PRIVACY POLICY

As you are surely aware, the implementation of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of personal data (hereinafter referred to as the GPRD) highlights the need to strengthen the levels of security and protection of personal data. 

We want to inform you that MANUEL BUSTO AMANDI S. A. (hereinafter BODEGAS MAYADOR) complies with all the requirements of said legislation and that all the data, under our responsibility, are being treated in accordance with the legal requirements and keeping the due security measures that guarantee the confidentiality of the same. 

However, given the new legislative developments, we believe it is appropriate to inform you of and subject to your acceptance of the following privacy policy:

WHO IS RESPONSIBLE FOR PROCESSING YOUR DATA?

MANUEL BUST AMANDI S. A. (from now on, BODEGAS MAYADOR) - CIF nº A33019951, and located in La Rasa S/N, 33316, Villaviciosa - rgpd@mayador. Com

FOR WHAT PURPOSE DO WE PROCESS YOUR PERSONAL DATA?

  • Attention to your queries and requests: Management of responses to queries, complaints or incidents, requests for technical or corporate information, resources and/or activities.
  • Contact with the interested party through the means of communication provided (e-mail, postal address and/or telephone) in order to manage the queries that they make to us through the channels enabled for this purpose, to manage notices and to coordinate actions derived from the services that they request from us by people related to BODEGAS MAYADOR and/or by those in charge of processing related to the legitimate and/or consented purposes.
  • Offer and Commercial Management of the products and services offered by BODEGAS MAYADOR. Contact for the request of commercial data to manage the design and proposal of products and services.
  • Management of Regulatory Compliance (applicable regulations as well as mandatory internal regulations): Investigation, monitoring and auditing of controls established for the prevention of crimes. Access controls to the facilities can be established, as well as controls related to the use of images captured by video surveillance systems for the investigation of accidents and/or incidents that may occur, as well as breaches of regulations, crimes or illegal behavior.
  • Internal use, performance of operations and administrative, economic and accounting management arising from the commercial and/or contractual relationship.
  • Management of the organization's contracting and service provision, as well as compliance with contractual and regulatory requirements related to the requested organization or operation.
  • Sending commercial communications about products or services similar to those contracted by the customer with whom there is a previous contractual relationship, legitimised in accordance with Article 21 of the LSSICE.
  • Quality control over our products and services, quality management of processes and activities, as well as the evaluation of the results of satisfaction/perception and performance of the organization's stakeholders.
  • Providing evidence of justification for campaigns, activities, promotions, competitions, projects and grants in which the organisation is involved.
  • Management of Regulatory Compliance (applicable regulations as well as mandatory internal regulations): Investigation, monitoring and auditing of controls established for the prevention of crimes.
  • Profile Analysis, to the extent that you have unequivocally consented to us “In order to offer you products and services in accordance with your interests, as well as to improve your user experience, we will prepare a “profile”, based on the information provided. No automated decisions will be made on the basis of this profile”.
  • Evaluation of Asset Solvency and Credit in order to confirm the economic viability of the operation requested, as well as, if applicable, the communication and management associated with the claim of the amounts agreed for the provision of the service.
  • Statistical and historical purposes that allow us to improve the commercial strategy of our products and services.
  • The management and audit of the management systems and regulatory compliance of processes and facilities of the organization.
  • The contact and sending of personal communications, invitations to events and gifts aimed at customers, greetings, management of quality and satisfaction surveys, as well as to inform you periodically of new products, news and corporate information, rates, offers, catalogues and promotions of other products and services of BODEGAS MAYADOR in order to evaluate the quality of our processes and provide you with offers of products and services of interest to you by telephone, in writing or electronically, depending on the means of communication provided, to the extent that you have consented to this.
  • Dissemination of our best practices regarding the services we have provided and/or the publication and/or communication of graphic material that may incorporate the image of the owner and/or staff in charge in the corporate media (e. g. and not limited to, web, social networks, newsletters, activity report, reports, presence in the media) and/or other public media (sector publications and/or reports in the written press, TV, . . . ), as dissemination of the results of the activity, promotion and diffusion, management of campaigns, activities and events and/or as accreditation of technical solvency in the event of requests for evidence of justification in tendering processes, technical offers, projects and subsidies in which BODEGAS MAYADOR participates, to the extent that it has given its unequivocal consent.
  • Management of Visits and Video Surveillance of the Facilities, as well as security and regulatory compliance in the same, the investigation of possible incidents or accidents, management of associated insurance and management of warnings or sanctions for breaches of safety standards.
  • Hourly control and/or presence or attendance and monitoring through access registration, video surveillance and confirmation of functional performance both at the organisation's facilities and at third party facilities where the interested party carries out service provision functions for BODEGAS MAYADOR (surveillance and control to verify compliance by the supplier/collaborator with contractual obligations).
  • Evidence of the Organization's Compliance with Regulations before a third party that requires it: Communication to third parties of those data related to the interested party that are required by them in order to comply with the coordination of business activities, evidence of regulatory compliance of the organization and the third party's internal regulations and/or for the management of access to facilities. In cases in which the interested party gives his or her unequivocal consent, the communication of that information/documentation required by the third party that is not explicitly included in the established regulatory or legal obligations, but in the internal regulations of the third party, may be carried out to the extent that the interested party has given his or her consent.
  • To verify compliance by employees with their work obligations and duties in accordance with Article 20. 3 of the Workers'; Statute, which empowers the employer to adopt surveillance and control measures to this end (controls relating to the use of images captured by video surveillance systems for the investigation of accidents and/or incidents that may occur, as well as breaches of labour standards, crimes or illegal behaviour).
  • The international transfer of your data to the extent strictly necessary to comply with the management of a project in a country outside the EU. 
  • Health and safety management (prevention of occupational risks and safety monitoring) and compliance assessment. 
  • And in the event that you have consented, for the purposes described in the additional consents that you have unequivocally provided to us through formal means and/or by checking the boxes enabled in the data protection clauses enabled in the form or base document that has regulated the relationship with BODEGAS MAYADOR, depending on the contact channel.

To the extent that you have provided us with your resume, the uses and purposes for which we treat your data are:

  • Internal use for selection processes for jobs, for their incorporation into the Job Bank and for the offer and management of possible job offers or collaboration that could be generated. 
  • Management of competence evaluation of candidates and people in selection and/or internal promotion to jobs
  • Use in relation to the development of the application and its incorporation into the BODEGAS MAYADOR Job Bank for the offer and management of possible job or collaboration offers that may be generated, insofar as this has been unequivocally consented to. Insofar as you do not consent to such a purpose, we will not be able to receive your application insofar as the management of candidates is carried out through the aforementioned job centre. 
  • Use of your CV in the technical offer for projects in which your incorporation is valued, if you have unequivocally consented to this.
  • Management of Regulatory Compliance (applicable regulations as well as mandatory internal regulations): Investigation, monitoring and auditing of controls established for the prevention of crimes. Controls of access to facilities, information systems and printing of documentation for all personal data under the responsibility of the organization and therefore for all information systems of this entity can be established, as well as controls relating to the use of images captured by video surveillance systems for the investigation of accidents and/or incidents that may occur, as well as breaches of labor standards, crimes or illegal behavior.
  • Management of the contact with the interested party through the media provided (e-mail and/or telephone) in order to manage notices and coordinate actions for the management of the selection process by personnel related to BODEGAS MAYADOR and/or third parties who are hired by the selection processes of candidates for vacancies or jobs. 
  • The performance of the tests and/or certificates of aptitude that may be required for the purpose of personnel selection, which will be optional, will be understood as an expression of the user's consent to the inclusion of the data provided, as well as, eventually, to its evaluation, in the database of the BODEGAS MAYADOR Job Centre and its automated processing for the purpose of carrying out that selection. As a consequence of the access to the facilities that could require the accomplishment of these tests and/or aptitude certificates, treatments associated to the security of these facilities could be carried out by means of access registration.
  • Management of Visits and Video Surveillance of the Facilities, as well as safety and compliance with regulations, investigation of possible incidents or accidents, management of associated insurance and management of warnings or sanctions for non-compliance with safety regulations.

HOW LONG DO WE KEEP YOUR DATA?

  • The data provided will be kept for as long as the relationship of lawfulness of processing is maintained, and the deletion of the data is not requested by the data subject after the formalised written termination of the relationship with the data subject, with the exception of their retention for the formulation, exercise or defence of claims by the data controller or for the protection of the rights of another natural or legal person and/or for reasons of legal obligation. 
  • In any case, at the end of the relationship, the data of the interested party will be duly blocked, according to the provisions of current data protection regulations. 
  • Accounting and Fiscal Documentation - For fiscal purposes: The accounting books and other records required by the relevant tax regulations (income tax, VAT, income tax, etc. ), as well as the documentary supports that justify the entries recorded in the books (including computer programs and files and any other evidence that has fiscal significance), must be kept, at least, during the period of limitation of Fiscal Offences - General Tax Law and Criminal Code, Prescription of infringements 10 years.
  • Accounting and Fiscal Documentation - For Commercial purposes: Books, correspondence, documentation and justifications concerning your business - Commercial Code - 6 years. 
  • The images/sounds captured by video surveillance systems will be cancelled within a maximum of one month from their capture, unless they are related to serious or very serious criminal or administrative offences in the field of public security, an ongoing police investigation or open judicial or administrative proceedings (Instruction 1/2006 AEPD on surveillance - 30 days. 
  • Data included in automated processing created to control access to buildings - Instruction 1/1996 AEPD on automated files established for the purpose of controlling access to buildings - 30 days.
  • Solvency files: Data referring to certain debts, due and payable and unclaimed -LOPD - 5 years.
  • Occupational Risk Prevention Documentation - Documentation on worker information and training. Records of occupational accidents or diseases - Law on Infractions and Penalties in the Social Order - 5 years. 
  • The data processed in connection with the legal guarantee will be kept for the duration of the legal guarantee and after its expiry, for as long as there may be a judicial or administrative claim in connection with the legal guarantee. 
  • The data processed for the sending of commercial communications will be kept until you revoke the consent given. 
  • The data relating to candidates who provide their curriculum vitae will be kept for a maximum of 1 calendar year from the date on which it is received (except in cases where the candidate is selected in which case, it will become part of the HR data processing of the contracting organisation), as well as the deadlines legally provided for the exercise or prescription of any liability action for breach of contract by the person concerned or by the Organisation.
  • Therefore, the data will be kept for the duration of the commercial relationship, based on the conservation periods established by the current regulations mentioned above, as well as the legal or contractual periods foreseen for the exercise or prescription of any action of responsibility for breach of contract on the part of the interested party or the Organization (Civil Code establishes a period of 5 years to be able to carry out an action for civil responsibility, a period that counts from the date in which the fulfillment of the obligation can be demanded).

WHAT IS THE LEGITIMACY FOR THE PROCESSING OF YOUR DATA?

  • The legal basis for the processing of your data is the fulfilment of your request. The data requested are necessary for the correct provision of the same. 
  • The execution of a contract, request, offer, order and/or commercial contract. 
  • To comply with a legal obligation: administrative, commercial, tax, accounting, civil and financial regulations, current legislation on labour matters, prevention of occupational hazards (coordination of business activities) and social security and consumer and user protection legislation, as well as the regulations inherent in the contracted operation and those associated with the sector. 
  • To satisfy a legitimate interest of the person in charge: Processing of data as part of a commercial relationship and/or contract, which is necessary for its maintenance or compliance, fraud prevention, as well as cases of legitimate interest in which the controller could be a party to the damage and it is necessary to process and communicate the data of the non-compliant party to third parties in order to manage the regulatory compliance and the defense of the interests of the controller, video surveillance purposes as a legitimate interest of the organization in the protection of its assets, as well as the legitimate interest of direct marketing enabled by the LSSICE (sending commercial electronic communications about products or services similar to those contracted by the customer with whom there is a previous contractual relationship).
  • Security and cases of legitimate interest in which the controller could be a party to the damage and it would be necessary to process and communicate the data of the non-compliant party to third parties in order to manage the compliance with the regulations and the defence of the interests of the controller. 
  • 20. 3 and 4 Royal Legislative Decree 1/1995, of 24 March, approving the revised text of the Workers'; Statute Act (ET): The employer may adopt the measures he deems most appropriate for monitoring and control to verify compliance by the worker with his labour obligations and duties, taking into account in their adoption and application the consideration due to his human dignity and taking into account the real capacity of the disabled workers, where appropriate.
  • In the case of data of candidates who provide their curriculum, the basis of legitimacy of the processing is the fulfillment of the request for incorporation into the job bank of the person concerned through the self-candidacy of the person concerned by sending his cv through the contact channels of the organization and / or recruitment companies hired for the selection of candidates for vacancies or jobs, as well as satisfying a legitimate interest of the Responsible: prevention of fraud and cases of legitimate interest in which the controller may be a party to the damage and it is necessary to process and communicate the data in case of breach to third parties in order to manage the compliance with regulations and the defence of the interests of the controller. 
  • The consent of the interested party who has provided us in an unequivocal manner through formal means and/or by ticking the boxes enabled for this purpose in the data protection clauses enabled in the base document that has regulated the commercial relationship according to the contact channel.

TO WHICH RECIPIENTS CAN YOUR DATA BE COMMUNICATED?

  • Organizations or persons directly contracted by the Data Controller for the provision of services related to the processing purposes (including but not limited to): Subcontracted entities for the execution of work/services subject to the contract with the client, Distributors, Collaborators, Commercial collaborators, Companies related to the management of the transport of our products, Advertising/Marketing Agencies, Legal Consultancy, Tax Consultancy, Accounting Consultancy, Entities of Collection Management and Credit Insurance, Management, Accounting and/or Regulatory Compliance Auditors, Computer Maintenance. 
  • Administrative bodies: Board and Shareholders. 
  • Insurance Agents and Insurers: Insurance underwritten by the organization in case of incidents. 
  • Solvency assessment institutions in order to evaluate the creditworthiness of the interested party in the face of payment methods or financing conditions that require it. 
  • Public administration bodies or organs with competence in the matters subject to the processing purposes: AEAT
  • Financial Entities: Direct debiting of receipts and/or management of collection of bills and other means of payment.
  • Security Forces and Corps: To the extent that a justified right of access is required in the investigation of a breach of regulations. 
  • Complaint Channel Compliance (Reports of violations of regulations and code of conduct are transmitted to the Regulatory Compliance Unit). 
  • Workers Representatives/Safety and Health Coordination, External Auditors: According to Compliance with R. D. 171/2004 - Accreditation delivers risks by Coordination of Business Activities. 
  • Insurance Companies: In the event of a claim, incident or accident, insurance companies are provided with the information needed to investigate the event in order to delimit the scope and coverage of the insurance premium contracted by the person responsible for the processing. 
  • In the case of data on candidates who provide their CV, the possible recipients could also be Organisations or persons directly hired by the Data Processing Manager for the provision of services linked to the processing purposes: temporary employment agencies and third parties hired for the selection processes of candidates for vacancies or jobs at BODEGAS MAYADOR.

UNDER WHAT GUARANTEES ARE YOUR DATA COMMUNICATED?

  • The communication of data to third parties is carried out to entities that accredit the provision of a Personal Data Protection System in accordance with current legislation.

WHAT ARE YOUR RIGHTS?

  • You have the right to obtain confirmation as to whether or not we are processing personal data concerning you. 
  • The persons concerned have the right to access their personal data, as well as the right to request the rectification of inaccurate data or, where appropriate, to request their deletion when, among other reasons, the data are no longer necessary for the purposes for which they were collected. It is not possible to exercise the right of rectification in the case of video surveillance processing since, by the nature of the data - images taken from reality that reflect an objective fact - it would be the exercise of a right of impossible content. 
  • In certain circumstances, data subjects may request that the processing of their data be limited, in which case we will only keep them for the exercise or defence of claims. 
  • In certain circumstances and for reasons related to their particular situation, data subjects may object to the processing of their data, in which case the data controller will cease to process the data, except for compelling legitimate reasons, or the exercise or defence of possible claims. 
  • Under the right of portability, data subjects have the right to obtain personal data concerning them in a structured format that is commonly used and machine-readable and to transmit it to another controller. 
  • If you have given consent for a specific purpose, you have the right to withdraw that consent at any time, without affecting the lawfulness of the processing based on the consent given prior to the withdrawal.

WHERE TO GO TO EXERCISE YOUR RIGHTS?

  • If you wish to exercise your rights, please contact the channel established for the exercise of rights by the controller: rgpd@mayador. com so that we can respond to your request in a managed manner.

WHAT INFORMATION IS REQUIRED TO EXERCISE YOUR RIGHTS?

In order to exercise your rights, we need proof of your identity and the specific request you make, as we ask you for the following information:

  • Documented information (written/e-mail) of the request in which the application is specified. 
  • Proof of identity as the holder of data subject to exercise (Name, surname(s) of the interested party and a photocopy of the ID card of the interested party and/or the person representing him/her, as well as the document proving such representation. Likewise, in the case of video surveillance, it is required to provide, as complementary documentation, an updated image that allows the person in charge to verify and contrast the presence of the affected person in his/her records. 
  • Address for notification purposes, date and signature of the applicant (if written), or full name and surname (if e-mail), or validation of the application in the private area of the communication channel with personal key for authentication of identity. 
  • Where the controller has reasonable doubts as to the identity of the natural person making the request, he or she may request that additional information necessary to confirm the identity of the data subject be supplied.

WHAT IS THE GENERAL PROCEDURE FOR EXERCISING YOUR RIGHTS?

Once we have received the required information, we will proceed to respond to your request in accordance with BODEGAS MAYADOR's general procedure for exercising rights:

  • The controller shall provide the data subject with information concerning his or her actions on the basis of a request pursuant to Articles 15 to 22 (Rights of the data subject), and in any event within one month of receipt of the request. 
  • This period may be extended by a further two months if necessary, taking into account the complexity and number of applications. 
  • The person responsible shall inform the person concerned of any such extension within one month of receipt of the request, stating the reasons for the delay. 
  • Where the applicant submits the application by electronic means, the information shall be provided by electronic means where possible, unless the applicant requests otherwise. If the controller does not comply with the request of the data subject, he shall inform the data subject without delay, and at the latest within one month of receipt of the request, of the reasons for his failure to act and of the possibility of lodging a complaint with a supervisory authority and of taking legal action. 
  • The information provided shall be free of charge, except for reasonable charges for administrative costs.
  • The controller may refuse to act on the request but shall bear the burden of proving that the request is manifestly unfounded or excessive. 
  • In order to comply with current regulations on video surveillance Inst. 1/2006 of the AEPD, we inform you that the period of conservation of the recordings is 1 month, as we cannot attend to formalised requests in subsequent periods. Likewise, in order to avoid affecting the rights of third parties, in the case of an application for access, we will proceed to issue a certificate in which, with the greatest possible precision and without affecting the rights of third parties, the data that have been processed are specified. Ex. “Your image was registered in our systems on the ___ day of the month of the year between _ hours and _ hours. Specifically, the system records your access and exit from the building”.

WHAT ARE THE COMPLAINT PROCEDURES?

If you believe that your rights have not been properly addressed, you have the right to file a complaint with the competent data protection authority (agpd. es).

HOW DID WE GET YOUR DATA?

Through:

  • The interested party itself or its legal representative, through the communication sent and/or through professional social networks
  • Commercial collaborators, events, fairs and sectorial conferences organized and/or in which the organization participates, legitimate commercial databases, professional social networks, search engines and databases on the Internet, as well as third parties with whom the data controller has a commercial relationship or service provision and for which he must have their personal data for the processing of the service requested or to comply with our contractual commitments and tax and accounting obligations associated with the service being contracted and/or for verification of regulatory compliance under the responsibility of the organization
  • In the case of data on candidates who provide their CVs, the possible origin of the data could be, in addition to the interested party itself, temporary employment agencies, entities with which internship agreements or training programmes have been established with a commitment to hire, professional social networks and/or third parties from whom the selection processes of candidates for vacancies or positions at BODEGAS MAYADOR are contracted.

WHAT CATEGORY OF DATA DO WE PROCESS?

  • The data structure that we process does not contain data relating to convictions and criminal offences, or specially protected data unless the interested party is the beneficiary of a special condition that must be considered in the provision of the service and/or in the management of the subsidy that may be processed (e. g. : situation of disability) and provides documentation that accredits this, as well as the cases in which the holder has special conditions and must provide documentation that incorporates this information so that compliance with this condition can be accredited or justified. 
  • Identification and contact data, for example, but not limited to: name, surname, telephone number or e-mail address, commercial information data, economic, financial and/or payment conditions data; other type of data: contact data of persons in the organization involved or related to the service object of the contract/request, as well as those related and/or provided with the Consultation, Request for Technical or Corporate Information, Resources and/or Activities, Complaints or Incidents that you make to us, as well as the personal data of third parties that you may provide.
  • Commercial data, contact persons for the administrative and operational management associated with the execution of the contract/project and workers who are going to carry out the contracted work in terms of coordination of business activities associated with the prevention of occupational hazards; In the case of workers who are going to carry out the contracted work in terms of coordination of business activities associated with the prevention of occupational hazards; Licenses or approvals, in the case of workers who are going to carry out the contracted work in terms of coordination of business activities associated with the prevention of occupational hazards; Commercial information and approval data; Economic, financial and/or collection conditions data; Goods and services supplied by the affected party, Financial transactions; Other data: Name, surname and NIF of the legal representative, contact details of people from the organisation involved in or related to the project that is the subject of the contract/order. 
  • In the case of data on candidates who provide their CV, the structure of data processed would be, by way of example, but not limited to, identification and contact data (address, contact telephone number and contact e-mail); academic and professional data relating to training, qualifications and professional experience; personal data associated with marital status, family data, date and place of birth, age, sex, nationality; work permit; data on employment status; other data (professional aspirations, leisure and hobbies). Insofar as the applicant reports a condition of disability, certificates may be required to prove this.

HOW IS YOUR PERSONAL DATA STORED SAFELY?

  • In relation to the processing of your personal data, we inform you:

The data controller takes all necessary measures to keep your personal data private and secure. Only authorised persons of BODEGAS MAYADOR, authorised personnel of third parties directly contracted by the Person in Charge of Processing for the provision of services related to the purposes of processing or authorised personnel of BODEGAS MAYADOR (who have the legal and contractual obligation to keep all information secure) have access to your personal data. All the personnel of BODEGAS MAYADOR who have access to your personal data are required to undertake to respect the Privacy Policy of the person responsible for processing and the regulations on data protection, and all the employees of third parties who have access to your personal data are required to sign the confidentiality commitments under the terms established in current legislation. In addition, it is contractually ensured that third party companies that have access to your personal data keep it safe. To ensure that your personal data is protected, BODEGAS MAYADOR has an IT security environment and takes the necessary measures to prevent unauthorised access.

BODEGAS MAYADOR has formalised agreements to guarantee that we treat your personal data correctly and in accordance with current data protection regulations. These agreements reflect the respective roles and responsibilities in relation to you, and consider which entity is best placed to meet your needs. These agreements do not affect your rights under data protection law. For more information on these agreements, please do not hesitate to contact us.

  • In relation to personal data to which BODEGAS MAYADOR may have access as a result of the services contracted, we inform you:

The provision of services under the contract may involve physical access by BODEGAS MAYADOR personnel to premises or facilities capable of storing personal data for which the customer is responsible for processing. In this sense, BODEGAS MAYADOR has signed clauses with its personnel that prohibit access to all types of confidential information and, specifically, to personal data belonging to the client, unless the service includes the processing of personal data, in which case, BODEGAS MAYADOR would act as the person in charge of processing the data, in which case the relevant contract would be established in accordance with current data protection regulations, which would include the object, duration, nature, purpose, category of the data being processed, security measures, obligations and rights of the person in charge, organisational and technical security measures to guarantee confidentiality during the process, as well as the agreements adopted between the client and the person in charge regarding the transmission of security violations and/or the exercise of rights. The non-formalisation of the personal data processing service in a contract by the client presupposes that BODEGAS MAYADOR has no associated responsibility as a data processor.

However, in the event that you become aware of any confidential information for the purpose of providing the service, you agree to keep it secret, not to disclose it or publish it, either directly or through third parties or companies, or to make it available to third parties. This confidentiality obligation is of an indefinite nature, subsisting on the termination of the contract for any reason. BODEGAS MAYADOR undertakes to communicate and enforce the obligations established with regard to confidentiality to the personnel under its charge and contracted on its behalf.

  • With regard to the video-surveillance systems with which the facilities under the responsibility of BODEGAS MAYADOR are equipped, we inform you that BODEGAS MAYADOR takes all the necessary measures to keep your personal data private and safe:
    • LOCATION OF CAMERAS: The capture of images in areas destined to the rest of the workers will be avoided. 
    • LOCATION OF MONITORS: The monitors where the camera images are displayed will be located in a space with restricted access so that they are not accessible to unauthorized third parties. 
    • IMAGE CONSERVATION: Images will be stored for a maximum period of one month, with the exception of images provided to the courts and law enforcement agencies. 
    • DUTY OF INFORMATION: Information about the existence of the cameras and image recording will be provided by means of an information sign where a pictogram and a text detail the person responsible before whom the interested parties may exercise their right of access. 
    • LABOUR CONTROL: Insofar as the cameras can be used for the purpose of labour control as provided for in Article 20. 3 of the Workers'; Statute, the worker or his representatives are informed of the control measures established by the employer with express indication of the purpose of labour control of the images captured by the cameras, as indicated in the notification clause of inclusion and in this privacy policy.
    • RIGHT OF ACCESS TO IMAGES: In order to comply with the right of access of the interested parties, a recent photograph and the National Identity Document of the interested party will be requested, as well as the details of the date and time to which the right of access refers. The person concerned shall not be given direct access to the images from the cameras on which the images of third parties are displayed. If it is not possible for the interested party to view the images without showing images of third parties, a document will be provided to the interested party confirming or denying the existence of images of the interested party.

CHANGES IN PRIVACY POLICY

  • BODEGAS MAYADOR reserves the right to make, at any time, as many modifications, variations, deletions or cancellations in the contents and in the form of presentation of the same as it considers appropriate, as we recommend that you consult our privacy policy whenever you consider it relevant. If you do not agree with any of the changes, you can exercise your rights according to the procedure described by sending an email to rgpd@mayador. com.
  • With the acceptance and/or validation of the process that serves as the basis for the formalisation of your relationship with BODEGAS MAYADOR, you expressly consent to the processing of your data in accordance with the provisions of the clause and additional information on data protection, as well as to inform and have the consent of third parties from whom you provide personal data for such processing. If you have checked the appropriate consent box, the legal basis for such purposes is your consent, which you may withdraw at any time.
  • Likewise, and to the extent that as a result of its relationship BODEGAS MAYADOR may access personal data and/or confidential information, it undertakes to maintain absolute confidentiality and discretion regarding the information obtained about the activities, interested parties and entities related to BODEGAS MAYADOR, especially with regard to Personal Data, even after the end of its relationship with the organisation.

We use our own and third party cookies to obtain statistical data on the navigation of our users and improve our services. If you accept or continue browsing, we consider that you accept their use. You can change the settings or get more information here.

Agree

¿Tienes más de 18 años?