PRIVACY POLICY

This privacy policy is in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016, on the protection of individuals with regard to the processing of personal data and on the free movement of such data (GDPR), Organic Law 3/2018, of 5 December, on the Protection of Personal Data and guarantee of digital rights (LOPDGDD), as well as, insofar as it is not contrary to the aforementioned regulations, to Organic Law 15/1999, on the Protection of Personal Data (LOPD) and its implementing regulations, and/or those that may replace or
update them in the future.

Our organisation is committed to the privacy of your personal data. The personal data provided are necessary for the provision of our services and are processed in a lawful, fair and transparent manner, ensuring adequate security of the data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage through the implementation of technical and organisational measures.

In this document, we would like to provide you with all necessary information about the processing of your personal data by this organisation in a transparent and fair manner.

I.- DATA CONTROLLER

IDENTITY: ROLSER, S.A.
C.I.F. / N.I.F.: A03066909
ADDRESS: POL IND LES GALGUES, C/ METALURGIA, 6, 03750 PEDREGUER (ALICANTE)
TELEPHONE: 965760700
E-MAIL: rolser@rolser.com

II.- RECIPIENTS OF THE PERSONAL DATA

1.- The personal data provided will not be subject to assignment unless so stated in
each specific processing.

2.- Optionally, for the procurement of cloud computing services and/or services for sending
e-mails, communications, as well as other related IT services, the personal data
may be:

– Assigned to IT service companies located within the European Economic Area (EEA) or,

– Transferred to IT service companies located outside the EEA
adhered to the Privacy Shield protection framework and therefore have implemented the appropriate protection measures
to ensure the security of personal data. To obtain further information, please follow the link:
https://www.privacyshield.gov/welcome

3.- Optionally, to administrations and other bodies when required in compliance with
legal obligations.

III.- LEGAL BASIS LEGITIMISING THE PROCESSING OF PERSONAL DATA

For each specific processing of personal data, we will inform you of the legal basis for such processing.

IV.- RIGHTS

RIGHT TO ACCESS
It is the right to obtain from the controller confirmation as to whether or not personal data relating to the data subject are being processed and, if so, the right of access to the personal data and to the following information: the purposes of the processing, the categories of personal data concerned, the recipients or categories of recipients to whom the personal data have been or will be disclosed, the storage period or the criteria used to determine this period, the existence of the right to request from the controller the rectification or deletion of personal data or the restriction or objection to the processing of personal data relating to the data subject, the right to lodge a complaint with the Spanish Data Protection Agency (AEPD), the existence, where applicable, of automated decisions, including profiling, where data are transferred to third countries, the right to be informed of the appropriate safeguards applied.

RIGHT TO RECTIFY
It is the right to request the rectification of your personal data if these are inaccurate, including the right to complete information that is incomplete. Please note that by providing us with personal data by any means, you warrant that such data is true and accurate and you undertake to notify us of any changes or modifications to such data. Therefore, any damage caused as a result of the communication of erroneous, inaccurate or incomplete information in the forms on the website shall be the sole responsibility of the concerned party.

RIGHT TO SUPPRESS
This is the right to request the deletion of your personal data when, among other things, they are no longer necessary for the purpose for which they were gathered, or are otherwise being processed or you withdraw your consent. It should be borne in mind that erasure will not be applicable when the processing of personal data is necessary, among other cases, for the fulfilment of legal obligations or for the formulation, exercise or defence of claims.

RIGHT TO LIMITATION
This is the right to request that we restrict the processing of your personal data, which means that in certain cases you may ask us to temporarily stop processing your personal data or to store your data for longer than necessary when you may need it.

RIGHT TO WITHDRAW CONSENT
It is the right to withdraw the consent you have provided by ticking “I have read and accept the privacy policy” at any time and as specified in the relevant section “Exercise of rights” or in the specific processing of commercial communications or Newsletter. Please note that this right shall not apply if, inter alia, the processing of personal data is necessary for compliance with a legal obligation, the performance and maintenance of a contractual relationship, or for the formulation, exercise or defence of claims. Furthermore, the withdrawal of consent will not have retroactive effects, i.e. it will not affect the lawfulness of the processing based on the consent prior to its withdrawal.

RIGHT TO PORTABILITY
This is the right to receive the personal data concerning you and that you have provided to us in a structured, commonly used and machine-readable format and to transmit it to another controller, provided that: the processing is based on your consent and is carried out by automated or computerised means.

RIGHT TO OPPOSE
It is the right to oppose the processing of your personal data on the basis of our legitimate interest. We will cease to process your personal data unless we can prove compelling legitimate grounds for the processing that prevail over your interests, rights and freedoms, or for the formulation, exercise or defence of claims.

RIGHT TO SUBMIT A CLAIM BEFORE A CONTROL AUTHORITY
If you believe that we are processing your personal data in an incorrect manner, you can contact us or you also have the right to lodge a complaint with the Spanish Data Protection Agency
(AEPD): https://www.agpd.es/portalwebAGPD/index-ides-idphp.php

EXERCISE OF RIGHTS
You may exercise your rights by sending a letter to the postal address indicated above or by e-mail to rolser@rolser.com, enclosing in both cases a copy of your NIF/NIE/Passport or equivalent document.

V.- PERSONAL DATA PROCESSING.
GENERIC PROVISIONS
The personal data requested in each of the specific processing operations are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed, thus complying with the principle of data minimisation.
The personal data requested in each of the specific processing operations are strictly necessary; refusal to provide them would mean that we would not be able to provide the requested service. The communications of personal data provided for in each of the specific processing operations are in some cases necessary for the performance and maintenance of a contract and in other cases for compliance with a legal obligation applicable to the controller.
DIGITAL ASSISTANT – “CHATBOT” or “ONLINE CHAT”
In the event that this website uses online chat software, provided as a self-service to provide users with an adequate and quick response to frequently asked questions and to improve the customer service experience for the benefit of users visiting the website, the following data will be processed during the conversation with the “chat bot”: the IP address and other personal data entered in
the chat bot’s conversation function.

The data gathered will not be used to personally identify the website visitor, and will not be merged with personal data related to the bearer of the pseudonym, unless the personal data is provided voluntarily when using the online chat The legal basis for this processing is set out in Article 6(1)(f) of the
GDPR.

CONTACT FORM
Personal data will be processed in order to channel requests for information, suggestions and complaints from users or customers.

The legal basis that legitimises the processing of personal data is the express consent granted by ticking “I have read and accept the privacy policy”.

Personal data will be kept for a period of two years from the time they cease to be processed, without prejudice to the exercise of your rights as a data subject.

CURRICULUM VITAE FORM
Personal data will be processed in order to manage the selection process within the company.

The legal basis that legitimises the processing of personal data is the express consent granted by ticking “I have read and accept the privacy policy”.

Personal data will be kept for a period of two years from the time they cease to be processed, without prejudice to the exercise of your rights as a data subject.

COMMERCIAL COMMUNICATIONS OR NEWSLETTER FORM
Personal data will be processed to manage the subscription to our Newsletter, including the sending of personalised information or not about our products or services through various means such as telephone, e-mail, SMS, applications for mobile devices, as well as by any similar procedure. It should be borne in mind that this type of data processing may involve the analysis of your user profile to determine your preferences and therefore provide you with information that is better suited to your interests.

You can cancel your subscription to this type of processing, depending on the means used, as follows:
– E-mail address: Through the link to this effect that you will find in each of the
electronic communications or through a similar procedure specified in the commercial communication.
– WhatsApp (other apps): Requesting to cancel your subscription.
– SMS: Requesting to cancel your subscription.

The legal basis that legitimises the processing of personal data is the express consent given: by marking “I have read and accept the privacy policy” on the website, by means of a physical document or by e-mail, as the case may be.

Please note that if WhatsApp is used, personal data will be transferred to WhatsApp Ireland Limited, which is located in the EEA.

Personal data will be retained for as long as you do not withdraw your consent in the manner described in this paragraph.