no longer necessary for the purposes for which it was collected, or if you withdraw the consent given.
- To request the restriction of processing of your data in certain circumstances, in which case we will only retain it in accordance with current regulations.
- To data portability, which will be provided to you in a structured, commonly used, machine-readable format. If you prefer, we can send it to a new controller designated by you. This right is only applicable in certain circumstances.
- To lodge a complaint with the Spanish Data Protection Agency if you believe we have not handled your request correctly.
- To withdraw consent for any processing for which you have given consent, at any time.
If you update any of your data, we would appreciate you letting us know so we can keep it current.
Would you like a form for exercising your rights?
We have forms available for exercising your rights; please request them by email, or alternatively you may use those produced by the Spanish Data Protection Agency or third parties. These forms must be electronically signed or accompanied by a photocopy of your national ID document. If someone is acting on your behalf, you must attach a copy of their ID document, or have them sign with their electronic signature. The forms may be submitted in person, sent by post, or emailed to the Data Controller’s address stated at the beginning of this document.
Do we use cookies?
If we use cookies other than strictly necessary ones, you can consult the cookie policy via the corresponding link on our website homepage.
How long will we retain your personal data?
- Personal data will be retained for as long as you remain connected with us.
- Once you disconnect, personal data processed for each purpose will be retained for the legally established periods, including the period during which a judge or court may require it, in accordance with the statute of limitations for legal actions.
- Processed data will be retained until the aforementioned legal periods expire, if there is a legal obligation to retain it, or, where no such legal period exists, until the data subject requests its deletion or withdraws the consent given.
- We will retain all information and communications relating to your purchase or the provision of our service for as long as the product or service warranties remain in force, in order to address any potential claims.
- For each type of processing or data category, we provide a specific retention period, which you can consult in the following table:
File | Document | Retention |
Clients | Invoices | 10 years |
Forms and vouchers | 15 years | |
Contracts | 5 years | |
Human Resources | Payslips, Social Security contribution forms, etc. | 10 years |
CVs | Until the end of the selection process, and 1 additional year with your consent | |
Redundancy/dismissal documents, Contracts, Temporary staff data | 4 years | |
Employee file | Up to 5 years after leaving | |
Marketing | Databases or website visitors | For the duration of the processing |
Suppliers | Invoices | 10 years |
Contracts | 5 years | |
Access Control & CCTV | Visitor logs | 30 days |
Video footage | 30 days (blocked) 3 years (destruction) | |
Accounting | Books and accounting documents. Shareholder agreements, board of directors resolutions, company articles, minutes, board regulations and delegated committees. Financial statements, audit reports. Records and documents related to grants. | 6 years |
Tax | Management of company administration, rights and obligations relating to tax payments. Management of dividend payments and tax withholdings. | 10 years |
Intragroup pricing information | 18 years 8 years Intragroup transaction agreements for advance pricing arrangements | |
Health & Safety | Workers’ medical records | 5 years |
Environment | Information on chemical or substantially hazardous substances | 10 years |
Documents relating to environmental permits for the duration of the activity | 3 years after closure 10 years (criminal prescription) | |
Records on recycling or waste disposal | 3 years | |
Grants for clean-up operations: rights and obligations documents, receipts and payments | 4 years | |
Accident reports | 5 years | |
Insurance | Insurance policies | 6 years (general rule) 2 years (property damage) 5 years (personal) 10 years (life) |
Purchasing | Records of all goods delivered or services provided, intra-community acquisitions, imports and exports for VAT purposes | 5 years |
Legal | Intellectual and industrial property documents Contracts and agreements | 5 years |
Permits, licences, certificates | 6 years from the expiry date of the permit, licence or certificate 10 years (criminal prescription) | |
Confidentiality and non-compete agreements | For the duration of the obligation or confidentiality period | |
Data Protection | Processing of personal data, if different from the processing notified to the AEPD | 3 years |
Personal data of employees stored on networks, computers and communication equipment used by them, access controls, and internal management/administration systems |