Basic information on data processing (Regulation (EU) 2016/679 and LO 3/2018)
|Responsible for processing||CONSORCI PORT DE MATARÓ NIF: Q5856419F Passeig del Callao s/n 08301 Mataró Email: firstname.lastname@example.org|
|Processing Purpose||Management of Port de Mataró.|
|Legitimacy||Legitimacy will be based on the execution of the service contract and on the public interest, in general.|
|Recipients||Data will not be disclosed to third parties, unless required by law or deemed necessary to fulfil the processing purpose.|
|Rights of individuals||Interested parties have the right to exercise their rights of access, rectification, limitation of treatment, deletion, portability and opposition, by sending their request to our address|
|Data conservation period||As long as the relationship is maintained and for a period of time that is strictly necessary to comply with legal obligations.|
|Complaints||The interested parties may contact the APDCAT to present the complaint they consider appropriate|
|Additional information||Additional and detailed information can be consulted below on «Questions on Privacy».|
Questions on Privacy
In compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR), and Organic Law 3/2018, of 5 December, on the Protection of Personal Data and Guarantee of Digital Rights (hereinafter, LOPDGDD) we offer you the following information on the processing of your personal data
Who is responsible for the processing of your data?
- Identity: CONSORCI PORT DE MATARÓ
- NIF: Q5856419F
- Address: Passeig del Callao s/n 08301 Mataró
- Tel.: 93 755 09 61
- Email: email@example.com
- Data Protection Officer’s Contact: firstname.lastname@example.org
For what purpose do we process your personal data?
- We process personal data in order to provide the contracted services. This processing is necessary to maintain the contractual relationship with our users and clients, performing the essential steps to carry out the services provided by the Consorci Port de Mataró, such as the rental of moorings, the occupation of the public domain, port intervention, port maintenance, access to the port parking, the use of towing, the use of the ramp, the use of the Conference Room, the use of Wi-Fi, the issuance of certificates and any other activity that involves the management of Port de Mataró.
- Compliance with legal obligations related to the port management (customs, taxes, security…).
- Attend to your requests and consultations.
- Carry out statistical studies in relation to the management of the port, to help improve the service or design new services.
- If you provide consent, we may also process your data to send you commercial information related to the services and activities of Port de Mataró.
- When you access the port facilities your image can be recorded by video surveillance cameras for security control purposes.
- If you send us your resume, your data will be processed in order to manage the CV’s database for the selection of personnel.
What is the legitimacy for the processing of your data?
The reasons for legitimizing data processing for the purposes set out in the previous section are as follows:
- Providing the contracted service – Legitimacy: execution of the service contract.
- Fulfilment of legal obligations related to the management of the port – Legitimacy: fulfilment of legal obligations applicable to Consorci Port de Mataró.
- Attending the requests or consultations – Legitimacy: execution of the service contract or consent in the case of consultations made by interested parties who are not users of our services.
- Carrying out statistical studies – Legitimacy: legitimate interest of Consorci Port de Mataró to be able to improve our services.
- Sending commercial information – Legitimacy: consent of the interested party.
- Security control (Video surveillance) – Legitimacy: fulfilment of a public interest mission.
- Selection of personnel – Legitimacy: consent of the interested party, legal obligation and public interest mission.
To which recipients will your data be communicated?
The data will be disclosed to third parties when required by law or deemed necessary to fulfil the purpose of processing. For this reason, we communicate personal data to Administrations with competence in the activities carried out by the Port, such as the Treasury, the Guardia Civil and other State bodies and security forces.
What data do we process?
- Identification and contact data (name, ID, telephone, email, etc.). Information about your boat and vehicle registration. We collect these data when users sign the service contract or make use of them.
- Consumption data and data on connections to water and power supplies, Wi-Fi, etc.
- Bank details for billing purposes.
- Other information that you may provide us with when you contact us for different reasons, such as to make a query, to make a complaint, to communicate an emergency, to consult a doubt, etc.).
In the case of video surveillance system:
In the case of resumes, please include:
- Personal features
- Academic and professional features
Data is limited, as we only process data necessary for the provision of our services and the management of our activities.
How have we obtained your data?
The personal data that we process comes from the interested party himself, who guarantees that the personal data provided are true and is responsible for communicating any changes. Data marked with asterisk are mandatory in order to provide you with the requested service.
How long will we keep your data?
- The personal data provided will be kept as long as you are a user of our services or want to receive information, as you may object to the processing of your data for commercial purposes at any time, and then during the deadline set to comply with our legal obligations, which in the case of accounting and tax documentation for commercial purposes is 6 years, in accordance with Article 30 of the Commercial Code, and 4 years for tax purposes, in accordance with Articles 66 to 70 of the General Tax Law.
- The images captured by the video surveillance system will be kept for one month.
- In the case of resumes, data will be kept unless you ask us to delete them.
What are your rights when you provide us with your data?
- Anyone is entitled to obtain confirmation as to whether or not we are processing their personal data.
- Individuals concerned have the right of access to their personal data, as well as the right to request the rectification of inaccurate data or, where appropriate, to request their deletion when, among other reasons, the data are no longer necessary for the purposes for which they were collected.
- In certain circumstances, individuals concerned may request the limitation of the processing of their data, in which case we will only keep them for the exercise or defense of claims.
- Also, in certain circumstances and for reasons related to their particular situation, interested parties may object to the processing of their data. In this case, we will stop processing the data, except for compelling legitimate reasons or for the exercise or defense of possible claims.
- Interested parties are also entitled to the portability of their data.
- Finally, interested parties have the right to lodge a complaint with the Catalan Data Protection Authority (Autoritat Catalana de Protecció de Dades).
How can you exercise your rights?
By sending a letter with a copy of a document that identifies you to our physical or electronic address.
Users can set their browser so that they are informed about cookie reception, and if they wish, prevent the installation of them on their computer. Please visit our cookies policy.
What security measures do we apply?
We apply the security measures established in article 32 of the GDPR, therefore, we have taken the necessary security measures to guarantee a level of security appropriate to the risk of the data processing that we carry out, with mechanisms that allow us to guarantee the confidentiality, integrity, availability and permanent resilience of the processing systems and services.
Some of these measures are:
- Information of the data processing policies to the personnel.
- Carrying out periodic backup copies.
- Data access control.
- Regular verification, evaluation and assessment processes.