Privacy policy and protection of personal data
This Data Protection Policy is an integral part of the Website's Legal Notice.
In compliance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016, regarding the protection of natural persons with regard to the processing of personal data and the free movement of These and by which Directive 95/46 / CE (“RGPD”) is repealed, as well as the rest of the development regulations, the Entity, informs Users that their data will be incorporated into the entity's databases, in accordance with the detail that follows:
1 Data of the person responsible for the file and contact information of the Security Manager
Identity: RAIL GRUP ASSOCIATION
Telephone: 934 159 865
E-mail: ccastillo@railgrup.net
Head of Security: Cristina Castillo
Contact details of the Security Manager: ccastillo@railgrup.net
2 Purposes of the treatment
The data that the Entity will keep about you are your name, address, telephone number, email address, as well as, if you are a client, the User name and password and the payment information.
The Entity will treat the information it has in relation to the affected persons with the following purposes:
Manage any type of request, suggestion or request about our professional services made by interested persons.
Research and internal development of the products and services we offer.
Commercial communications, which implies the processing of your data in order to inform you about activities, articles of interest and general information about our services via email.
Interested persons may unsubscribe from these communications at the following address ccastillo@railgrup.net.
Manage data provided by candidates for a job through the Curriculum Vitae (CV) that you provide us with for the purpose of the selection and recruitment process.
Similarly, we may be required to use and retain personal information for legal and compliance reasons.
We may also use personal information to comply with internal and external audit requirements and in any other way that we deem necessary or appropriate: (a) under applicable law (b) to respond to requests from courts, law enforcement agencies , regulatory bodies and other public and governmental authorities (c) to comply with our terms and conditions, and (d) to protect our rights, privacy, safety or property, or those of others.
The Entity will treat your data and information provided for the selection processes with the strictest confidentiality, adopting the necessary technical and organizational measures to avoid loss, misuse, alteration and / or unauthorized access.
Data retention
Curriculum Vitae Management: the Entity may keep your Curriculum Vitae for a maximum period of one year, once this period has concluded, it will automatically proceed to its destruction, in compliance with the principle of data quality.
To determine the retention periods for the rest of the data, the Entity considers local laws, contractual obligations and the expectations and requirements of our clients. When personal information is no longer necessary for the purpose for which it was collected, we delete or destroy it safely.
3 Legitimation
We process personal data in compliance with the law and with transparency and fairness. The data processing is carried out:
For the execution of the contracts signed with the Entity, the treatment being necessary for the fulfillment of our obligations towards you.
With your consent.
For the satisfaction of a legitimate interest pursued by the entities of the Entity
In compliance with the law.
4 Data flow
Managers of treatment: the Entity can facilitate access to certain personal data when it deems it necessary, in order to provide its services, as well as to improve them. When we share personal information, we do so in accordance with data security and privacy requirements.
Data transfer: No personal data is transferred to third parties, except as provided by law. The transfer of data, access and / or processing of personal data that are the responsibility of the Users is not considered when they are necessary for the adequate provision of the services they have contracted.
5 Origin
Origin: the Entity collects your personal information from the following sources:
Information that the affected party provides us directly when requesting information, hiring or using our services or when requesting customer service.
In addition, we may also obtain information