Refresh

This website www.aimplas.net/legal-information/data-protection-policy/ is currently offline. Cloudflare's Always Online™ shows a snapshot of this web page from the Internet Archive's Wayback Machine. To check for the live version, click Refresh.

AIMPLAS AIMPLAS
Select Page

Data Protection Policy

Home  /  Data Protection Policy
SHARE

Scope and Application

This policy aims to comply with European and Spanish regulations on data protection and digital rights (GDPR and LOPDGDD). It is mandatory for all AIMPLAS departments, employees, and any third parties acting on our behalf.

Principles Governing the Processing of Personal Data

We will process personal data lawfully, fairly, transparently, with data minimization, accuracy, storage limitation, integrity, confidentiality, and active responsibility. The processing of special category data is prohibited as outlined in Article 9 of the GDPR and LOPDGDD.

Record of Processing Activities

AIMPLAS will maintain a record of processing activities to evaluate risks and implement necessary security measures to ensure the confidentiality, integrity, availability, and retention periods of the data.

Impact Assessment

For each processing activity, we will assess whether an Impact Assessment is necessary to identify potential risks to the rights and freedoms of the data subjects. If so, we will determine and implement additional technical and organizational measures to safeguard their fundamental rights.

Security Measures and Security Breaches

All necessary technical and organizational measures will be applied for processing personal data. In the event of a security breach, the Protocol for Addressing Security Breaches, specifically designed for such situations, will be implemented.

Data Protection Rights

AIMPLAS will respond swiftly and diligently to requests for the exercise of rights or to reports of violations concerning these rights.

Guaranteeing Digital Rights in the Workplace

Policies will be implemented to guarantee workers’ digital rights, and they will be duly informed about them. These policies will promote the right to reconcile work, personal, and family life. Additionally, the right to information and privacy will be upheld. The entity may oversee the performance of workplace duties within the limits established by Article 20.3 of the Spanish Workers’ Statute.

Training

All necessary employees will receive training in data protection and their digital rights in the workplace.

Control

We work with external consultants who advise and audit us to ensure compliance with GDPR and LOPDGDD.

Data Protection Officer (DPO)

Our entity is required to appoint a Data Protection Officer (DPO) who meets the legally established qualifications for the role. This appointment has been duly registered with the Spanish Data Protection Agency.

Privacy Officer

Our organization has designated a Privacy Officer from among its employees to serve as the primary contact for the DPO and external consultants. This individual will oversee the implementation and effectiveness of the technical and organizational measures approved corporately.

General Management
Dated September 4, 2024