Responsible for your data: Identity: Cudeman, S.A. CIF: A02066983 and postal address: P.I. Campollano, C/B Nº 98. CP:02007. Albacete. Telephone: 967242910 E-mail: cudeman@cudeman.com. Contact DPD/SECURITY MANAGER: cudeman@cudeman.com
The Management / Governing Body of Cudeman, S.A. (hereinafter, the Data Controller), assumes the maximum responsibility and commitment to the establishment, implementation and maintenance of this Data Protection Policy, ensuring the continuous improvement of the Data Controller with the aim of achieving excellence in relation to compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (OJEU L 119/1, 04- 05-2016), and Spanish personal data protection regulations (Organic Law, specific sectoral legislation and its implementing rules).
The Data Protection Policy of Cudeman, S.A. is based on the principle of proactive responsibility, according to which the data controller is responsible for compliance with the regulatory and jurisprudential framework that governs this Policy, and is able to demonstrate it to the competent control authorities.
In this regard, the controller shall be governed by the following principles that should serve as a guide and frame of reference for all its personnel in the processing of personal data:
Data protection by design: the controller shall implement, both at the time of determining the means of processing and at the time of the processing itself, appropriate technical and organizational measures, such as pseudonymization, designed to effectively implement data protection principles, such as data minimization, and to integrate the necessary safeguards into the processing.
2. Data protection by default: the controller shall implement appropriate technical and organizational measures with a view to ensuring that, by default, only personal data that are necessary for each of the specific purposes of the processing are processed.
3. Data protection in the life cycle of the information: the measures that guarantee the protection of personal data shall be applicable during the complete life cycle of the information.
4. Lawfulness, fairness and transparency: personal data will be processed in a lawful, fair and transparent manner in relation to the data subject.
5. Purpose limitation: personal data will be collected for specified, explicit and legitimate purposes and will not be further processed in a way incompatible with those purposes.
6. Data minimization: personal data will be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
7. Accuracy: personal data shall be accurate and, if necessary, kept up to date; all reasonable steps shall be taken to ensure that personal data that are inaccurate in relation to the purposes for which they are processed are promptly deleted or rectified.
8. Limitation of the retention period: personal data will be kept in a form that allows the identification of data subjects for no longer than is necessary for the purposes of the processing of personal data.
9. Integrity and confidentiality: personal data shall be processed in such a way as to ensure adequate security of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, through the implementation of appropriate technical or organizational measures.
10. Information and training: one of the keys to guarantee the protection of personal data is the training and information provided to the personnel involved in the processing of such data. During the life cycle of the information, all personnel with access to the data shall be properly trained and informed about their obligations in relation to compliance with data protection regulations.
11. Exercise of rights: You have the right to exercise, at any time, your rights of access, rectification, deletion, opposition, oblivion and to data portability, by writing to: Cudeman, S.A. with address at P.I. Campollano, C/B Nº 98. CP:02007. Albacete or cudeman@cudeman.com, enclosing a photocopy of your Identity Document. In addition, you may exercise this right before the Control Authority by contacting the SPANISH DATA PROTECTION AGENCY. CALLE JORGE JUAN, N16. CP: 28001- MADRID. The Data Protection Policy of Cudeman, S.A. is communicated to all the personnel of the data controller and made available to all interested parties.
Consequently, this Data Protection Policy involves all the staff of the data controller, who must know and assume it, considering it as their own, each member being responsible for applying it and verifying the data protection rules applicable to their activity, as well as identifying and providing the opportunities for improvement that they consider appropriate with the aim of achieving excellence in relation to their compliance.
This Policy will be reviewed by the Management / Governing Body of Cudeman, S.A., as many times as deemed necessary, in order to adapt, at all times, to the provisions in force regarding the protection of personal data.
What personal data do we need?
Since you contact Cudeman, S.A., either because you request information about our products or services or because you want to be our customer, we need to process your personal data. In general, we will need to process your identification, contact, location, and other data necessary to carry out the purposes described in this clause.
The information we request is mandatory so that the refusal to provide or transfer them, if necessary, would make it impossible for us to provide the services you have requested or contracted. Likewise, your personal data must be truthful, complete, exact and updated so any modification in them must be communicated without delay. We inform you that Cudeman, S.A. will use your cell phone numbers, e-mail and address to inform you about any aspect related to the contracted service.
How do we collect your personal information?
You will have provided them directly or we will have accessed them as a result of your consultations, requests or contracting of Cudeman, S.A. products and services.
Who is responsible for your personal data?
Cudeman, S.A. with CIF: A02066983 and postal address: P.I. Campollano, C/B Nº 98. CP:02007. Albacete. Telephone: 967242910 E-mail: cudeman@cudeman.com.
Why do we process your personal data and on what basis?
We process your identification and contact data in order to proceed with the billing of the contracted services/products or respond to the questions you ask us through our contact and comment forms. Cudeman, S.A. will not need access to data of minors and others of special protection, unless they are necessary for the type of products or service you wish to contract with Cudeman, S.A.. The treatment of this data is necessary to attend your information request or, in its case, for the necessary management of the requested contracting and provision of the corresponding services. For how long will we keep your personal data? We will keep your data for as long as the purpose for which they have been collected is maintained. When it is no longer necessary for that purpose, we will keep blocked those data that may be necessary during the legally established periods to address any issues related to their treatment, remaining at the exclusive disposal of Judges and Courts, the Public Prosecutor's Office or the competent Public Administrations. Once the aforementioned term has expired, Cudeman, S.A. will delete your data.
On what basis do we process your data?
We rely on the provisions of Article 6 of the GDPR.
With whom do we share your personal data?
Your data will be transferred or communicated to third party companies or service providers in all those cases in which it is necessary for the development, fulfillment and control for the provision of the requested service or in cases where there is a legal obligation. In this sense, your data may be transferred, without limitation or exclusion, to the bodies of the Public Administration whose transfer is necessary for the provision of services arising from the business relationship.
Will data be transferred internationally?
No international transfers will be made.
What security measures do we employ?
The personal data communicated by the user to the website may be stored in automated databases or not, whose ownership corresponds exclusively to the website, assuming all the technical, organizational and security measures to ensure the confidentiality, integrity and quality of the information contained therein in accordance with the provisions of current legislation on data protection.
The communication between the users and the website uses a secure channel, and the transmitted data are encrypted thanks to HTTPS protocols. Therefore, we guarantee the best security conditions so that the confidentiality of the users is guaranteed.
What rights do you have when providing your data and how to exercise them?
In addition to the right to be informed in the way we are informing you in this clause, you have the following rights:
- Right of access to know what information about you is being processed, for what purposes, the origin of the data and whether we communicate or have communicated it to third parties;
- Right to modify your data when it is incomplete or inaccurate;
- Right of deletion of your data if the purpose for which you provided them has disappeared, the processing is not lawful, or you revoke your consent and other assumptions provided by law;
- Right of opposition to prevent us from processing your data for certain purposes, or to request that we stop doing so, although this is only possible in the cases established by law;
- Right to request the limitation of the processing while the accuracy of the data is being challenged, or you understand that the processing is unlawful and you oppose to the deletion of the data, or Cudeman, S.A. no longer needs the data but you need them for the formulation, exercise or defense of claims, or
erasure of the data, or Cudeman, S.A. no longer needs the data but you need them for the formulation, exercise or defense of claims, or you have opposed to the processing of the data for the
the same for the satisfaction of a legitimate interest while verifying the existence of the mentioned interest and its prevalence over yours; - Right to portability to receive your data in a structured and commonly used electronic format and to be able to transmit it to another data controller;
- The right not to be subject to automated individual decisions so that we do not make a decision about you based solely on the processing of your data that produces legal effects in your personal sphere or affects you in a similar way.
To exercise any of these rights, you may write to: Cudeman, S.A. with address at P.I. Campollano, C/B Nº 98. CP:02007. Albacete or cudeman@cudeman.com, enclosing a photocopy of your Identity Document. In addition, you may exercise this right before the Control Authority by contacting the SPANISH DATA PROTECTION AGENCY. CALLE JORGE JUAN, Nº16. CP: 28001- MADRID.