• PRIVACY
    POLICY

The MONTEPINO GROUP undertakes to comply with the Spanish and European legislation in force with regard to the protection of personal data; specifically, Regulation 2016/679 of the European Parliament and Council of 27 April 2016 and Organic Law 3/2018 of 5 December, regarding the Protection of Personal Data and the guarantee of digital rights.

Your privacy and trust are important to us, and we have therefore provided important information regarding how we process your personal data in this Privacy Policy. We recommend carefully reading the information provided below, and if you have any questions, you can get in touch with us via any of the means provided.


Data Controller and declaration of legislative compliance. Internal Data Protection Officer contact details

As part of their commitment to comply with the legislation in force, all MONTEPINO GROUP employees follow the same standards and policies with regard to guaranteeing the protection of your personal data. You can find more information below relating to the companies within the Group who act as data controllers. The informational clauses or contracts you hold with the MONTEPINO GROUP will specify which company or companies act as data controllers for the processing of your data.

COMPANY ID NUMBER
Montepino Logística, S.L. and subsidiaries B-99504227
Valfondo Holding, S.L. B-99262776
Valfondo Inmuebles, S.L. B-99264319
Valfondo Gestión, S.L. B-99507469
Ingeniería Logística Tectónica, S.L. B-01718725

Si desea ponerse en contacto con nosotros para cualquier cuestión relacionada con el tratamiento de sus datos o con la normativa sobre protección de datos en general, puede hacerlo a través de las siguientes vías.

- Telephone: (+ 34) 976 30 18 22

- Email: This email address is being protected from spambots. You need JavaScript enabled to view it.


Type, purpose and legitimate basis for the processing of personal data

We compile personal data relating to:

- Workers: this data is collected for the purpose of managing the working relationship, drawing up payslips, managing working days and other obligations deriving from this relationship. The data collected are identifying data, special categories of data (health/disability-related), personal characteristic data, academic and professional data, employment-related data and economic data. The legitimate basis for the processing of said data is the relationship between the parties, the legal obligation to collect these kinds of data and the consent of the parties affected. The retention period for the data is set at five years following the termination of the working relationship, except for payslips and TC1 and TC2 forms, which must be retained for ten years.

- Job seekers: this data is collected for the purpose of managing selection processes. The data collected are identifying data, personal characteristic data, academic and professional data and employment-related data. The legitimate basis for the processing of said data is the pre-contractual relationship between the parties and the consent of the parties affected. The retention period for said data is set at six months from the end of the selection process.

- Potential clients: this data is processed for the purpose of commercially managing potential clients. The data collected are identifying data and commercial information, and the legitimate basis is the execution of a pre-contract and the legitimate interest of the data controller. The retention period for the data is five years from the termination of contact with the potential client.

- Clients: the purpose for processing client data is the execution of a commercial contract or pre-contract and the provision of the required services. Identifying data, property data and economic data are thus requested. The legitimate basis for the processing of this data is the legitimate interest of the data controller and the execution of a contract. The data will be destroyed within five years of the termination of the commercial relationship.

- Suppliers: this data is collected for the purpose of managing commercial contracts, for which identifying data, financial or tax data and other data such as the TC2 form or secure civil data are collected. The legitimate basis for the processing of this data is the execution of the contract or pre-contract. The data will be destroyed within five years of the termination of the commercial relationship.

- Data relating to the exercising of rights: the purpose of processing such data is to allow data protection rights to be exercised. The legitimate basis for the collection of this data is compliance with the legislation in force regarding data protection. This data will be minimal and shall always be retained in compliance with the legislation in force regarding data protection.

- Partners: partner data is collected for the purpose of managing the company on an internal level. The legitimate basis for the collection of this data is the commercial relationship between the parties.

- Data relating to the Reporting Channel: this data is collected for the purpose of processing the reports received as a result of non-compliance with the Internal Privacy Policy, Code of Conduct and other internal regulations. The legitimate basis for the processing of this data is the legitimate interest of the data controller. This data collection will be minimal, and the data will be retained for 7 days unless it must be investigated. In such cases, the data will be retained for as long as said investigation, corresponding judicial proceedings or the period during which the resulting actions are to be undertaken should last.

- Data relating to responding to queries: the contact details you use to identify yourself and contact us, such as your email address, telephone number or postal address, will be collected, as well as any other information that you freely choose to provide us with, which we cannot list here as we are not in a position to know the content of all possible communications we may receive. We process this personal data for the purpose of responding to your queries, as well as to allow you to exercise your rights regarding the protection of personal data. The legitimate basis for responding to communication from you is your consent and the legitimate interest of the MONTEPINO GROUP to respond to your queries. This data will be destroyed within two years.

- Use of Cookies: The MONTEPINO GROUP may process the personal data collected through the cookies listed in the Cookie Policy. In this case, your personal data will be processed for the purposes of improving your experience as a user of our website and to collect statistical data relating to your use of our website. The legitimate basis for this data collection is your consent.


Retention periods

The personal data provided will be retained as long as the relationship between us may last, for legal retention periods or until the affected party requests its deletion or objection. Generally speaking, the retention period is set at five years from the termination of the relationship between the parties. When this period is over, the data will be confidentially deleted or destroyed.


How do we share information with third parties?

We share personal information with third parties so we are able to provide services in accordance with the terms set out in this Privacy Policy or when we consider this to be permissible or required by law. When we share personal information, it is in accordance with data privacy and security requirements.

The MONTEPINO GROUP informs affected parties that some of our suppliers may process your personal data through their role as data controllers, such as:

- Third-party service providers, when necessary for the provision of services, the coordination of activities, internal management, supplier approval, software, system and platform support, cloud services and electronic communication. In such cases, the third party may only access your data when the MONTEPINO GROUP maintains a contractual relationship with the data processor that guarantees confidentiality and prevents the use of the users' personal information that we make available to them for purposes other than those listed above, as well as complying with our internal privacy and information security regulations.

- When said transfer of data is required by law or competent authorities to respond to legal obligations, the investigation of possible illegal activity or complaints claiming that some of its content infringes the rights of third parties, to protect the rights, property or security of third parties or in the case of the merging, sale, restructuring, acquisition, creation of a joint venture, allocation, transfer or other provision, in whole or in part, of our business, shares or actions (for example: transfers to the Spanish Tax Office, Social Security Institute, etc).

Moreover, the companies listed at the beginning of this Privacy Policy can provide information to companies belonging to the MONTEPINO GROUP for the purposes of company management.


International transfers

In certain cases, the MONTEPINO GROUP uses third-party tools and services for the management of its services.

The MONTEPINO GROUP does not make international transfers of personal data, as it uses secure tools with servers that are preferably located within Spain, or when this is not possible, within another European Union member state, or a location which complies with European legislation based on the guidelines and recommendations of the Spanish Data Protection Agency, the European Commission and community agreements relating to the international transfer of data.


Exercising of rights and complaints before the Spanish Data Protection Agency

The User can withdraw their consent and/or exercise their rights to access, rectification, erasure, limitation of processing, objection and portability, as laid out in the European personal data protection regulations, at any time, by sending an email to This email address is being protected from spambots. You need JavaScript enabled to view it. or via a letter addressed to GRUPO MONTEPINO, Calle Felipe Sanclemente 26, 3º; 50001 Zaragoza (Spain).

The User must indicate which right they wish to exercise and include a copy of their ID card or another form of valid identification to confirm their identity, including forms of electronic identification.

If their rights are not effectively addressed, they may make a complaint before the Spanish Data Protection Agency.


Your commitment: the accuracy of the data provided

The User declares that the personal data they provide to the MONTEPINO GROUP is accurate.

As a User, you must be aware that you are fully responsible for any damage that may occur, directly or indirectly, to the MONTEPINO GROUP as owner of this website or to a third party if you provide us with false data or the data of a third party without receiving their prior consent, resulting in deception or harm.

We request that Users kindly inform us of any changes made to the data provided so we can ensure your data remains accurate and up-to-date.


The consent of minors

The sending of personal data by users under 14 years of age through this website or the means of communication listed here is prohibited by the MONTEPINO GROUP. If the MONTEPINO GROUP detects users who may be under this age, their data will not be processed and therefore their queries will not be answered.

The MONTEPINO GROUP reserves the right to request a copy of Users' ID cards or equivalent form of identification to verify this if it suspects a User may be under this age.


Applicable security measures

To protect its users' personal data, the MONTEPINO GROUP ensures, on its own behalf and that of its data processors, that the most up-to-date technical and organisational measures are applied to protect personal data, taking into consideration the scope, context and purposes of its processing, as well as the differing probability and severity of risks to the rights and freedoms of those affected, aiming to be fully capable of ensuring the confidentiality, integrity, availability and resilience of its processing systems and services.

Our information security policies and procedures are reviewed and updated regularly to satisfy the needs of our business, changes to technology and regulatory requirements.


Applicable legislation and jurisdiction

The MONTEPINO GROUP is based in Spain, and therefore the contents of this Privacy Policy have been drawn up based on Spanish legislation and the relevant European Union regulations.

By accepting this Privacy Policy, the User accepts that complaints or appeals against this entity which originate from or are related to the use of this website; more specifically, to the processing of their personal data, shall be resolved by the court of competent jurisdiction located in Zaragoza. If the MONTEPINO GROUP has to make any kind of appeal, it shall do so before the competent court presiding over the residence of the User, or of the MONTEPINO GROUP (Calle Felipe Sanclemente 26, 3º; 50001 Zaragoza, Spain) if relating to legal persons or professionals who are not consumers.

If the User accesses this website from a location outside Spain, they are responsible for complying with all applicable local and international laws.






Latest update

Privacy Policy last updated: 10 December 2020