Basic information on data processing (Regulation (EU) 2016/679 and LO 3/2018)
|Responsible for processing||CONSORCI PORT DE MATARÓ NIF: Q5856419F Passeig del Callao s/n, 08301 Mataró Email: email@example.com|
|Purpose of the processing||Management of Port de Mataró.|
|Legitimacy||Legitimacy will be based on the execution of the service contract and on the public interest, in general.|
|Recipients||Data will not be disclosed to third parties, unless required by law or deemed necessary to fulfil the purpose of the processing.|
|Rights of individuals||Data subjects have the right to exercise their rights of access, rectification, limitation of processing, deletion, portability and opposition, by sending their request to our address.|
|Data conservation period||As long as the relationship is maintained and for a period of time that is strictly necessary to comply with legal obligations.|
|Complaints||The interested parties may contact the APDCAT to present the complaint they consider appropriate.|
|Additional information||Additional and detailed information can be consulted below on «Questions on Privacy».|
Questions on Privacy
In compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR), and Organic Law 3/2018, of 5 December, on the Protection of Personal Data and Guarantee of Digital Rights (hereinafter, LOPDGDD) we offer you the following information on the processing of your personal data:
Who is responsible for the processing of your data?
Identity: CONSORCI PORT DE MATARÓ
Address: Passeig del Callao, s/n 08301 Mataró
Phone: 93 755 09 61
For what purpose do we process your personal data?
We process personal data in order to provide the contracted services. This treatment is necessary to maintain the contractual relationship with our users and clients, performing the essential steps to carry out the services provided by the Consorci Port de Mataró, such as the rental of moorings, the occupation of the public domain, port intervention, port maintenance, access to the port parking, the use of towing, the use of the ramp, the use of the Conference Room, the use of Wi-Fi, the issuance of certificates and any other activity that involves the management of Port de Mataró.
Compliance with legal obligations related to the port management (customs, taxes and security).
Attend to your requests and consultations.
Carry out statistical studies in relation to the management of the port, to help improve the service or design new services.
If you provide consent, we may also process your data to send you commercial information related to the services and activities of Port de Mataró.
When you access the port facilities your image can be recorded by video surveillance cameras for security control purposes.
If you send us your resume, your data will be processed in order to manage the CV’s database for the selection of personnel.
What is the legitimacy for the processing of your data?
The reasons for legitimizing the processing of data for the purposes set out in the previous section are as follows:
- Providing the contracted service – Legitimacy: execution of the service contract.
- Fulfilment of legal obligations related to the management of the port – Legitimacy: fulfilment of legal obligations applicable to Consorci Port de Mataró.
- Attending the requests or consultations – Legitimacy: execution of the service contract or consent in the case of consultations made by interested parties who are not users of our services.
- Carrying out statistical studies – Legitimation: legitimate interest of Consorci Port de Mataró to be able to improve our services.
- Sending commercial information – Legitimacy: consent of the interested party.
- Security control (Video surveillance) – Legitimacy: fulfilment of a public interest mission.
- Selection of personnel – Legitimacy: consent of the interested party.
To which recipients will your data be communicated?
The data will be disclosed to third parties when required by law or deemed necessary to fulfil the purpose of the processing. For this reason, we communicate personal data to Administrations with competence in the activities carried out by the port, such as the Treasury, the Guardia Civil and other State bodies and security forces.
Likewise, we inform you that for the management of our activity we use third-party service providers that treat the data on behalf of Consorci Port de Mataró, to give us administrative, computer, security and maintenance support. The international transfer of data to companies that provide us with cloud computing services is carried out under the agreement between the European Union and the United States called “Privacy Shield”. Additional information can be found in COMMISSION IMPLEMENTING DECISION (EU) 2016/1250 of 12 July 2016.
What data de we process?
- Identification and contact data (name, ID, telephone, email, etc.). Information about your boat and vehicle registration. We collect these data when users sign the service contract or make use of them.
- Consumption data and data on connections to water and power supplies, wi-fi, etc.
- Bank details for billing services.
- Other information that you may provide us with when you contact us for different reasons, such as to make a query, to make a complaint, to communicate an emergency, to consult a doubt, etc.).
In the case of the video surveillance system:
In the case of resumes, please include:
- Personal features
- Academic and professional features
The data are limited, as we only process the data necessary for the provision of our services and the management of our activities.
How have we obtained your data?
The personal data that we process come from the interested party himself, who guarantees that the personal data provided are true and is responsible for communicating any changes. Data marked with an asterisk are mandatory in order to provide you with the requested service.
How long will we keep your data?
- In the case of accounting and tax documentation, your data will be kept for 6 years for commercial purposes, in accordance with Article 30 of the Commercial Code, and 4 years for tax purposes, in accordance with Articles 66 to 70 of the General Tax Law.
- The images captured by the video surveillance system will be kept for one month.
- In the case of resumes, data will be kept for one year.
What are your rights when you provide us with your data?
- Anyone is entitled to obtain confirmation as to whether or not we are processing their personal data.
- Data subjects have the right of access to their personal data, as well as the right to request the rectification of inaccurate data or, where appropriate, to request their deletion when, among other reasons, the data are no longer necessary for the purposes for which they were collected.
- In certain circumstances, data subjects may request the limitation of the processing of their data, in which case we will only keep them for the exercise or defence of claims.
- Also, in certain circumstances and for reasons related to their particular situation, data subjects may object to the processing of their data. In this case, we will stop processing the data, except for compelling legitimate reasons or for the exercise or defense of possible claims.
- Data subjects are also entitled to the portability of their data.
- Every data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects on him/her or significantly affects him/her in a similar way.
- Finally, data subjects have the right to lodge a complaint with the Catalan Data Protection Authority.
How can you exercise your rights?
By sending a letter with a copy of a document that identifies you to our physical or electronic address.
What security measures do we apply?
We apply the security measures established in article 32 of the GDPR, therefore, we have taken the necessary security measures to guarantee a level of security appropriate to the risk of the data processing that we carry out, with mechanisms that allow us to guarantee the confidentiality, integrity, availability and permanent resilience of the processing systems and services.
Some of these measures are:
- Information of the data processing policies to the personnel.
- Carrying out periodic backup copies.
- Data access control.
- Regular verification, evaluation and assessment processes.