Privacy policy

Welcome to Infarco’s privacy policy. In this document you will find information of interest regarding how Infarco processes your personal data and the rights you have under the General Data Protection Regulation (GDPR).

1. Identification and contact details of the Data Controller

Infarco, has its registered address at Travesía de Roncesvalles, 1, 31699, Polígono de Olloki (Navarra), and its VAT nº is A-31243041.

You may contact Infarco through any of the following channels:

  • In person or via postal mail addressed to Infarco, Travesía de Roncesvalles, nº1, Polígono de Olloki 31699 Olloki (Navarre) -Spain.
  • Via e-mail: lopd@infarco.com
  • Via telephone number: 948 005005.

2. Exercise of rights

We inform you that you can exercise the following rights in relation to your personal data:

  1. Right to access your personal data in order to know which of them are being processed and the processing operations carried out using them.
  2. Right to rectify any inaccurate personal data.
  3. Right to suppress your personal data, when possible.
  4. Right to request limited processing of your personal data when the accuracy, legality or the need for the processing of the data is questionable, in which case, we may preserve the data solely for exercising or defending claims.
  5. Right to oppose the processing of your personal data, when the legal basis that allows us to carry out the processing is legitimate interest. Infarco will cease to process your data unless it has an imperative legitimate interest or for formulating, exercising or defending claims.
  6. Right to the portability of your data, when the legal basis that allows us to carry out the processing is the existence of a contractual relationship or your consent.
  7. Right to withdraw the consent given to Infarco.

On the other hand, we inform you that you have the right to file a complaint with the Spanish Data Protection Agency if you consider there has been a breach of the data protection legislation in relation to your personal data.

3. Information regarding the processing carried out by Infarco

Infarco manages the attention to the rights and obligations of the shareholder, the payment of dividends and the call to the Shareholders’ Meeting, and also provides personalized information and the annual report.

4. Security and guarantees

Our goal is to always process personal data in an appropriate and legal manner, in accordance with the current data protection principles, requesting the consent of the shareholders when these data are provided by them.

In the case of the processing of personal data that Infarco carries out on the basis of legitimate interest, the controller considers the interests, rights and freedoms of the concerned parties and weighs them to the extent required by applicable law to guarantee that the due privacy is not affected.

The security measures implemented correspond to those provided for in the National Security Framework in the field of Electronic Administration and which can be found in the documents that make up the security of Infarco’s information.

5. How long will we keep your data for?

We will keep your data for the time necessary to comply with applicable laws. If your data are no longer needed for the legal purposes for which they were obtained, they will be destroyed in accordance with the data protection laws.

6. Transfer of your data

In the event that personal data were transferred to other countries outside the European

Economic Area, Infarco legitimizes this treatment based on one of the following assumptions:

·         The transfer is based on an adequacy decision of the European Commission.

·         Transfer through adequate guarantees such as the contractual relationship between the parties, where the rights of those affected are guaranteed.

·         Transfers covered in specific situations and with adequate guarantees.

There may be data communications to comply with the legal obligations of each treatment.

In case of publication of the data in photos or videos on YouTube, they will be transferred internationally to Google, Inc., a US-based entity under the EU-US Privacy Shield Agreement (covered by Article 45.1 of EU Regulation 2016/679).

If you use Email marketing: Ther Rocket Science Group LLC (Mailchimp), you should know that Mailchimp has its servers hosted outside the EU in the US and is under the EU-US Prrivacy Shield agreement, whose information is available here[SAF1] , approved by the European Protection Committee. Its address is Mail Chimp 675 Ponce de León Ave NE, Suite 5000 Atlanta, Ga 30308.

7. Confidentiality

The personal data that we gather through the Website or through the various communications that we maintain with you shall be processing in a confidential manner, and we undertake to maintain them secret in accordance with the applicable legislation.

8. Updating the privacy policy

It is possible that this Privacy Policy may require updating. Therefore, you are required to review this policy periodically and, if possible, every time you access the Website, with the aim of being adequately informed about the type of information gathered and its processing.

You can find the Privacy Policy at the bottom of this website.

This Privacy Policy was last updated on 28 October 2019.

Loading posts...