1. Who is the data controller responsible for how your data is processed?

• Business name: CLECE, S.A.
• Tax code: A80364243
• tal address: Calle de Quintanavides, 19 Bloque 4 – Planta 1 y 2 (28050 –Madrid)
• Telephone: 91 745 91 00
• Data Protection Officer contact: rgpd-clece@clece.es

2. For what purpose and on what legal basis do we process your data?

Data obtained through the website will be processed for the following purposes:

To manage the request made through the website, either through the contact form or by means of a request sent by email. The legal basis for said processing is your express consent, which is considered to have been given when you send said form containing your personal information, or when you contact us by email.

3. How long will we keep your data?

The length of time for which your data will be kept is determined by ensuring compliance with the legislation in force, applicable regulations and requirements, and in any event:

Users who sent queries and/or requests for information: the time needed to address them.

4. Who might we share your data with?

In general terms, your data will not be shared with any third parties unless there is a legal obligation to do so.

Providers that offer their services (accommodation, platforms, and software) may access your data as part of their data processing agreement. As standard, their servers must be located within the European Economic Area, and for any providers located elsewhere, we always ensure that they are located in countries with an appropriate level of protection or that provide guarantees of compliance with European standards on matters of data protection in general, and GDPR in particular.

You are also informed that our company has an online presence on various social media platforms, such as Facebook, Twitter, YouTube, and LinkedIn. Our website contains links to our corporate profiles on these platforms, although by clicking on any of these buttons you will be directed to resources that are external to our website.

We recommend reading the privacy policies of these social media platforms in order to avoid sharing any unwanted information. The website contains the privacy and management configurations of the social media account so you can manage your preferences regarding privacy, identity, advertising, and other related elements.

5. How do we protect your personal data?

We undertake to ensure your personal data remains secure, taking all reasonable precautions to do so. We implement all necessary organizational and technical measures in accordance with the regulations in effect at any given time to protect against unauthorized access and any modification, disclosure, loss, or destruction of information. We require and contractually impose the same level of security from our service providers.

6. Exercise of rights

You may ask for confirmation that your personal data is being processed and, if so, to access and request a copy of said data. You may also request for any inaccurate data to be rectified or, as appropriate, request for it to be removed when the information is no longer necessary for the purpose for which it was obtained.

In certain circumstances, interested parties may request for any processing of their data to be restricted, in which case we will only retain it for the purpose of filing or defending complaints.

Finally, when appropriate, you may exercise the right to data portability in order to obtain the data in electronic format or for said data to be transferred to another entity.

To exercise said rights, you should write to the Data Protection Officer at the email address indicated in this policy’s header.

If the right is exercised through means not previously recorded in our database (e.g., from an email address other than the one you initially provided), and if there are reasonable doubts about the sender’s identity, some form of legally valid identification mechanism must be provided.

To help us process your request, please indicate “Exercise of Rights Website Users Data Protection” in the subject line.

Finally, if you feel that a particular occurrence may be considered a breach of applicable regulations in matters of data protection, you can write to the Data Protection Officer using the methods indicated above, without prejudice to your right to submit a complaint to the controlling authority on matters of personal data protection.