|Controller||The processed data are strictly necessary, appropriate and relevant for every purpose in question CREPAS S.L. is a personal data controller.||+ Information|
|Purpose||The purpose of the data processing shall correspond to the activities directly related to the CREPAS S.L. Departments, namely: ”Company dedicated to the design, manufacture and commercialization of own brand watches”.||+ Information|
|Lawful Basis||Data processing is based on the provisions set out in article 6 of RGPD. In the case of
CREPAS S.L., such processing is usually performed once the data subject has given his or her consent to the processing of their personal data for one or more specific purposes.
|Data Retention||Personal data provided shall be retained during the period required for the purposes they were originally collected for and to determine the liabilities that might have derived from such purpose; as well as during the legally stipulated retention periods (i.e. tax obligations).||+ Information|
Generally, personal data shall not be transferred to the third parties, unless otherwise specified by law:
|Rights of the Interested Parties||Our visitors and users are allowed to exercise the right of access, the right to rectification, erasure and portability of their data, as well as that of limitation and opposition to their data processing. They also have the right not to be subject to a decision based solely on automated data processing, if applicable, before the Spanish Data Protection Agency.||+ Information|
- Controller: CREPAS S.L.
- Tax ID (CIF): B93060580
- Address: Paseo Independencia 22, 7 planta – 50004 Zaragoza
- Phone number: 976 232 422
- Email: firstname.lastname@example.org
- Provide services to the current and / or potential clients
Company dedicated to the design, manufacture and commercialization of own brand watches
Send commercial information about our products and / or services
- Suppliers and third parties
Service outsourcing to the third parties (companies, freelance, foundations, associations, etc.)
- Human Resources
Personnel file. Time and attendance. Incompatibility. Training. Pension schemes. Occupational health and safety.
Issue payslips for employees, as well as its other derivative products.
Management of the union activity (if applicable).
- Video surveillance
Ensure the safety of people, goods and premises.
Lawfulness for processing
- RGPD: 6.1.a) the data subject has given consent to the processing of his or her personal data for one or more specific purposes.
- RGPD: 6.1.b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
- RGPD: 6.1. c) processing is necessary for compliance with a legal obligation to which the controller is subject.
- General Data Protection Regulation.
- Organic Law 3/2018, of 5 December, on Data Protection and Guarantee of Digital Rights.
- Law 34/2002, of 11 July, on Information society Services and Electronic Commerce (applicable to courier services, social networks and online retail sales).
* “You have the right to withdraw your consent at any time”.
- Current and potential clients and users
- Employees and co-workers
- Workers and potential candidates
- Individuals on the company premises
Categories of Personal Data
- Personal Identifiers (name, surname(s), Tax Identification Number, mailing address, phone number, e-mail address, website)
- Other personal data
- Account details
- Commercial Information
- Sale and purchase of goods and services
Categories of recipients
Personal Data of the clients shall be transferred to the following recipients:
- Public Administration (i.e. Tax Office; Department of Social Security)
- Judicial Bodies “if applicable” (Courts)
- Financial Institutions (Banks)
- Collaborating entities
International data transfers
No provisions apply to international data transfers.
Data Retention Period
Data shall be retained for as long as the purpose for which they were initially collected is fulfilled as well as to establish possible liabilities that might have derived from such purposes and data processing.
In compliance with the provisions of article 32 of the GDPR, CREPAS S.L. shall ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services. The level of security shall be appropriate to the risk of processing each type of personal data.
Rights to control your personal data
We recognise our visitors’ and users’ right of access, as well as their rights to rectification, erasure, data portability, restriction and object to its processing. They can exercise these rights following the legal procedures stipulated in the above-mentioned regulations.
For further information about the ways one can exercise his or her rights, the control authority in Spain, the Spanish Data Protection Agency, provides the following link with its detailed description and a form to fill out and send us: Exercise your rights
For any information or doubts regarding your data processing by CREPAS S.L. you might need to clarify, write to us at the following email: email@example.com
Complaint to the Spanish Data Protection Agency (AEPD)
If upon contacting us you consider your rights regarding the personal data are not being respected, you can complain to the Spanish Data Protection Agency (AEPD).
COMPAÑÍA RELOJERA ESPECIALIZADA PARA ACTIVIDADES SUBACUÁTICAS SL. (CREPAS S.L.)
Paseo Independencia 22, 7 planta – 50004 Zaragoza
1.- La Commission Nationale de l’informatique et des Libertés
2.- La Agencia Española de Protección de Datos (Spanish Data Protection Agency)