It also aims to comply with General Data Protection Regulation 2016/679 (hereinafter GDPR) and Organic Law 3/2018 on the protection of personal data and guarantee of digital rights (hereinafter LOPDGDD).
1. Identification of the Data Controller / Information Society Service Provider
Identity – Organization ASOC. DE INVESTIGACIÓN DE MATERIALES PLÁSTICOS Y CONEXAS
Postal address Calle Gustave Eiffel 4, Paterna 46980, Valencia. Spain
Phone: 961 366 040
Business purpose: Instituto Tecnológico del Plástico
Registration details: Entered in the Ministry of the Interior’s National Register of Associations under No. 134,600, and in the Register of Innovation and Technology Centres under No. 63.
2. Identification of the Data Protection Officer
Our organization has appointed a Data Protection Officer, to whom you can address your questions, recommendations or complaints about processing of your personal data.
The Data Protection Officer may be contacted by the following means:
BUSINESS ADAPTER, S.L.
Ronda Guglielmo Marconi, 11, 26, (Parque Tecnológico) 46980 Paterna (Valencia).
3. Processing of personal data
The personal identification and contact data that you have provided us with through our contact forms, email, etc., will be treated confidentially and only by personnel authorized by our organization.
All categories and types of personal data processed will be duly identified in the relevant processing activities performed by our organization.
In general, the purpose of the personal data processing carried out by our organization is to maintain relationships with different groups of people, such as our association members, clients, suppliers, students, personnel, job applicants, users of our Website/Blog, social media users and data subjects in general who make contact with our organization by means of our Website forms, email, telephone and in person.
This processing is intended to meet the requirements of maintaining the existing relationships with each group of persons. Depending on the relationship, your data are processed for different purposes, such as attending to requests for information, complaints, claims and other requests from data subjects, complying with our contractual, commercial and legal obligations, and exercising specific rights.
If you are an associate, client, supplier or student, your personal data are processed for the sole purpose of maintaining the business, contractual or commercial relationship, whether for the provision of services, for accounting and billing management, or for other purposes for which we are obliged to maintain the relationship.
We do not send advertising without the prior consent of data subjects, except for information sent to our current clients about services and products related to items previously provided or purchased.
If you are a potential client or an information seeker, we will process your data exclusively to deal with your requests and our reply will include commercial information related to your request.
If you are a job applicant, we will process your data and include you in our selection processes and job vacancies. Job application policy.
The purposes of personal data processing will be duly identified in the relevant processing activities performed by our organization.
5. Legitimate interests
The processing of your personal data by our organization is carried out based on the following legitimate interests:
We also inform you that you can change your mind and withdraw your consent at any time by writing to us at our postal or email address.
b. Fulfilment of the business or contractual relationship that we have with you as a client, supplier, student or a member of our personnel.
c. Compliance with our legal obligations.
It will be necessary to have the consent of the parents, guardians or legal representative of data subjects under 14 years of age for their data to be processed.
Users are solely responsible for the veracity of the data they send us.
6. Data storage
The personal data provided will be kept for the time necessary to fulfil the purpose for which they are collected, for the time required by law and for as long as necessary to determine possible responsibilities arising from the processing mentioned in the purposes.
Job applications will be kept for no more than one year or until the data subject asks us to delete their data.
We do not create profiles using your personal data. However, if we do, we will inform you and ask for your prior permission to do so.
You also have the right to object to this type of processing at any time by sending an email to firstname.lastname@example.org.
8. Transfer of personal data
As a general rule, our organization does not disclose personal data to third parties, although in some cases this may be necessary:
If you are an associate, client, student or supplier, your personal data may be disclosed to third parties as required by law (e.g. tax authorities). The same is true in cases and organizations where it is necessary to provide our services and pay invoices (e.g. banking institutions).
In addition, as a member, student, client or supplier, your personal data may be processed by certain suppliers to whom we delegate some of our obligations (e.g. accounting consultants). All data processors have signed a data processing contract and have agreed to comply with the same security measures implemented by our organization, and to be subject to professional secrecy and confidentiality regarding the personal data processed, among other obligations in the area of personal data protection.
If you are a user of our Website, a job applicant, an information seeker or a general data subject, your data will not be disclosed to third-party organizations unless we are legally obligated to do so.
In the case of transfers to other organizations or other countries outside the European Economic Area (EEA), we will inform you and ask for your express prior consent.
9. Security measures
Our organization has implemented all the necessary technical and organizational measures to protect the personal data processed and to prevent their loss, theft or unauthorized use.
These measures have been created based on the type of data processed and the purposes for which they are processed. These measures are regularly verified in our internal controls of data protection compliance and by external audits.
10. Rights of data subjects
You have the right to know whether your personal data are being processed by our organization; you therefore have the right to access your data, the right to rectification if they are inaccurate and the right to request their erasure when data are no longer necessary, provided this is legally possible.
You may also exercise your right to object, your right to restriction and your right to data portability if you deem it appropriate. To do so, you must send an email to our organization at email@example.com and attach a copy of your ID card to identify yourself.
If you wish to make a suggestion, complaint or query about processing of your personal data by our organization, you can contact our Data Protection Officer by email at firstname.lastname@example.org or by using the data subject contact form.
Data subjects under 14 years of age who wish to exercise their rights may do so through their parents, guardians or legal representative.
If you wish to make a complaint on the grounds that your rights have been infringed, you may do so at the Spanish Data Protection Agency, C/ Jorge Juan, 6, 28001 Madrid or at www.aepd.es.
11. Commitment to personal data protection
Scope of application
Our commitment to the protection of personal data is binding on all departments and employees in our organization, as well as those who act on our behalf.
We have established protocols for processing personal data pursuant to the provisions of European and Spanish data protection regulations.
Lawfulness, Fairness, Transparency, Data Minimization, Accuracy, Time Limitation on Storage, Integrity, Confidentiality and Proactive Responsibility.
Special categories of data
The processing of personal data that reveal racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership; the processing of genetic or biometric data, data concerning health and data concerning sexual orientation is prohibited except in legally authorized exceptions and with the prior consent of the data subject.
Rights of data subjects
Data subjects have the right to access their personal data, as well as the right to rectification if their data are inaccurate, the right to erasure if data are no longer necessary or processing is no longer desired, the right to restrict certain processing, the right to be able to receive their data from the Data Controller easily and in structured and commonly used formats, the right to decide if their data will be used for profiling purposes, and the right to object to processing at any time.
Register of activities, impact assessment and security measures
We keep a register of processing activities and analyse the purposes of processing, categories of data subjects and data, recipients, international transfers, storage periods, etc., in order to assess the risks of processing and implement the necessary security measures to ensure the confidentiality, integrity and availability of personal data.
We have also analysed the need to draw up an Impact Assessment and have appointed a Data Protection Officer who suitably fulfils the requirements of knowledge and experience pursuant to current legislation.
We also have external consultants who monitor all publications of the competent control bodies and other European and Spanish organizations on data protection regulations in order to comply with these regulations at all times.
Updating this policy
We reserve the right to modify this Policy without prior notice. We therefore recommend that you consult it each time you visit our Website.
Updated on 21 March 2023