PRIVACY AND DATA PROTECTION POLICY
In this Privacy Policy you will be able to know how Cisa Cedacería Industrial SL uses the personal data of our users and customers when they visit our website, interact with us or buy our products. It also details the rights related to their privacy and how the legislation protects them.
It is important that you read this Privacy Policy so that you know at all times how and why we use your data.
Laws incorporated in this privacy policy
This privacy policy is adapted to the Spanish and European regulations in force regarding the protection of personal data on the Internet. Specifically, it respects the following rules:
- REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation).
- Corrigendum to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation).
- Organic Law 3/2018 of 5 December on the Protection of Personal Data and the Guarantee of Digital Rights.
Who is responsible for processing your data?
The person responsible for processing the personal data collected through the website www.cisa.net when the user requests information, buys our products or contacts us directly through our forms in paper format, by email or telephone, is CISA Industrial SL with CIF B62617501 and registered in the Mercantile Registry of Barcelona in volume 33740 folio 137 page number B-236.018, 1st registration.
Our contact details:
Social housing: Balmes, 173 3º 2ª – 08006 Barcelona
Contact phone number: (+34) 934 863 115
Contact Email: cisa@cisa.net
In order to improve the confidence of our customers and users we inform you that we have adopted the necessary technical and organizational measures, according to the level of security appropriate to the risk of the data collected.
What data do we process?
When we speak of “personal data”, or “personal information”, we mean all information concerning a person that allows him or her to be identified. This does not include data from which identity has been removed (anonymous data).
We process the identifying data that our users provide us with such as first name, last name, billing address, shipping address, e-mail address, telephone numbers, and bank account number.
Under no circumstances do we collect personal data from special categories, such as data relating to race or ethnicity, religious or philosophical beliefs.
What is the purpose of data processing?
The personal data provided by the interested parties are processed:
- in order to fulfil the contract we are about to conclude or have concluded with the interested party. The purchase of one of our products constitutes a contract.
- In order to facilitate and manage the commercial information of the products on this website.
- To keep users informed of commercial news, products and services related to Xxxxxxxxxx in accordance with their interests.
- For the fulfilment of basic administrative tasks and legally imposed obligations..
What are the legal bases for the processing of personal data?
Regarding the data provided, the purpose is to establish a business relationship, the legal basis is the established contract, our legitimate interest to keep our records updated, to comply with administrative tasks and to build customer loyalty, as well as the compliance with legally imposed obligations.
With regard to the sending of commercial information the legal basis will be the consent given and/or the existing contractual or pre-contractual relationship.
Cisa Cedacería Industrial SL undertakes to obtain the express and verifiable consent of the User for the processing of his/her personal data for one or more specific purposes.
The User shall have the right to withdraw his consent at any time. Withdrawing consent will be as easy as giving it. As a general rule, withdrawal of consent shall not condition the use of the Website.
Principles applicable to the processing of personal data
The processing of the User’s personal data shall be subject to the following principles as set out in article 5 of the RGPD:
- Principle of legality, loyalty and transparency: the User’s consent will be required at all times, after being informed in a completely transparent manner of the purposes for which the personal data are collected.
- Principle of purpose limitation: personal data will be collected for specific, explicit and legitimate purposes.
- Data minimization principle: the personal data collected will be only those strictly necessary in relation to the purposes for which they are processed.
- Accuracy principle: personal data must be accurate and always updated..
- Principle of limitation of conservation period: personal data will only be kept in a way that allows the identification of the User for the time necessary for the purposes of their processing.
- Principle of integrity and confidentiality: personal data will be processed in a way that guarantees its security and confidentiality.
- Principle of proactive responsibility: the data controller shall be responsible for ensuring that the above principles are complied with.
How long will the recorded personal data be kept?
The personal data will be recorded for the time necessary for the purposes of their processing and, in any case, for the duration of the commercial and mercantile relationship and the time required to comply with legal obligations, or until the User requests their deletion..
Secrecy and security of personal data
Cisa Cedacería Industrial SL undertakes to adopt the necessary technical and organisational measures, according to the level of security appropriate to the risk of the data collected, in order to guarantee the security of the personal data and to avoid the accidental or unlawful destruction, loss or alteration of personal data transmitted, stored or otherwise processed, or the unauthorised communication of or access to such data.
However, since Cisa Cedacería Industrial SL cannot guarantee the impregnability of the Internet or the total absence of hackers or others who fraudulently access personal data, the Data Controller undertakes to inform the User without undue delay when a breach of personal data security occurs that is likely to involve a high risk to the rights and freedoms of individuals. In accordance with article 4 of the RGPD, a personal data security breach is understood to be any breach of security that results in the accidental or unlawful destruction, loss or alteration of personal data transmitted, stored or otherwise processed, or the unauthorized communication of or access to such data.
Personal data will be treated as confidential by the Data Controller, who undertakes to inform and to ensure by means of a legal or contractual obligation that such confidentiality is respected by his employees, associates, and any person to whom he makes the information accessible.
Recipients of personal data
No data will be passed on to third parties unless legally required.
Rights arising from the processing of personal data
The User may exercise against the Responsible for the treatment the following rights recognized in the RGPD::
- Right of access: This is the right of the User to obtain confirmation of whether or not the Responsible Party is processing his or her personal data and, if so, to obtain information about his or her specific personal data and the processing he or she has carried out or is carrying out, as well as, among other things, information available about the origin of such data and the recipients of the communications made or planned.
- Right of rectification: This is the user’s right to have his personal data modified if they are found to be inaccurate or, taking into account the purposes of the processing, incomplete.
- Right of suppression (“the right to forget”) This is the right of the User, provided that current legislation does not provide otherwise, to obtain the deletion of his or her personal data when these are no longer necessary for the purposes for which they were collected or processed; the User has withdrawn his or her consent to the processing and the processing has no other legal basis; the User objects to the processing and there is no other legitimate reason to continue with it; the personal data has been processed unlawfully; the personal data must be deleted in compliance with a legal obligation; or the personal data has been obtained as a result of a direct offer of information society services to a person under 14 years of age. In addition to the deletion of the data, the data controller must, taking into account the available technology and the cost of its implementation, take reasonable steps to inform the data controllers who are processing the personal data of the data subject’s request for the deletion of any link to those personal data.
- Right to limit processing: This is the User’s right to limit the processing of his or her personal data. The User has the right to obtain the limitation of the processing when he contests the accuracy of his personal data; the processing is unlawful; the Controller no longer needs the personal data, but the User needs it to make claims; and when the User has opposed the processing.
- Right to data portability: In the event that the processing is carried out by automated means, the User shall have the right to receive from the Data Controller his personal data in a structured, commonly used and machine-readable format and to transmit them to another Data Controller. Wherever technically possible, the data controller shall transmit the data directly to that other controller.
- Right of opposition: It is the right of the User to not have his personal data processed or to have the processing of these data stopped by the person in charge..
- The right not to be subject to a decision based solely on the automated processing..
The User may exercise his/her rights by means of a written communication addressed to Cisa Cedacería Industrial SL with express mention of:
- name, surname of the user and a copy of the ID card.
- the specific reasons for the request or information to be accessed.
- address for notification purposes, date and signature of the applicant
- any document that accredits the request being made.
This application and any other attached documents may be sent to the following address and/or e-mail:
Postal address: Batzacs, 6 Nau B Pol. Ind. Els Batzacs – 08185 Lliçà de Vall (Barcelona)
E-mail: cisa@cisa.net
Links to third party websites.
The Website may include hyperlinks or links that allow access to the websites of third parties other than Cisa Cedacería Industrial SL, and which are therefore not operated by Cisa Cedacería Industrial SL. The owners of these websites will have their own data protection policies, and will be responsible for their own files and privacy practices in each case..
Complaints to the supervisory authority
In the event that the User considers that there is a problem or infringement of the regulations in force in the way his or her personal data is being processed, he or she shall be entitled to effective judicial protection and to lodge a complaint with a supervisory authority, in particular in the State in which he or she has his or her habitual residence, place of work or place of the alleged infringement. In the case of Spain, the supervisory authority is the Spanish Data Protection Agency (http://www.agpd.es).
Cookie policy
Cisa Cedacería Industrial SL has developed this policy to inform you of what a cookie is, which we use on this website and to help you manage them as they are of interest to you.
With your first visit to our website you are being informed of the existence of cookies and of this cookie policy. On future visits you can consult our policy at any time at the bottom of the website “Cookie Policy”. The use of this website with the functionality of the browser enabled to accept cookies implies the acceptance by the user of the cookie technology used by this website.
What are cookies?
A cookie is a small piece of text that websites you visit send to your browser that allows the website to remember information about your visit, such as your preferred language and other options, in order to facilitate your next visit and make the site more useful to you. Cookies play a very important role and contribute to a better browsing experience for the user..
Types of cookies
Depending on the entity that manages the domain from which cookies are sent and the data obtained is processed, two types can be distinguished: own cookies and third party cookies..
There is also a second classification according to the length of time they remain stored in the client’s browser, which may be session cookies or persistent cookies..
Finally, there is another classification with five types of cookies according to the purpose for which the data obtained is processed: technical cookies, personalisation cookies, analysis cookies, advertising cookies and behavioural advertising cookies.
For more information on this subject, please consult the Spanish Data Protection Agency’s Guide to the Use of Cookies.
Cookies used on the website
The following identifies the cookies that are being used on this page as well as their type and function:
Cookies for internal use.
This website uses internal use cookies that are essential for the operation of the website, such as those that allow authentication or maintenance of the registered user’s session when they browse the page. The deactivation of these cookies prevents the correct functioning of some of the website’s functionalities. Analytical Cookies.
This website uses analytical cookies to gather statistics on user activity on the website and general website activity. The information collected is anonymous and allows us to optimize the navigation of our website and guarantee the best service to the user. The user can exclude his/her activity by means of the exclusion systems provided by the analytical tools.
The website of Cisa Cedacería Industrial SL uses Google Analytics, a web analytics service developed by Google, which allows the measurement and analysis of the navigation on the web pages. Cookies from this service can be viewed on your browser. According to the above typology, these are own, session and analysis cookies.
To ensure anonymity, Google will make your information anonymous by truncating the IP address before storing it, so that Google Analytics is not used to locate or collect personally identifiable information from site visitors. Google may only send the information collected by Google Analytics to third parties if legally obliged to do so. Under the terms of the Google Analytics service, Google will not associate your IP address with any other data held by Google.
WARRANTIES AND OPTIONS ON COOKIES
During the installation or updating of the browser, the user has the possibility to accept or reject the installation of cookies, or to refuse the installation of a certain type of cookie, such as advertising and third-party cookies. In addition, after each session you can delete all or some of the stored cookies.
The user can also activate:
- private browsing, by which your browser stops storing your browsing history, website passwords, cookies and other information on the pages you visit,
- o the no tracking function, whereby the browser asks the websites you visit not to track your browsing habits in order to, for example, advertise your interest in the sites you visit.
We recommend that you consult your browser’s help system for information on the various options for managing cookies. Please note that blocking cookies may affect some or all of the functionality of our website.
The Guide on the use of cookies is the first guide in Europe to be produced jointly by the data protection authority and representatives of the advertising industry. This document is the basis for compliance with the obligations set out in Article 22.2 of Law 34/2002 of 11 July, on information society services and electronic commerce (LSSI) concerning the installation of cookies on users’ terminals.