1 USER INFORMATION

ANDALTEC Technology Center, hereinafter referred to as RESPONSIBLE, is responsible for the processing of the User’s personal data and informs the User that such data will be processed in accordance with the provisions of Regulation (EU) 2016/679 of April 27, 2016 (GDPR) regarding the protection of natural persons in relation to the processing of personal data and the free movement of such data. Therefore, the following information regarding the processing is provided:

Purpose of the processing: to maintain a commercial relationship with the User. The operations intended for processing are:

• Maintaining the contractual relationship established between the data subject and ANDALTEC Technology Center.
• Sending commercial advertising communications by email, fax, SMS, MMS, social communities, or any other current or future electronic or physical means that enables commercial communications. These communications will be made by the RESPONSIBLE and will relate to its products and services, or those of its collaborators or suppliers with whom it has reached some promotion agreement. In this case, third parties will never have access to personal data.
• Conducting statistical studies.
• Processing orders, requests, or any other type of request made by the user through the available contact methods.
• Sending the website newsletter.

Legal basis for the processing:

As a general rule, prior to the processing of personal data, ANDALTEC Technology Center obtains the explicit consent of the data subject, through the incorporation of informed consent clauses in the different information collection systems.

However, in cases where the consent of the data subject is not required, the legal basis for processing is the execution of the established contractual relationship, the legitimate interest in business development (such as promotion and commercial prospecting), or the compliance with a law that authorizes or requires the processing of the data subject’s personal data.

If consent has been requested for any of the processing activities (such as sending information), we inform you that you can withdraw it at any time.

Data retention criteria: Data will be kept as long as there is a mutual interest to maintain the purpose of the processing. When it is no longer necessary for this purpose, it will be deleted with appropriate security measures to ensure data pseudonymization or complete destruction.

Data communication: Data will not be communicated to third parties, except for legal obligations.

Rights of the User:

• Right to withdraw consent at any time.
• Right to access, rectify, port, and erase personal data, and to limit or oppose the processing.
• Right to file a complaint with the supervisory authority (www.aepd.es) if the processing does not comply with current regulations.

Contact details to exercise your rights:

ANDALTEC Technology Center. Calle Vilches S/N, Polígono Industrial Cañada de la Fuente, CP 23600, Martos (Jaén), Spain. Phone: 953240149. E-mail: it@andaltec.org

2 OBLIGATORY OR VOLUNTARY NATURE OF THE INFORMATION PROVIDED BY THE USER

Users, by marking the corresponding boxes and entering data in the fields marked with an asterisk (*) in the contact form or in download forms, expressly, freely, and unequivocally accept that their data is necessary to attend to their request. The inclusion of data in the remaining fields is voluntary. The User guarantees that the personal data provided to the RESPONSIBLE is true and is responsible for communicating any modifications to them.

The RESPONSIBLE expressly informs and guarantees users that their personal data will not be transferred to third parties under any circumstances. If any transfer of personal data is made, the explicit, informed, and unequivocal consent of the Users will be requested beforehand. All data requested through the website is mandatory, as it is necessary to provide optimal service to the User. If all data is not provided, it cannot be guaranteed that the information and services provided will fully meet their needs.

3 SECURITY MEASURES

In accordance with the current regulations on the protection of personal data, the RESPONSIBLE complies with all provisions of the GDPR for the processing of personal data under its responsibility, and clearly with the principles described in Article 5 of the GDPR, by which data is processed in a lawful, fair, and transparent manner in relation to the data subject and is adequate, relevant, and limited to what is necessary for the purposes for which it is processed.

The RESPONSIBLE guarantees that it has implemented appropriate technical and organizational policies to apply the security measures set forth by the GDPR to protect the rights and freedoms of Users and has communicated the appropriate information to allow them to exercise their rights.