We know that data privacy is a top issue today, and we want you to enjoy your interaction with us whilst knowing that we value your Personal Data and that we protect it.
In the same way, we inform you that your data will be processed in accordance with the personal data protection laws currently in force; specifically, according to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
It is important that you read this Policy carefully. Here you will find an overview of how we process your personal data, the purposes for which we process them and how you benefit. You will also see what your rights are and how you can contact us.
You should know that the Policy applies to all personal data processing carried out by any of the Guwertec departments.
It may be eventually required by the country you are in that this Policy is supplemented by local regulations. This Policy exclusively applies to our site www.guwertec.com
We believe you will find this Policy useful, but if you need to clarify something, you may contact us any time.
Definitions to better understand the Policy
Firstly, we want to provide you with the definition of some terms that you will find in our Policy:
“Online Services"” – includes any site/environment, website, channel/ application/ promotion, as well as any other online initiative of the Guwertec company.
“Personal data" – all the information collected from you that can be used to identify you (a credit card number, a telephone number, physical information or simply a name etc.)
“User” or “Subject” – basically, it is you. The regulation uses this expression to identify a human being whose data is processed
“Data Controller” – any entity, public authority, company or person who decides why, how and what data needs to be collected and processed (handled)
“Data Processor ”– entity which handles data on behalf of the controller
“Third party” – any entity, person, company or country who is involved in the handling of the data outside the data subject, the controller, the processor or an EU entity.
“Recipient” – person or entity to whom data is disclosed
“Consent” – your explicit approval to the processing of your data
"Personal data processing" "– the collection and handling of personal data
“Transfer” or “Comunicación de datos”– disclosure of data to a natural or legal person, public authority, agency, or other body; whether or not they are a Third Party
“Guwertec” – the company of the Guwertec that is responsible for data processing
“Data Protection Officer” – individual in charge of monitoring the processing of personal data when the organisation is a public authority or is processing personal data on a large scale
1. Does the Guwertec have a Data Protection Officer?
Yes. Guwertec has a Data Protection Officer to guarantee compliance with the current data protection norm.
2. Who is the Data Controller?
Every time that we collect any personal information, we will inform you which one of our departments is the Data Controller and provide you all of the information regarding how we process your data.
3. Which personal data do we collect ?
We process personal information about you that we collect either directly, through forms or data entry fields on our website, or through passive collection by cookies and other data collection technologies. The following is a non-exhaustive list of the data we process:
any data you provide us including your image or voice in those cases where the service requires it (i.e. a promo for videos or photographs…)
information collected from the access and use of our services, or your relationship with Guwertec,
data resulting from contact forms and subsequent communications,
your phone and any information you provide to us during your conversation with us – including your voice; we may record phone calls for internal purposes quality audits or as a proof for any claim or legal action, in or out of court, should the need arise,
your image in video-surveillance at our facilities mostly for fraud prevention and management purposes or events we organize; though we shall always and clearly display enough information to let you know of such recording,
any information that can be legally inferred from the data we process,
any personal information collected either directly, through forms or data entry fields on our website, or through passive collection by cookies, browsing history and other data collection technologies,
data from public sources, or that is part of your profile on a social network and that you have made available to us,
those related to financial solvency and creditworthiness which may be checked at public credit worthiness registers with outstanding obligations, prior to or during a contract with us,
4. For which purposes we use your personal data and which are the legal basis for them?
To manage your contract requests with Guwertec For certain contract request with Guwertec you will have to fill out a contract application beforehand. For cards which are commercialized by Guwertec, or for LPG or fuel supply, for example, we will process the data you provide us for the management of your contract request; and we will also process the data obtained from common data files related to the compliance or non-compliance of financial obligations in order to analyze the contract and to make a decision on whether to move forward or not with the application process.The legal basis that enables us to process your data is the execution of a contract request, together with our legitimate interest related to the common data files consultation.
5. How do we secure your information?
We commit to processing your data in accordance with the applicable regulations and, in particular, using the appropriate organizational and technical measures to guarantee an appropriate level of security, ensuring the confidentiality integrity, availability, and resilience of processing services and systems at all times.
6. With whom will we share your personal data?
In case we intend to lawfully transfer or share your personal data, when collecting your information, we will inform you of the identity or category of recipient, such as:
- Third parties to which we are legally bounded to provide your data, for example social security or administrative and tax authorities.
- Third parties to which we need to provide your data to confirm that you belong to a certain group, if you wish to avail of an offer available to said group.
- Entities that subsidize training activities.
- Third parties which require to process your data for the fulfillment of the relationship you have with us.
- Other third parties, in the case that you have provided your consent.
- Financial solvency and creditworthiness Registries for the compliance of financial obligations.
When providing certain services, we may give access to your personal data to providers that may or may not be group companies. They shall process those data as Data Processors and are bound to processing your data in accordance with the applicable regulations and, in particular, the Data Controller imposed appropriate organizational and technical measures, which guarantee an appropriate level of security.
We also inform you that some of these companies are located in territories outside the European Union and which may not provide an equivalent level of data protection comparable to that of the European Economic Space (EES). However, we will transfer your data, always under an adequate and lawful guarantee mechanisms established for that purpose in the European Regulations.
7. How long do we retain your information?
In each case, we will inform you which is the retaining period. Your data will be process during your relationship with Guwertec. Once our relationship is finalized, we shall keep your data duly blocked for the time-barring of the civil, criminal, commercial and/or administrative proceedings.
In the case of Online Services, Guwertec will process your personal data for the time you remain subscribe and using the Service. However, in case you do not actively use your account or any of our online services for a 2-year period, we shall cancel Your Account and thus, block your data.
8. What are your rights?
At any time, you may execute several rights concerning the processing of your personal data. Every person has these rights and, consequently, they cannot be waived. Below, we will describe and explain each of these rights:
Right of access. By exercising this right, you can find out information about how we process your personal data.
Right to rectification. You may correct or modify your data if they are inexact or incomplete, in order to ensure that we have your correct details.
Right to erasure (or the right to be forgotten). You may request that your data be deleted in one of the established cases under the applicable regulation. For example, in the event of illegal data processing or when the initial purpose for processing or collection no longer exists. However, the said regulation includes a series of exceptions where this right does not apply. For example, when the right of freedom of expression and information must prevail.
Right to object. By having recourse to this right, you may oppose the processing of your personal data: (i) when, for reasons regarding your personal circumstances, your data must no longer be processed, exception made of any situation under which we can demonstrate compelling legitimate grounds or when the processing is necessary for the establishment, exercise or defense of legal claims, and/or (ii) when processing is carried out for direct marketing purposes.
Right to restriction of processing. You may request that we restrict the processing of your personal data (i) while we are investigating the accuracy of data, when this accuracy has been refuted (ii) when this processing is unlawful but you oppose to your data being deleted and, instead, request this limitation (iii) when you need your data in the case of a claim (iv) and even when you have opposed the processing of your personal data to fulfill a mission of public interest or to satisfy a lawful interest, which must be checked. In these cases, we will only conserve data to make or defend ourselves against claims.
Right to data portability. You can request the portability of your data in electronic format, as well as request they be transferred to another entity.
Furthermore, you can withdraw your consent at any time, without this affecting the lawfulness of any processing already carried out. The request to this effect should be sent to the address indicated in the previous paragraph. In this case it is also necessary that you attach a copy of your DNI or equivalent national identity document.
9. What is our policy regarding children?
We do not knowingly solicit or collect personal data from children below the age of 14; mostly, Guwertec deals with 18th year old people. Nevertheless, there may be some exceptional cases where, in the course of a promo or a contest, we may collect 14th year old data though always subject to prior parent and/or guardian’s written and explicit consent and/or authorization.
If you’re under the age of 14 we kindly ask you to wait to be a bit older to interact with us or ask a parent or guardian to contact us. We can’t collect and use your Personal Data without their agreement. If we discover that we have unintentionally collected personal data from a child below 14, we will remove that child’s personal data from our records promptly.
Regarding social networks, we recommend parents and/or guardians regularly check and supervise the internet activity of their children. Please make sure that your children do not give out their personal data without your authorization and consent.
You can exercise the rights of persons under 14 years of age at any time by certifying your legitimate right to do so.
10. What happens if you provide us with the data of a third party?
In the event that, as a result of your relationship with us, you provide us with a third party’s personal data, we remind you that you are solely responsible for (i) having obtained his or her prior consent to communicate their personal data to Guwertec in connection with the purpose about which you are informed by us each time, and (ii)for having informed said third party of the terms established in this Policy.
You are responsible for holding Guwertec harmless for any liability derived from the lack of information a-nd/or consent to or from the said third party.
11. What happens to my data when I forward/share any of the Online Service content with someone else?
Some of our Online Services may give you the option of forwarding/sharing some content with another individual, although you should be aware that it is you who is performing this action through your own means. Guwertec does not send or use any information or data of these third parties to/with whom you wish to forward or share any data.
12. Can we change the terms of our Policy?
13. What are your responsibilities
You are responsible for each piece of data that you provide us with, as well as both for its veracity, inaccuracy, updates, validity, and authenticity and for your consent regarding the use and processing of such data. You are likewise responsible for any third-party data that you facilitate to us and for which communication you are obliged to obtain consent. Do not forget that you are responsible for periodically consulting this Policy as well as any future updates thereto.