In compliance with the provisions set forth in the regulations governing personal data protection, specifically, Organic Law 3/2018 of 5 December on Protection of Personal Data Protection and Guarantee of Digital Rights, and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter, GDPR), you are hereby notified of how your personal data will be processed by us.
In order to guarantee proper management of your personal data processing, Reintel has appointed a Data Protection Officer, who may be reached for any queries you may have and who can be contacted at the following e-mail address firstname.lastname@example.org.
Who is your Data Controller?
Your data will be processed by Red Eléctrica Infraestructuras de Telecomunicación, S.A. (hereinafter, Reintel) with C.I.F: A-87323127 and mailing address for notification purposes: Paseo Conde de los Gaitanes Nº 177, La Moraleja, 28109 Alcobendas (Madrid).
Which data are processed and from which sources?
The data processed by Reintel as a result of the interactions carried out by the user on the website are obtained from the following sources:
- Data provided by the user by filling in forms made available by Reintel, by sending e-mails or by any other means by which the user communicates with Redeia.
- Data generated as a result of browsing and use of the website by the user.
Which are the purposes and legal legitimacy of your personal data processing?
As a general rule, your data will be processed by Reintel for the following purposes:
- To manage information requests, enquiries, applications and any doubts using the forms provided on the website. Based on the identification and contact data provided by you (name, surname, ID number, telephone number), Reintel will be able to answer your enquiries and to provide appropriate solutions to meet your personal needs. Reintel undertakes to process the data obtained and provided by you to the extent that such data is necessary for the purpose specified herein. In case of contacting Reintel by telephone, telephone calls may be recorded in order to guarantee the quality of the service and for security reasons. The legitimate basis for such processing is the initial pre-contractual or contractual relationship between Reintel and the relevant person or entity, pursuant to Article 6.1 b) of the GDPR.
- To comply with Reintel's legal obligations. Reintel, in its capacity as Data Controller, may be required to disclose your personal data (including contact details, navigation data or other data you may have provided us with) to Public Administration bodies, courts, regulatory bodies and State Security Forces and Corps upon request. The legitimate basis for such processing is Reintel's compliance with legal obligations, pursuant to the provisions set forth in Article 6.1 c) of the GDPR.
- To conduct perception studies. In order to verify your level of satisfaction with the work carried out by Reintel, your identification and contact data (name, surname, telephone number or e-mail address) may be used to carry out perception studies in order to improve the quality of our procedures and services. The legitimate basis for such processing is Reintel's legitimate interest in understanding your level of satisfaction, pursuant to the provisions set forth in Article 6.1 f) of the GDPR.
How will minor's data be processed?
As a general rule, Reintel's contents and services are mainly targeted and designed for people over 18 years of age; therefore, minors are not allowed to access Reintel's contents and services.
How long will your data be kept by us?
Reintel shall keep any personal data provided by you for the time required to process your request, consultation, proposal, complaint or claim, or during the contractual relationship, as long as the deletion or opposition thereof is not requested by the interested party and such data shall not be deleted as required to comply with any legal obligation or in order to submit, pursue and defend legal claims.
In this regard, Reintel shall keep the personal data upon termination of their relationship with you, such data shall be duly blocked, except for the purpose of disclosing such data to the Public Administrations, Judges and Courts to address any potential liabilities arising from such processing, as well as to exercise and defend claims before the Spanish Data Protection Agency, and such data shall be kept for the statute of limitations period for any actions that may arise from the relationship entered into with the user.
Your personal data will be kept for the time required to comply with the purpose of the collection thereof. If your data is used for several purposes requiring us to keep such data for different periods of time, the longest retention period will be applied.
How will your data be collected?
In each process on which your personal data is provided, you will be duly notified of the mandatory or optional nature of such data (for example, by means of an asterisk in those fields in which mandatory data is requested), and of the consequences of failing to provide such data.
Pursuant to Article 14 of the GDPR, you undertake to provide any relevant information to any third party you provide us with personal data.
Who will your data be disclosed to?
Reintel will disclose and provide your personal data for the above-mentioned purposes and in accordance with the above-mentioned legitimate processing grounds to:
- Redeia's partnerships, which can be found at https://www.redeia.com/en/about-us.
- Public Administrations and the Judiciary and, in general, any competent Authorities in case Reintel is legally bound to provide such data.
- Reintel's suppliers with access to such personal data, when access thereto is required in the capacity thereof as Reintel's data processors, as a consequence of the services provided to Reintel, and in compliance with the conditions set forth in the applicable data processing agreement.
- Due to the activities carried out by Reintel, international data transfers to countries outside the European Economic Area (EEA) may be carried out. In those cases, in which international data are transferred to countries outside the European Economic Area (EEA) or to countries not providing an adequate level of protection, the necessary measures will be adopted to ensure the required guarantees by means of using Standard Contractual Clauses and any other clauses that, pursuant to the applicable regulations, legitimate the international transfer.
All suppliers having access to personal data and which provide services to Reintel have duly signed the corresponding data controller agreement as provided for in Article 28 of the GDPR, and shall undertake to comply with the following obligations: to apply appropriate technical and organisational measures; to process personal data for the agreed purposes and solely in compliance with Reintel's informed instructions and the obligation to delete the data once the provision of the services has been completed.
How do we guarantee your data security?
Reintel implements and applies the appropriate technical and organisational measures to guarantee an adequate level of security based on previous risk assessments.
Specifically, Reintel has implemented all the available technical means to prevent the loss, misuse, alteration, unauthorised access and theft of the data provided by you.
Which are your rights when providing us with your data?
You are hereby informed by Reintel that you are entitled to obtain confirmation as to whether your personal data are being processed or not.
Likewise, Reintel hereby informs you that you may exercise the following rights regarding your personal data:
- Access: You are entitled to access your data in order to be informed which personal data is being processed by us and which concerns you.
- Rectification or erasure: In specific cases, you are entitled to rectify any personal data which you may deem inaccurate and which may affect you, and which are processed by Reintel, as well as to request the erasure of your data when, including but not limited to, the data are no longer necessary for the purposes for which they were collected.
- Restriction: In specific cases, you are entitled to ask us to restrict the processing of your data, in which case we will only retain the data for which you have requested restriction of processing for the purpose of pursuing or defending legal claims.
- Portability: In certain circumstances, you are entitled to receive your personal data, which have been provided to us, in a structured, machine-readable and standardised format and to have it transferred by Reintel to another data controller.
- Objection: In specific cases and for specific reasons relevant to your personal circumstances, you are entitled to object to your data being processed, in which case we would cease to process such data unless required for imperative purposes or in order to exercise or defend potential legal claims.
In order to exercise the above-mentioned rights, you shall have to submit a written request to the above-mentioned postal address, by duly identifying yourself, or by e-mail to the following address: email@example.com, including "Data Protection" in the subject line.
You can also contact our Data Protection Officer at the following address: firstname.lastname@example.org.
The data controller shall take all reasonable measures to provide the interested party with any information available regarding the data processing pursuant to the request, not later than one month following the receipt of the request. This period may be extended by two further months, depending on the complexity of the case and the number of requests.
You shall specify which of these rights you are seeking to enforce and, if it is not possible to confirm your identity at the time the request is submitted, proof of your identity shall be provided. If acting through a representative, whether statutory or voluntary, proof of such representation and the identity of the representative shall likewise be provided.
Furthermore, pursuant to Article 77 of the GDPR, in case you deem your right to the protection of personal data to have been violated, you may file a complaint with the Spanish regulatory authority, the Spanish Data Protection Agency (Agencia Española de Protección de Datos) (www.agpd.es) or take action before the competent courts, pursuant to the provisions set forth in Article 79 of the GDPR. Likewise, we hereby inform you that, initially, you may file a complaint with the Data Protection Officer at the following address: email@example.com.