The MONTEPINO GROUP undertakes to comply with the Spanish and European legislation in force with regard to the protection of personal data; specifically, Regulation 2016/679 of the European Parliament and Council of 27 April 2016 and Organic Law 3/2018 of 5 December, regarding the Protection of Personal Data and the guarantee of digital rights.
Data Controller and declaration of legislative compliance. Internal Data Protection Officer contact details
As part of their commitment to comply with the legislation in force, all MONTEPINO GROUP employees follow the same standards and policies with regard to guaranteeing the protection of your personal data. You can find more information below relating to the companies within the Group who act as data controllers. The informational clauses or contracts you hold with the MONTEPINO GROUP will specify which company or companies act as data controllers for the processing of your data.
|Montepino Logística, S.L. and subsidiaries||B-99504227|
|Valfondo Holding, S.L.||B-99262776|
|Valfondo Inmuebles, S.L.||B-99264319|
|Valfondo Gestión, S.L.||B-99507469|
|Ingeniería Logística Tectónica, S.L.||B-01718725|
Si desea ponerse en contacto con nosotros para cualquier cuestión relacionada con el tratamiento de sus datos o con la normativa sobre protección de datos en general, puede hacerlo a través de las siguientes vías.
- Telephone: (+ 34) 976 30 18 22
Type, purpose and legitimate basis for the processing of personal data
We compile personal data relating to:
- Workers: this data is collected for the purpose of managing the working relationship, drawing up payslips, managing working days and other obligations deriving from this relationship. The data collected are identifying data, special categories of data (health/disability-related), personal characteristic data, academic and professional data, employment-related data and economic data. The legitimate basis for the processing of said data is the relationship between the parties, the legal obligation to collect these kinds of data and the consent of the parties affected. The retention period for the data is set at five years following the termination of the working relationship, except for payslips and TC1 and TC2 forms, which must be retained for ten years.
- Job seekers: this data is collected for the purpose of managing selection processes. The data collected are identifying data, personal characteristic data, academic and professional data and employment-related data. The legitimate basis for the processing of said data is the pre-contractual relationship between the parties and the consent of the parties affected. The retention period for said data is set at six months from the end of the selection process.
- Potential clients: this data is processed for the purpose of commercially managing potential clients. The data collected are identifying data and commercial information, and the legitimate basis is the execution of a pre-contract and the legitimate interest of the data controller. The retention period for the data is five years from the termination of contact with the potential client.
- Clients: the purpose for processing client data is the execution of a commercial contract or pre-contract and the provision of the required services. Identifying data, property data and economic data are thus requested. The legitimate basis for the processing of this data is the legitimate interest of the data controller and the execution of a contract. The data will be destroyed within five years of the termination of the commercial relationship.
- Suppliers: this data is collected for the purpose of managing commercial contracts, for which identifying data, financial or tax data and other data such as the TC2 form or secure civil data are collected. The legitimate basis for the processing of this data is the execution of the contract or pre-contract. The data will be destroyed within five years of the termination of the commercial relationship.
- Data relating to the exercising of rights: the purpose of processing such data is to allow data protection rights to be exercised. The legitimate basis for the collection of this data is compliance with the legislation in force regarding data protection. This data will be minimal and shall always be retained in compliance with the legislation in force regarding data protection.
- Partners: partner data is collected for the purpose of managing the company on an internal level. The legitimate basis for the collection of this data is the commercial relationship between the parties.
- Data relating to responding to queries: the contact details you use to identify yourself and contact us, such as your email address, telephone number or postal address, will be collected, as well as any other information that you freely choose to provide us with, which we cannot list here as we are not in a position to know the content of all possible communications we may receive. We process this personal data for the purpose of responding to your queries, as well as to allow you to exercise your rights regarding the protection of personal data. The legitimate basis for responding to communication from you is your consent and the legitimate interest of the MONTEPINO GROUP to respond to your queries. This data will be destroyed within two years.
The personal data provided will be retained as long as the relationship between us may last, for legal retention periods or until the affected party requests its deletion or objection. Generally speaking, the retention period is set at five years from the termination of the relationship between the parties. When this period is over, the data will be confidentially deleted or destroyed.
How do we share information with third parties?
The MONTEPINO GROUP informs affected parties that some of our suppliers may process your personal data through their role as data controllers, such as:
- Third-party service providers, when necessary for the provision of services, the coordination of activities, internal management, supplier approval, software, system and platform support, cloud services and electronic communication. In such cases, the third party may only access your data when the MONTEPINO GROUP maintains a contractual relationship with the data processor that guarantees confidentiality and prevents the use of the users' personal information that we make available to them for purposes other than those listed above, as well as complying with our internal privacy and information security regulations.
- When said transfer of data is required by law or competent authorities to respond to legal obligations, the investigation of possible illegal activity or complaints claiming that some of its content infringes the rights of third parties, to protect the rights, property or security of third parties or in the case of the merging, sale, restructuring, acquisition, creation of a joint venture, allocation, transfer or other provision, in whole or in part, of our business, shares or actions (for example: transfers to the Spanish Tax Office, Social Security Institute, etc).
In certain cases, the MONTEPINO GROUP uses third-party tools and services for the management of its services.
The MONTEPINO GROUP does not make international transfers of personal data, as it uses secure tools with servers that are preferably located within Spain, or when this is not possible, within another European Union member state, or a location which complies with European legislation based on the guidelines and recommendations of the Spanish Data Protection Agency, the European Commission and community agreements relating to the international transfer of data.
Exercising of rights and complaints before the Spanish Data Protection Agency
The User must indicate which right they wish to exercise and include a copy of their ID card or another form of valid identification to confirm their identity, including forms of electronic identification.
If their rights are not effectively addressed, they may make a complaint before the Spanish Data Protection Agency.
Your commitment: the accuracy of the data provided
The User declares that the personal data they provide to the MONTEPINO GROUP is accurate.
As a User, you must be aware that you are fully responsible for any damage that may occur, directly or indirectly, to the MONTEPINO GROUP as owner of this website or to a third party if you provide us with false data or the data of a third party without receiving their prior consent, resulting in deception or harm.
We request that Users kindly inform us of any changes made to the data provided so we can ensure your data remains accurate and up-to-date.
The consent of minors
The sending of personal data by users under 14 years of age through this website or the means of communication listed here is prohibited by the MONTEPINO GROUP. If the MONTEPINO GROUP detects users who may be under this age, their data will not be processed and therefore their queries will not be answered.
The MONTEPINO GROUP reserves the right to request a copy of Users' ID cards or equivalent form of identification to verify this if it suspects a User may be under this age.
Applicable security measures
To protect its users' personal data, the MONTEPINO GROUP ensures, on its own behalf and that of its data processors, that the most up-to-date technical and organisational measures are applied to protect personal data, taking into consideration the scope, context and purposes of its processing, as well as the differing probability and severity of risks to the rights and freedoms of those affected, aiming to be fully capable of ensuring the confidentiality, integrity, availability and resilience of its processing systems and services.
Our information security policies and procedures are reviewed and updated regularly to satisfy the needs of our business, changes to technology and regulatory requirements.
Applicable legislation and jurisdiction
If the User accesses this website from a location outside Spain, they are responsible for complying with all applicable local and international laws.