Privacy Policy

This policy establishes how personal information of all people related to SUPRESU S.L. will be processed and protected through this website. Please, read all sections of the Legal Notice, the cookies policy and this privacy policy before using this website.

In accordance with the provisions of the EU Regulation 2016/679, of the European Parliament and of the Council of April 27, 2016 (GRDP) and Organic Law 3/2018, of December 5, on Personal Data Protection and guarantee of digital rights, SUPRESU S.L. informs you that, by accepting this Privacy Policy, you give your explicit, informed, free and unequivocal consent to have the Data you provide, and to which the security, technical and organizational measures are applied as provided for in current regulations, processed by SUPRESU S.L., as responsible for the processing.

Who is responsible for this website?

  • Identity of the responsible party: SUPRESU S.L.
  • Company name: SUPRESU
  • Tax ID (NIF/CIF): B20037867
  • Address: Polígono Industrial Eskuzaitzeta. Txaldatxur 4 – 20160 Zubieta (España).
  • Email: info@supresu.com
  • Contact information of the person responsible or representative and of the data protection officer:You can contact us using the contact form or writing an email to info@supresu.com.

Which personal data are collected on this website?

For the purposes established in this Privacy Policy, SUPRESU processes the Personal Data detailed below, which will depend on the different products or services you request on this Website:

Identification data: name, surnames.

Contact information: postal address, E-mail, mobile phone number.

Navigation dataIP address, type and identification of the device, type of browser, domain through which you access the Website, browsing data, activity on the Website.

We process your personal data with the following legal bases:

  • The consent of the user in relation to contact, subscription to content and sending commercial communications, via email, cookies or messaging systems.
  • The legitimate interest of the person responsible for the processing to protect the users of the NAME ACTIVITY website from abuse and fraud while using of our services.

For what purposes will we process your data?

On this website, there are different forms; the information collected in each of them will be used as follows:

Contact form: There is also a contact form for questions, suggestions or professional contact. In this case, the email address will be used to answer them and send the information that the user needs through the website.

Conservation period of personal data

Customer Data: The term to keep personal data will vary depending on the service contracted by the Customer. In any case, it will be the minimum necessary, and can be maintained up to:

- 4 years: Law on Infractions and Sanctions in the Social Order (duties regarding membership, registrations, cancellations, contributions, payment of salaries...); Arts. 66 et seq. General Tax Law (accounting books...).

- 5 years: Art. 1964 of the Civil Code (personal actions without special term).

- 6 years: Art. 30 of the Commercial Code (accounting books, invoices...).

- 10 years: Art. 25 of the Law on Prevention of Money Laundering and Financing of Terrorism.

Subscribers’ data:From the subscription date of the user until he/she cancels the subscription.

Data of potential customers:the data will be kept in any case as long as the commercial relationship lasts and, once terminated, for two years, unless the user first requests its deletion.

What are you entitled to regarding the use of your data?

Anyone has the right to have a confirmation as to whether at SUPRESU we are processing personal data concerning them or not.

Interested people have the right to:

  • Request access to personal data relating to the interested party.
  • Request their rectification or deletion.
  • Request their cancellation.
  • Request the limitation of their processing.
  • Oppose the processing.
  • Request data portability.

If you consented for a specific purpose, you have the right to withdraw the consent at any time, without affecting the legality of the processing, based on the consent prior to the withdrawal.

In the event that you feel your rights have been violated regarding the protection of your personal data, especially if you are not satisfied while exercising your rights, you can file a claim with the competent Data Protection Control Authority through its website: https://www.aepd.es/es

To exercise these rights, you can write to info@supresu.com.

There is a form to exercise your rights, you can request it by e-mail or if you prefer, you can use those prepared by the Spanish Data Protection Agency or third parties.

These forms must be electronically signed or accompanied by a photocopy of your Identity Document.

If someone represents you, you must attach a copy of his/her ID, or it must bear your electronic signature.

The forms can be submitted in person, sent by postal service or by e-mail to the address of the person responsible indicated at the beginning of this text.

Security Notification and Breach Declaration

At SUPRESU we take security measures appropriate to the risk level to protect personal information against loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the risks involved in the processing and the nature of personal information. However, if SUPRESU determines that your service data have been misused (even by a SUPRESU employee), exposed by a security breach or incorrectly acquired by a third party, SUPRESU will immediately inform you of said security breach, improper appropriation or acquisition.

Who shall receive the communication of your data?

Many tools used on this website to manage data are contracted by third parties. To provide the services strictly necessary for the activity development, SUPRESU shares data with the following suppliers under their corresponding privacy conditions:

Third party service providers (for example, payment processing services, order processing, analysis, marketing campaign management, website management, and e-mail distribution and other similar service providers) so that they can perform business functions in SUPRESU.

The web development and maintenance company, or the hosting company may have occasional access to this website. They have signed a service provision contract that requires them to maintain the same level of privacy applied to the processings carried out on this website.

Any international transfer of data derived from the use of tools or service providers must abide the Privacy Shield agreement, which guarantees that American software companies comply with European data protection policies regarding privacy, secrecy and data security.

Specifically, this website uses the following tools:

  • Analysis tools: Google Analytics.

Data secrecy and security

Supresu.com agrees to use and process the user's personal data, respecting confidentiality, in accordance with their purpose; as well as to comply with its duty to keep them and take any measure to prevent the alteration, loss, unauthorized processing or access, in accordance with the provisions of current data protection regulations.

This website includes an SSL certificate. This is a security protocol ensuring that your data travel completely and safely; that is, the data transmission between a server and the web user, and in feedback is fully ciphered or encrypted.

Supresu.com cannot guarantee the absolute unassailability of the Internet network, nor, therefore, the violation of data through fraudulent access to it by third parties.

As regards processing confidentiality, SUPRESU will ensure that any person authorized by SUPRESU to process customer data (including its staff, collaborators and suppliers), will be under the appropriate obligation of confidentiality (either a contractual or legal duty).

When a security incident occurs, upon becoming aware of it, SUPRESU must notify the Customer without undue delay and it must provide timely information related to the Security Incident as it is known, or when the customer reasonably requests it.

Accuracy and veracity of data

As a user, you are the sole responsible for the veracity and correctness of the data you send to supresu.com, exempt SUPRESU S.L. (SUPRESU) from any responsibility in this regard. Users guarantee and are responsible, in any case, for the accuracy, validity and authenticity of the personal data provided, and they agree to keep them duly updated. The user agrees to provide complete and correct information in the contact or subscription form.

Revocability

Consent, both for the processing and transfer of data of the interested parties, can be revoked at any time by communicating it to SUPRESU S.L. (SUPRESU) under the terms established in this Policy to exercise ARCO rights. This revocation will in no case be retroactive.

Changes to the privacy policy

SUPRESU S.L. reserves the right to modify this policy to adapt it to legislative or jurisprudential developments, as well as to industry practices. In such cases, it will announce the changes introduced on this page with reasonable advance before their implementation.

This privacy policy was last updated on 28/10/2023.