Privacy policy
PRIVACY POLICY
In compliance with REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of individuals with regard to the processing of personal data and the free movement of such data, and ‘Organic Law’ 3/2018 of 5 December on the Protection of Personal Data and guarantee of digital rights, you are hereby informed that the personal data provided by you through the www.castelldor.com website (hereinafter referred to as the website), will be processed subject to the following terms and conditions:
Data Controller
The personal data collected through this website will be processed by CASTELL D’OR, S.L., with an address for the exercise of rights at Crta. de Santes Creus s/n. Cp: 43814 Vila-rodona. Tarragona. +34 977 45 98 60. Email: castelldor@castelldor.com.
Purposes of Data Processing
- To provide information about our products and services when you request this through the website forms or via email.
- To respond to and manage your inquiries, comments and suggestions, as appropriate.
- To manage your participation in current and future recruitment processes when you submit your data (including your CV) for this purpose.
- To manage your order, if you place an order through the website.
- To gather information about website usage, such as the number of pages viewed, the number of visits, and visitor activity and frequency. For these purposes, the DATA CONTROLLER uses statistical information prepared by the Internet Service Provider that does not allow the identification of the data subject at any time.
- To manage and respond to communications submitted by informants through the Internal Information System, in accordance with Law 2/2023 of 20 February, regulating the protection of persons who report regulatory breaches and the fight against corruption.
Legal Basis
- Consent. The personal data obtained through the website forms will be processed solely based on the consent given by the data subject by ticking the box provided for this purpose. This consent can be withdrawn at any time.
- The legitimate interest of the data controller. The statistical information obtained from the website will be processed based on the legitimate interest of the data controller. This information does not allow the user to be identified.
- Performance of a contract. The processing carried out for the management of orders placed through the online store is based on executing a contract to which the data subject is a party or for the implementation at the request of the data subject of pre-contractual measures.
Recipients The personal data obtained through the website may be communicated to the corresponding financial institution if necessary to manage the payment of orders placed, as well as to the delivery company when necessary.
Data Retention The personal data provided by the user to receive commercial communications will be kept as long as the data subject does not request its deletion or revoke his or her consent.
When the user sends their personal data to participate in the DATA CONTROLLER’s recruitment processes, the data will be processed in order for the user to participate in current recruitment processes and, if not selected, their personal data will be retained for a period of two years to allow their participation in future recruitment processes.
When the user sends their data to contact the DATA CONTROLLER, make inquiries or suggestions, the data will be kept as long as necessary for this purpose and liabilities may arise from the processing. Traffic data, statistical data, and website visits: data will be retained for three years.
Rights You may exercise the rights of access, rectification, deletion, and portability of your data, and the limitation and opposition to its processing, by writing to CASTELL D’OR, S.L., accompanied by an official document that identifies you, addressed to Crta. de Santes Creus s/n. Cp: 43814 Vila-rodona. Tarragona. +34 977 45 98 60. Email: castelldor@castelldor.com. If you disagree with the processing, you also have the right to file a complaint with the Spanish Data Protection Agency (www.aepd.es).
Child Protection Policy Anyone providing data through the forms on this website and consenting to its processing declares that they are over 18 years of age. Access to and use of the website by minors under the age of 18 years is prohibited. The DATA CONTROLLER reminds adults who have minors in their care that it will be their sole responsibility if a minor provides their data to request any product.
You are also informed that there are computer programs available to filter or block access to certain content.
Processing Derived from the Use of Social Networks By following us on social media, you expressly consent to the processing of your personal data in accordance with the privacy policy of the corresponding social media platform. You also expressly agree that the DATA CONTROLLER’s may access the data contained in your profile and that the news published about any of the DATA CONTROLLER’s products appears in your feed. Your request to connect necessarily implies your consent to the aforementioned processing, which is the legal basis for the processing. The data will be kept for as long as the data subject does not object or withdraw his or her consent, which may be withdrawn at any time.
The posting of comments and content on social media will become public information, so users should be especially careful when deciding to share their personal information. The DATA CONTROLLER is not responsible for the data that users include on the page. However, individuals whose personal data is posted or included in comments may request that the DATA CONTROLLER delete it.
The Entity has implemented an Internal Information System (SIIF), which is configured as a fundamental axis for supervision, control, and prevention in the field of regulatory compliance, providing the highest standards, rigour, and professionalism in terms of security, confidentiality, data protection, experience, independence, and know-how in the processing of received communications.
The internal information channels integrated into the System have been implemented with technical tools that meet all the necessary requirements to support and guarantee our commitments set out above. Likewise, the SIIF guarantees the basic principles of anonymity, adequate registration, preservation and non-alteration, prevention of conflicts of interest, protection of the informant, and prevention of retaliation.
Through this System, any informant must report in good faith any indication, suspicion, or evidence of possible regulatory breaches, crimes, unethical behaviour, and, in general, non-compliance with the Entity’s protocols, standards, and codes of conduct.
Access to the SIIF has been enabled in a separate section of our website.