Avisos de privacidad
We protect your personal data
The protection of your privacy and your personal data is a priority for us. This Privacy Notice explains what type of personal data we will request or gather from you, how, for what purpose, and who it can be shared with or disclosed to.
Who is Responsible for processing?
The party Responsible for processing is an individual or legal entity or organization that, independently or together with others (parties co-responsible for processing) determines the purposes for which the data is requested, gathered and used, as well as what data is processed, for how long, or which third parties can be authorized to access such data.
With respect to your personal data as a Candidate, we, the companies TERMINAL DE CONTENEDORES DE TENERIFE, S.A.U. (NIF A76567619), ALEATICA, S.A.U. (NIF A82871369) and SECONMEX Administración S.A. de C.V. (SAD 030619 – QK7) are the parties co-responsible for processing, as defined in the Data Protection Standards.
What kinds of data can we request or gather from you?
We will request or gather personal data about you such as the following:
- Full name
- Age and/or date of birth
- Gender
- Contact information (mailing address, email, land or mobile phone number)
- Nationality
- Tax ID number or passport
- Prior professional experience
- Education
- Signature
- Current salary range
- Economic expectation
- References from your superiors, colleagues and/or subordinates at prior work experiences
Why do we obtain and process your data?
The personal data you provide to us or that we obtain about you shall be processed for the purposes indicated in this section.
By requesting or agreeing to participate in a selection process, such request or acceptance shall be understood as consent for the processing of your personal data for the following purposes, all required within the framework of the selection process:
- Assessment of your candidacy: analysis of your professional profile, verification of your experience and previous professional references.
- Execution of the controls required by our compliance policies for selection processes, such as aptitude controls and trustworthiness for certain work positions (for example, specific training, expert knowledge, no criminal record, etc.)
- Assessment and issuance of an economic offer: if selected.
- Audit verifying compliance with our selection standards and processes.
We shall also request your consent to:
- Maintain you as part of a group of potential candidates if you are not selected, so that we can contact you if we start other selection processes that may be suitable for you (for the same company you selected or for another of our Group companies).
- Execution of medical and/or toxicological exams that may be required to determine the eligibility of candidates for certain work positions (for example, for those that involve the handling of hazardous resources). You can opt to refuse these tests, although such refusal shall signify your exclusion from such selection processes.
Who can we share your data with?
We can share your personal data with the following entities:
- Other Companies of our Business Group that may require candidates with your profile for their selection processes. You can consult the list of these Companies at www.aleatica.com.
- Other Companies of our Business Group (and potentially third parties, such as Selection agencies or Headhunters) to which we may entrust management of this or other future selection processes, on our behalf and under our responsibility.
- Entity owner of the building where our offices are located, to manage access thereto for attendance at face-to-face selection interviews.
- Public administrations, police authorities, judges and/or courts of justice if information is requested in the course of legal investigations and in compliance with the guarantees required under the applicable standards.
Where is your personal data processed?
The entities of our Corporate Group are located in Chile, Colombia, Mexico, Peru and in the European Union (Spain and Italy).
We store the personal data we obtain and gather from Candidates on Microsoft Azure servers located in Europe.
However, if you are a candidate in the European Economic Area (“EEA”), or are requesting a position in such territory, it is important that you know that, if we communicate your information to countries outside of the European Economic Area, this is done with your consent, or in accordance with the European Commission Standard Contractual Clauses or other legally acceptable mechanisms with the objective of guaranteeing an adequate level of protection. You can request information or a copy of any documentation that supports the provision of the adequate or appropriate guarantees provided to protect the personal data transferred outside of the EEA using the contact methods provided in Section 9 of this Privacy Notice.
What rights do you have over your personal data?
The Data Protection Laws recognize the following rights (non-exhaustive list):
- Access the personal data we process on your behalf, and know the origin of the data, the purposes for which it is processed and for how long, the information on the party or parties responsible for processing, and the third parties to whom the data may have been disclosed.
- Revoke your consent at any time, when the processing of the data requires your authorization.
- Update or correct your personal data to guarantee it is accurate and up to date.
- Request that your personal data that is unnecessary or irrelevant for the purposes reported in this Privacy Notice be deleted or cancelled.
- Restrict the processing of your personal data in some cases, such as when you question the accuracy of the data, for the time it takes us to verify it.
- Obtain your personal data in electronic form, for you or for your new employer.
- File claims with us and/or with the Data Protection Authorities.
- In cases where permitted by the Data Protection standard, you have the right to oppose the processing of your personal data or ask to stop processing it (for example, if we contact you through professional social media like LinkedIn and you are not interested in the selection process we are proposing). When you exercise this right, we will no longer process your data beyond the limits permitted by the applicable standards.
For how long will we process your data?
If you participate in a selection process, are not selected, and DO NOT AUTHORIZE OUR processing of your data for future selection processes. | We will process your data
|
If you participate in a selection process, are not selected, and AUTHORIZE OUR processing of your data for future selection processes. | We will process your data
|
If you submit a voluntary application authorizing processing of your data | We will process your data
|
If you are selected for an open position |
|
How can you contact us and exercise your rights?
If you have any questions or consultations about how we process your personal data, or if you want to exercise any of the rights described in Section 6 of this Privacy Notice, you can contact us:
- By mail:
ALEATICA, S.A.U. (indicating that you are an employee of TERMINAL DE CONTENEDORES DE TENERIFE S.A.U.)
Paseo de la Castellana, 259 C, Planta 15 Norte,
Torre de Cristal,
28046 Madrid – ESPAÑA
- Using the web form available at https://www.aleatica.com/derechos-proteccion-de-datos/
- By email at: dpo@prealeatica.aleatica.com
You can also get protection of your rights from the Spanish Data Protection Agency through their website www.aepd.es.
How often is this Privacy Notice updated?
We review this Privacy Notice regularly. The last version was updated in August 2021.
Roadside assistance and video surveillance privacy notice
TERMINAL DE CONTENEDORES DE TENERIFE, S.A.U. (hereinafter, “TCT”), of Vía Servicio s/n – Nueva Terminal del Dique del ES, Santa Cruz de Tenerife and NIF A-76567619 hereby makes the following information available to you with respect to the processing of the personal data (images) gathered or collected occasionally through the recordings made by the camera or video camera systems integrated into its installations (hereinafter, “Personal Data”).
Purpose: The Personal Data collected is processed by TCT for the purpose of preserving and guaranteeing the security of people and their belongings, as well as the installations themselves.
Legal grounds: The legal ground for the processing of your Personal Data consists of TCT legitimate interest in preserving and guaranteeing the security of the people and their belongings, as well as the installations themselves.
Recipients: Generally speaking, your Personal Data shall not be communicated to third parties, except when necessary to comply with a legal obligation in the context of the investigation and prosecution of a crime or illegal administrative acts, in which case your Personal Data may be communicated to the State Security Forces and Bodies, Judges and Courts and/or the Tax Ministry.
Retention The Personal Data shall be retained for a maximum period of one month after capture, and after such term shall be suppressed.
Notwithstanding the above, if the images collected may have captured the commission of a crime or an administrative infraction that must be made known to an authority, the images may be retained for a period of time longer than the initial month, for the sole purpose of making them available to the State Security Forces and Bodies, Judges and Courts and/or the Tax Ministry.
Rights: You can direct your requests for access, correction, suppression, opposition or limitation of processing by addressing a written request to the address indicated above, or to the email address dpo@prealeatica.aleatica.com, providing a copy of your National Identity Document (DNI) or another equivalent official document, as well as any information that may be necessary to identify you.
If you have any questions or require any additional information, please contact TCT at the mailing address or email address indicated above.
We would also like to inform that you have the right to seek protection of your rights from the Spanish Data Protection Agency through their website www.aepd.es.
TERMINAL DE CONTENEDORES DE TENERIFE, S.A.U. (hereinafter, “TCT”), of Vía Servicio s/n – Nueva Terminal del Dique del ES, Santa Cruz de Tenerife and NIF A-76567619 hereby makes the following information available to you with respect to the processing of the personal data (images) gathered or collected occasionally through the recordings made by the camera or video camera systems integrated into its installations (hereinafter, “Personal Data”).
Purpose: The Personal Data collected is processed by TCT for the purpose of preserving and guaranteeing the security of people and their belongings, as well as the installations themselves.
Legal grounds: The legal ground for the processing of your Personal Data consists of TCT legitimate interest in preserving and guaranteeing the security of the people and their belongings, as well as the installations themselves.
Recipients: Generally speaking, your Personal Data shall not be communicated to third parties, except when necessary to comply with a legal obligation in the context of the investigation and prosecution of a crime or illegal administrative acts, in which case your Personal Data may be communicated to the State Security Forces and Bodies, Judges and Courts and/or the Tax Ministry.
Retention The Personal Data shall be retained for a maximum period of one month after capture, and after such term shall be suppressed.
Notwithstanding the above, if the images collected may have captured the commission of a crime or an administrative infraction that must be made known to an authority, the images may be retained for a period of time longer than the initial month, for the sole purpose of making them available to the State Security Forces and Bodies, Judges and Courts and/or the Tax Ministry.
Rights: You can direct your requests for access, correction, suppression, opposition or limitation of processing by addressing a written request to the address indicated above, or to the email address dpo@prealeatica.aleatica.com, providing a copy of your National Identity Document (DNI) or another equivalent official document, as well as any information that may be necessary to identify you.
If you have any questions or require any additional information, please contact TCT at the mailing address or email address indicated above.
We would also like to inform that you have the right to seek protection of your rights from the Spanish Data Protection Agency through their website www.aepd.es.
We protect your personal data
In the same way that we are concerned about your safety, the protection of your privacy and your personal data is also a priority for us. In this Privacy Notice, we explain what type of personal data we will request or gather from you, how, for what purpose, and who it can be shared with or disclosed to.
- Who is the Party Responsible for processing?
The Party Responsible for processing is an individual or legal entity or organization that, independently or together with others (parties co-responsible for processing) determines the purposes for which the data is requested, gathered and used, as well as what data is processed, for how long, or which third parties can be authorized to access such data. With respect to your personal data as an employee, We, the companies TERMINAL DE CONTENEDORES DE TENERIFE, S.A.U. (NIF A76567619), ALEATICA, S.A.U. (NIF A82871369) and SECONMEX Administración S.A. de C.V. (SAD 030619 – QK7), are the parties co-responsible for Processing, as defined under the Data Protection Standards.
- What kinds of data can we request or gather from you?
We can ask you for, or collect from you, personal data such as—among others—the following: Full name, Age/date of birth, Gender, Contact information (address, email, phone number), Nationality, Tax identification number (NIF) or passport (eventually a copy of such as well), Prior professional experience, Education, IBAN number, Other information that may be required by public forms for tax payment and compliance with public and/or financial obligations, Position, Signature, Biometric data for authentication, Eventually, health data that may be relevant for the prevention of labor risks, which whenever possible shall be related to the purposes for which they were gathered, shall be maintained separate and protected, with limited access to Service.
During the labor relationship, we may process other labor information, including but not limited to, performance evaluations or investigation results, according to the terms set forth in this Privacy Notice.
- Why do we obtain and process your data?
The personal data you provide to us or that we obtain about you shall be processed for different purposes, as explained in this section, for which we shall request your consent, unless not required in accordance with the applicable standard:
Purpose | Do we need your consent? |
In addition, we can process your personal data, specifically your health data, for the provision of coverage services for work, professional illness or work accident contingencies, within the limits set out in the current legislation. We will receive the conclusions of the recognitions made with respect to the aptitude of the worker for execution of the functions of their position, as well as the need to introduce or improve protection and prevention measures related to such, in order for them to correctly develop their functions in a preventive fashion. | No, the processing of your personal data for these purposes is necessary for the appropriate management and execution of the labor relationship, as well as for compliance with our legal obligations (e.g., Obligations related to worker status, the Labor Risk Prevention law, the General Social Security Law, the IRPF Law, etc.) |
| No, the purposes indicated herein are necessary for compliance with our obligations related to labor risk prevention, protection of the confidential information and personal data we process, as well as our legitimate interest in protecting our corporate assets. However, we will request your consent when we request your identification or authentication through biometric information (fingerprints, image, voice identification, etc.) if the request in question is not covered by the law. When the processing of your data requires your consent, we will guarantee your freedom to grant it. |
| No, these operations are in response to a legitimate interest of the parties co-responsible for Processing. When in the framework of such it is necessary to process your personal data, such processing shall be strictly as necessary, and shall be given pseudonyms or made anonymous whenever possible for the intended legitimate purpose. |
This purpose includes follow-up and monitoring of the audits and investigations (including monitoring and audits of worker use of IT Systems and access to content that is processed, used, uploaded/downloaded or stored through such, as well as investigations of reports submitted via the Ethics Channel) to verify compliance with the internal policies and other obligations of a labor nature, as well as compliance with any legal and contractual obligations, as well as obligations related to the prevention of crime and fraud. | No, these operations are in response to a legitimate interest of the companies that are co-responsible for the Processing. However, exercise of these controls and monitoring thereof shall be performed in compliance with the requirements and guarantees for protection of worker privacy recognized in the labor and personal data protection laws. |
- Who can we share your data with?
In order to comply with legal obligations, personal data can be communicated to the following entities:
- The entity that provides the work risk prevention service.
- Social Security mutual work accident and professional illness agencies for delivery of work accident and professional illness coverage.
- Public Administration (Tax Authority, Social Security, etc.).
- Financial entities, for the payment of payroll.
- Issuing company of daycare and/or food checks.
- Insurance companies and insurance mediators through which we may contract collective policies, in the case that the employee requests health, life and accident insurance (you can consult the data of the referred insurance companies and insurance mediators directly with Human Resources).
- Entity owner of the building where the offices are located, to manage access thereto.
- Courts and tribunals, in the case of requests for information that require communication of your data, or judicial process in progress to which you may be party or be a witness.
- Educational entities.
- Advisory firms and independent firms that collaborate on compliance investigations and audits
- Entities to which payroll management may be outsourced.
- Grupo ALEATICA entities: Access and processing of personal data by entities of Grupo ALEATICA, the composition of which may be consulted at www.aleatica.com, shall be carried out as necessary to the extent in which (i) they participate (at each point in time) in the adoption, implementation or control of any decision of Grupo ALEATICA (for business, HR, IT, compliance, legal, financial accounting and internal audit) that affect their labor rights and obligations (decisions that must be designed, implemented and supervised at the global level) and/or (ii) that (at any point in time) use any member of their hierarchical line.
- Where is your personal data processed?
Some of the entities and suppliers of Grupo ALEATICA are located in countries outside of the European Economic Area (“EEA”) and therefore have data protection standards that are not comparable to the standards of the EEA states. However, transfers outside of the EU are performed in accordance with the European Commission Standard Contractual Clauses or other legally acceptable mechanisms with the objective of guaranteeing an adequate level of protection. You can request a copy of any documentation that shows that the guarantees appropriate or required to protect the personal data transferred outside of the EEA have been provided through the methods of contact indicated in section 8 of this Privacy Notice.
- What rights do you have over your personal data?
Organic Law 3/2018, of December 5, addressing Personal Data Protection and the guarantee of digital rights and its regulations (EU) 2016/679 of the European Parliament and the Board of April 27, 2016, related to the protection of individuals with respect to the processing of personal data and the free circulation of this data, recognizes the rights to:
- Access the personal data we process on your behalf, and know the origin of the data, the purposes for which it is processed and for how long, the information on the party or parties responsible for processing, and the third parties to whom the data may have been disclosed.
- Revoke your consent at any time, when the processing of the data requires your authorization.
- Update or correct your personal data to guarantee it is accurate
- Request that your personal data that is unnecessary or irrelevant for the purposes reported in this Privacy Notice be deleted.
- Restrict the processing of your personal data in some cases, such as when you question the accuracy of the data, for the time it takes us to verify it.
- Obtain your personal data in electronic form, for you or for your new employer.
- In cases where permitted by the data protection standard, you have the right to oppose the processing of your personal data or request that we stop processing it (for example, for business communications). When you exercise this right, we will no longer be able to process your data beyond the limits permitted or allowed by the applicable standards.
- File claims with us and/or with the data protection authorities
- For how long will we process your data?
Your data shall be safeguarded visibly during the term of the contract and through compliance with the legal and contractual obligations derived therefrom.
After this period has passed, the data shall be blocked; that is, it shall be retained—duly protected—but shall only be accessible by the personnel who so require to attend to any potential responsibilities that may arise from the contractual relationship, or for compliance with legal obligations (tax payments, social security fees, labor risk prevention obligation compliance, defense against the levying of administrative or criminal liability attributable to the legal entities, data protection obligations, etc.) during the term before the statute of liabilities for such expires.
At the end of the corresponding statute of liability terms, the data shall be deleted if there are no ongoing legal or administrative proceedings, and if there is no legal obligation to retain the documentation for such proceedings.
- How can you contact us and exercise your rights?
If you have any questions or consultations about how we process your personal data, or if you want to exercise any of the rights described in Section 6 of this Privacy Notice, you can contact us:
- By mail:
ALEATICA, S.A.U.
Paseo de la Castellana, 259 C, Planta 15 Norte,
Torre de Cristal,
28046 Madrid – ESPAÑA
- Using the web form available at https://www.aleatica.com/derechos-proteccion-de-datos/
- By email at: dpo@prealeatica.aleatica.com
You can also get protection of your rights from the Spanish Data Protection Agency through their website www.aepd.es.
This Privacy Notice was updated in September 2021
We protect your personal data
Protection of your privacy and your personal data is also a priority for Terminal de Contenedores de Tenerife S.A.U. This Privacy Notice explains what type of personal data we request or gather, how, for what purpose, and who it can be shared or disclosed to.
- Who is the party Responsible for processing?
The party Responsible for processing is an individual or legal entity or organization that, independently or together with others (parties co-responsible for processing) determines the purposes for which the data is requested, gathered and used, as well as what data is processed, for how long, or which third parties can be authorized to access such data.
With respect to your personal data
- Aleatica S.A.U. and Seconmex Administración S.A. de C.V. (hereinafter, jointly, ALEATICA) are the entities co-responsible for the Processing of personal data in the approval process.
- Terminal de Contenedores de Tenerife S.A.U., as the contracting company, shall be Responsible for the Processing of personal data for formalization and execution of the services contract and compliance with the legal and contractual obligations arising therefrom.
- What information and documentation can we request?
During the Supplier approval process, we may ask you for a series of documentation, which is necessary to verify that you as a supplier (in the case of individuals) or a company (legal entity or corporation) meet the legal requirements for development of the activity offered by the Supplier. The documentation we will request from you will depend on the country or countries where you will provide services as a supplier. Below we explain what documentation may be requested, some of which may contain personal data of individuals to whom you must provide the information set forth in this Privacy Notice.
Document | Justification |
Tax registry based on the legislation of the Country (RFC, RUT, NIF, updated RUC, VAT etc.) | Verify registration of the supplier as a taxpayer |
Legible incorporation papers of the company that include the full company name, which must coincide with the name registered in the Tax Registry and contain the corporate purpose described in the Approval Certificate | Verify that the Supplier is validly incorporated, and that the Service offered to Aleatica is part of its corporate purpose |
Notarized power of attorney with the name of the legal representative and the company name registered with the Tax Registry | Verify that the person acting in representation of the Supplier has sufficient representation, and has the power to perform administrative acts. |
Proof of address (not more than three months old) or Bank Account Statement that contains the supplier’s company address (location where the company or supplier can be found), if applicable for the country | Verify the Supplier’s (corporate) address, which—when applicable—shall be used in the Contract and to which the official communications that may be made by the contracting Grupo Aleatica companies shall be delivered.
|
Certificate of Bank Ownership of Bank statement of account made out in the supplier’s company name (not more than three months old) showing the bank and the account number where payment of the consideration shall be made or a letter signed and stamped (if possible) by the bank executive | Verify ownership of the bank account to which the payments will be made, for purposes of compliance with the payment obligations arising under the contract, as well as fraud prevention, money laundering and anti-corruption. |
Employer ID card or Registration with Social Security signed digitally or by hand, which contains the supplier’s company name and a digital or ink stamp by Social Security | Verify that the Supplier is registered as an employer and a contributor of the corresponding social security obligations. |
Certifications supporting the fact that the Supplier is current on its Social Security payments | Verify that the Supplier is current on the payment of its Social Security obligations, and—if applicable—release Aleatica from the liability (several or subsidiary) that may be determined against it under the applicable legislation in the case of (sub) contracting of services from suppliers with current debts. |
Certifications that prove that the Supplier is current on the payment of its tax obligations, in the terms required by the applicable regulations. | Verify that the Supplier is current on the payment of its tax obligations, and release Aleatica from the liabilities (several or subsidiary) that may be determined against it under the applicable legislation in the case of (sub) contracting of services from suppliers with current debts. |
Co-active Debt Statement Report | Verify that the Supplier has no seizures for unpaid tax amounts. |
Share Structure Certificate | Verify who—if applicable—the Supplier’s shareholders are; for example, for performing due diligence processes and verification that there are no potential conflicts of interest. |
In addition, if as a Supplier, you are approved for the signing of the Contract, Terminal de Contenedores de Tenerife S.A.U. will request confirmation of the identity of the individuals who, based on the powers of attorney provided, act as the Supplier’s representatives, and who will sign on behalf thereof, specifically:
- Signing of the contract through electronic certification issued by an official authority, after verification of the identity of the owner thereof (in countries and jurisdictions where these are valid), or
- Otherwise, a legible copy (on both sides, for documents that so require) of a valid official ID (NIF, NIE, Passport, Identity Card, Citizenship Card, Voter ID card, or Professional License, etc.)
- Why do we obtain and process this information and—when applicable—the personal data we request?
The Personal Data Protection regulations allow us to process the personal data of the individuals referred to in Section 2 of this Privacy Notice without needing to obtain the consent of the owners thereof, to comply with our legal or contractual obligations, or based on our legitimate interest of performing compliance and due diligence controls, both prior to the contract and throughout the term of the business relationship.
Specifically, Aleatica S.A.U and Seconmex Administración S.A. de C.V. shall process the personal documentation and information provided by the Supplier for the following purposes:
- Adoption of pre-contractual due diligence measures and supplier approval
- Compliance and Monitoring: compliance with internal policies, as well as any legal or contractual obligation, compliance with legal and administrative requirements, requirements of legal processes, exercise of legal rights and recourses, legal defense and management of any claim or complaint. This purpose includes the prevention of crime and fraud.
Terminal de Contenedores S.A.U. shall process the personal documentation and information provided by the Supplier, in addition to the above purposes, for the following:
- Formalization, maintenance, compliance, development, control and execution of the Contract.
- Execution of rights and compliance with legal obligations, such as defense if tax or social security liability is claimed against us, response to official information requirements issued by public authorities, courts and tribunals, etc.
- Exercise of rights of defense and legal and out-of-court claims.
- Commercial operations: management and protection of the assets of ALEATICA and/or other entities of Grupo ALEATICA (including any intellectual and industrial property rights, confidential information and IT systems), strategic planning, project management, gathering of audit evidence and other reporting tools, maintenance of records related to business activities, budgets, and financial management
- Who can we share your data with?
We may use the documentation we request from you and that you provide to us or that we obtain from the due diligence controls with:
- Other companies of Grupo Aleatica (the ALEATICA supplier approval process enables the supplier to enter into service contracts with any of the Grupo ALEATICA companies, thus optimizing the contracting process).
- IT service providers that process the personal data on behalf and based on the instructions of ALEATICA (such as data storage service providers, IT maintenance and support, cybersecurity controls, etc.).
- Advisory firms and independent firms that collaborate on compliance investigations and audits.
- Financial entities, for the payment of fees.
- Competent public administrations due to legal obligation.
- Courts, Tribunals and Tax Ministry, when applicable.
- Where is your personal data processed?
The documentation and data you provide to us shall be processed by Aleatica S.A.U. in Spain and by Seconmex Administración S.A. de C.V. in Mexico, both companies being subject to the European General Data Protection Regulation (GDPR), and Organic Law 3/2018 of December 5, for Protection of Personal Data and guarantee of digital rights in Spain, using permanent methods in this country for execution of this activity.
In addition, Seconmex Administración S.A. de C.V. shall be subject to the Federal Law for Protection of Personal Data Held by Private Parties and the Regulations for development thereof.
The information and documentation you provide to us shall be stored by:
- OVH Hispano SL on servers located in France and Canada
- Microsoft in a Data Center located in Europe
The Aleatica approval process verify the appropriateness of the suppliers based on legal and corporate criteria, and shall enable you to enter into contracts with any of the companies of our Business Group, which you can consult at www.aleatica.com. Some of the entities and suppliers of Grupo Aleatica are located in countries outside of the European Economic Area (“EEA”) and therefore have data protection standards that are not comparable to the standards of the EEA states. By requesting your approval, you agree that the results thereof and, when applicable, the documents provided during this process, shall be shared with these companies. If you do not agree to this, or if you would like to restrict the Companies of our group who have access to this documentation, please let us know by sending an email to dpo@prealeatica.aleatica.com. Keep in mind that this will mean that you cannot enter into contracts with such companies.
- What rights do you have over your personal data?
In accordance with the Personal Data Protection regulations applicable to Seconmex Administración S.A. de C.V. (Federal Law for Protection of Personal Data Held By Private Parties dated July 5, 2010 and the Regulations for development thereof of December 21, 2011) and to ALEATICA SAU (Organic Law 3/2018 of December 5, of Personal Data Protection and guarantee of digital rights; and Regulation (EU) 2016/679 of the European Parliament and the Board for protection of individuals with respect to the processing of personal data and the free circulation of such data, GDPR), the owner of the personal data may exercise the following rights:
- Access the personal data we process on your behalf, and know the origin of the data, the purposes for which it is processed and for how long, the information on the party or parties responsible for processing, and the third parties to whom the data may have been disclosed.
- Revoke consent at any time, when the processing of the data requires your authorization.
- Update or correct your personal data to guarantee it is accurate
- Request that your personal data that is unnecessary or irrelevant for the purposes reported in this Privacy Notice be deleted.
- Restrict the processing of your personal data in some cases, such as when you question the accuracy of the data, for the time it takes us to verify it.
- Obtain your personal data in electronic form, for such or for the new Party Responsible (in the case of processing of automated data that requires the consent of the owner of the data) and
- File claims with us and/or with data protection authorities
- In cases when so permitted by the data protection regulations, oppose the processing of your personal data or ask that we stop processing it. Exercise of this right shall imply that we will not be able to process your data beyond the limits permitted or allowed by the applicable standards.
- For how long will we process your data?
The documents provided by the Supplier during the approval process, and the personal data that such documentation may contain shall be processed:
- Suppliers that do not end up being approved
During the assessment and certification process. If the supplier is not approved, all of the documentation provided shall be blocked; that is, retained but with restricted access and available only to competent public authorities, courts and tribunals, to attend to responsibilities that may arise related to the processing of such information, and deleted completely after the statute of limitations has expired for such responsibilities.
- Suppliers that do end up being approved
During the assessment and certification process, throughout the entire term of the contractual relationship(s) that may be established and the conservation terms established in the applicable regulations (for example, the terms for conservation of the documentation that supports our accounting records).
At the end of such terms, the personal data shall be blocked; that is, it shall be retained exclusively to be made available to courts, tribunals, the Tax Ministry and public administrations during the terms of the statute of limitations for the actions and liabilities (civil, commercial, criminal, administrative, labor) that may arise from the contractual relationship and for which such data is, when applicable, relevant.
After such statutes of limitation have expired, if there are no open administrative or legal proceedings, the data shall be deleted.
- How can you contact us and exercise your rights?
If you have any questions or consultations about how we process your personal data, or if you want to exercise any of the rights described in Section 6 of this Privacy Notice, you can contact us by mail or email at:
- Mailing Address:
Aleatica SAU Paseo de la Castellana, 259 C. Piso 15 Madrid – 28046, España | Seconmex Administración S.A. de C.V. Boulevard Manuel Ávila Camacho No. 5 Edificio Toreo Parque Corporativo, Torre A, Piso 12, Colonia Lomas de Sotelo, C.P. 53390 Naucalpan de Juárez, Estado de México, México |
Terminal de Contenedores de Tenerife S.A.U. At the mailing address indicated in the Services Agreement |
|
- Using our web form for the exercise of Data protection rights
https://www.aleatica.com/derechos-proteccion-de-datos/
- Email:
dpo@prealeatica.aleatica.com
You can also access the protection of the data protection authorities:
- In Spain, Agencia Española de Protección de Datos (https://aepd.es)
- In México, Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales (INAI):https://home.inai.org.mx/
- How often is this Privacy Notice updated?
This Privacy Notice was updated in: December 2021.
TERMINAL DE CONTENEDORES DE TENERIFE, S.A.U. (hereinafter, “TCT”), of Vía Servicio s/n – Nueva Terminal del Dique del ES, Santa Cruz de Tenerife and NIF A-76567619 hereby makes the following information available to you with respect to the processing of the personal data (images) gathered or collected occasionally through the recordings made by the camera or video camera systems integrated into its installations (hereinafter, “Personal Data”).
Purpose: The Personal Data collected is processed by TCT for the purpose of preserving and guaranteeing the security of people and their belongings, as well as the installations themselves.
Legal grounds: The legal ground for the processing of your Personal Data consists of TCT legitimate interest in preserving and guaranteeing the security of the people and their belongings, as well as the installations themselves.
Recipients: Generally speaking, your Personal Data shall not be communicated to third parties, except when necessary to comply with a legal obligation in the context of the investigation and prosecution of a crime or illegal administrative acts, in which case your Personal Data may be communicated to the State Security Forces and Bodies, Judges and Courts and/or the Tax Ministry.
Retention The Personal Data shall be retained for a maximum period of one month after capture, and after such term shall be suppressed.
Notwithstanding the above, if the images collected may have captured the commission of a crime or an administrative infraction that must be made known to an authority, the images may be retained for a period of time longer than the initial month, for the sole purpose of making them available to the State Security Forces and Bodies, Judges and Courts and/or the Tax Ministry.
Rights: You can direct your requests for access, correction, suppression, opposition or limitation of processing by addressing a written request to the address indicated above, or to the email address dpo@prealeatica.aleatica.com, providing a copy of your National Identity Document (DNI) or another equivalent official document, as well as any information that may be necessary to identify you.
If you have any questions or require any additional information, please contact TCT at the mailing address or email address indicated above.
We would also like to inform that you have the right to seek protection of your rights from the Spanish Data Protection Agency through their website www.aepd.es.
TERMINAL DE CONTENEDORES DE TENERIFE, S.A.U. (en adelante, “TCT”), con domicilio en Vía Servicio s/n – Nueva Terminal del Dique del ES, Santa Cruz de Tenerife y CIF A-76567619 pone a su disposición la siguiente información en relación al tratamiento de los datos de carácter personal (imágenes) que hayan sido recabados o se recaben con ocasión de las grabaciones realizadas por los sistemas de cámaras o videocámaras integrados en sus instalaciones (en adelante, “Datos Personales”).
Finalidad: Los Datos Personales recabados son tratados por parte de TCT con el objetivo de preservar y garantizar la seguridad de las personas y sus bienes, así como de sus propias instalaciones.
Legitimación: La base legal para el tratamiento de sus Datos Personales lo constituye el interés público de TCT de preservar y garantizar la seguridad de las personas y sus bienes, así como de sus propias instalaciones.
Destinatarios: Con carácter general no se comunicarán sus Datos Personales a terceros, salvo en determinados supuestos como cuando sea necesario para dar cumplimiento a una obligación legal en el contexto de la investigación y persecución de delitos o ilícitos administrativos, en cuyo caso sus Datos Personales podrán ser comunicados a las Fuerzas y Cuerpos de Seguridad del Estado, a los Jueces y Tribunales y/o al Ministerio Fiscal.
Conservación: Los Datos Personales serán conservados durante un plazo máximo de un mes desde su captación, transcurrido este plazo se procederá a su supresión.
No obstante lo anterior, si las imágenes recabadas pudieran captar la comisión de un delito o una infracción administrativa que deba ser puesta en conocimiento de una autoridad, las imágenes podrán ser conservadas durante un periodo de tiempo superior al mes inicial, con el único fin de ponerlas a disposición de Fuerzas y Cuerpos de Seguridad del Estado, a los Jueces y Tribunales y/o al Ministerio Fiscal.
Derechos: Podrá dirigir sus solicitudes de acceso, rectificación, supresión, oposición o limitación al tratamiento, dirigiendo una solicitud por escrito a la dirección antes indicada o a la dirección de correo electrónico dpo@prealeatica.aleatica.com, aportando copia de su Documento Nacional de Identidad u otro documento oficial equivalente, así como cualquier otra información que pueda ser necesaria para identificarle.
Si tiene cualquier duda o desea más información, puede ponerse en contacto con TCT en la dirección postal o de correo electrónico arriba indicadas.
Le informamos de que tiene derecho a recabar la tutela de la Agencia Española de Protección de datos a través de su página web www.aepd.es.
We protect your personal data
In the same way that we are concerned about your safety, the protection of your privacy and your personal data is also a priority for us. In this Privacy Notice, we explain what type of personal data we will request or gather from you, how, for what purpose, and who it can be shared with or disclosed to.
- Who is the Party Responsible for processing?
The Party Responsible for processing is an individual or legal entity or organization that, independently or together with others (parties co-responsible for processing) determines the purposes for which the data is requested, gathered and used, as well as what data is processed, for how long, or which third parties can be authorized to access such data. With respect to your personal data as an employee, We, the companies TERMINAL DE CONTENEDORES DE TENERIFE, S.A.U. (NIF A76567619), ALEATICA, S.A.U. (NIF A82871369) and SECONMEX Administración S.A. de C.V. (SAD 030619 – QK7), are the parties co-responsible for Processing, as defined under the Data Protection Standards.
- What kinds of data can we request or gather from you?
We can ask you for, or collect from you, personal data such as—among others—the following: Full name, Age/date of birth, Gender, Contact information (address, email, phone number), Nationality, Tax identification number (NIF) or passport (eventually a copy of such as well), Prior professional experience, Education, IBAN number, Other information that may be required by public forms for tax payment and compliance with public and/or financial obligations, Position, Signature, Biometric data for authentication, Eventually, health data that may be relevant for the prevention of labor risks, which whenever possible shall be related to the purposes for which they were gathered, shall be maintained separate and protected, with limited access to Service.
During the labor relationship, we may process other labor information, including but not limited to, performance evaluations or investigation results, according to the terms set forth in this Privacy Notice.
- Why do we obtain and process your data?
The personal data you provide to us or that we obtain about you shall be processed for different purposes, as explained in this section, for which we shall request your consent, unless not required in accordance with the applicable standard:
Purpose | Do we need your consent? |
In addition, we can process your personal data, specifically your health data, for the provision of coverage services for work, professional illness or work accident contingencies, within the limits set out in the current legislation. We will receive the conclusions of the recognitions made with respect to the aptitude of the worker for execution of the functions of their position, as well as the need to introduce or improve protection and prevention measures related to such, in order for them to correctly develop their functions in a preventive fashion. | No, the processing of your personal data for these purposes is necessary for the appropriate management and execution of the labor relationship, as well as for compliance with our legal obligations (e.g., Obligations related to worker status, the Labor Risk Prevention law, the General Social Security Law, the IRPF Law, etc.) |
| No, the purposes indicated herein are necessary for compliance with our obligations related to labor risk prevention, protection of the confidential information and personal data we process, as well as our legitimate interest in protecting our corporate assets. However, we will request your consent when we request your identification or authentication through biometric information (fingerprints, image, voice identification, etc.) if the request in question is not covered by the law. When the processing of your data requires your consent, we will guarantee your freedom to grant it. |
| No, these operations are in response to a legitimate interest of the parties co-responsible for Processing. When in the framework of such it is necessary to process your personal data, such processing shall be strictly as necessary, and shall be given pseudonyms or made anonymous whenever possible for the intended legitimate purpose. |
This purpose includes follow-up and monitoring of the audits and investigations (including monitoring and audits of worker use of IT Systems and access to content that is processed, used, uploaded/downloaded or stored through such, as well as investigations of reports submitted via the Ethics Channel) to verify compliance with the internal policies and other obligations of a labor nature, as well as compliance with any legal and contractual obligations, as well as obligations related to the prevention of crime and fraud. | No, these operations are in response to a legitimate interest of the companies that are co-responsible for the Processing. However, exercise of these controls and monitoring thereof shall be performed in compliance with the requirements and guarantees for protection of worker privacy recognized in the labor and personal data protection laws. |
- Who can we share your data with?
In order to comply with legal obligations, personal data can be communicated to the following entities:
- The entity that provides the work risk prevention service.
- Social Security mutual work accident and professional illness agencies for delivery of work accident and professional illness coverage.
- Public Administration (Tax Authority, Social Security, etc.).
- Financial entities, for the payment of payroll.
- Issuing company of daycare and/or food checks.
- Insurance companies and insurance mediators through which we may contract collective policies, in the case that the employee requests health, life and accident insurance (you can consult the data of the referred insurance companies and insurance mediators directly with Human Resources).
- Entity owner of the building where the offices are located, to manage access thereto.
- Courts and tribunals, in the case of requests for information that require communication of your data, or judicial process in progress to which you may be party or be a witness.
- Educational entities.
- Advisory firms and independent firms that collaborate on compliance investigations and audits
- Entities to which payroll management may be outsourced.
- Grupo ALEATICA entities: Access and processing of personal data by entities of Grupo ALEATICA, the composition of which may be consulted at www.aleatica.com, shall be carried out as necessary to the extent in which (i) they participate (at each point in time) in the adoption, implementation or control of any decision of Grupo ALEATICA (for business, HR, IT, compliance, legal, financial accounting and internal audit) that affect their labor rights and obligations (decisions that must be designed, implemented and supervised at the global level) and/or (ii) that (at any point in time) use any member of their hierarchical line.
- Where is your personal data processed?
Some of the entities and suppliers of Grupo ALEATICA are located in countries outside of the European Economic Area (“EEA”) and therefore have data protection standards that are not comparable to the standards of the EEA states. However, transfers outside of the EU are performed in accordance with the European Commission Standard Contractual Clauses or other legally acceptable mechanisms with the objective of guaranteeing an adequate level of protection. You can request a copy of any documentation that shows that the guarantees appropriate or required to protect the personal data transferred outside of the EEA have been provided through the methods of contact indicated in section 8 of this Privacy Notice.
- What rights do you have over your personal data?
Organic Law 3/2018, of December 5, addressing Personal Data Protection and the guarantee of digital rights and its regulations (EU) 2016/679 of the European Parliament and the Board of April 27, 2016, related to the protection of individuals with respect to the processing of personal data and the free circulation of this data, recognizes the rights to:
- Access the personal data we process on your behalf, and know the origin of the data, the purposes for which it is processed and for how long, the information on the party or parties responsible for processing, and the third parties to whom the data may have been disclosed.
- Revoke your consent at any time, when the processing of the data requires your authorization.
- Update or correct your personal data to guarantee it is accurate
- Request that your personal data that is unnecessary or irrelevant for the purposes reported in this Privacy Notice be deleted.
- Restrict the processing of your personal data in some cases, such as when you question the accuracy of the data, for the time it takes us to verify it.
- Obtain your personal data in electronic form, for you or for your new employer.
- In cases where permitted by the data protection standard, you have the right to oppose the processing of your personal data or request that we stop processing it (for example, for business communications). When you exercise this right, we will no longer be able to process your data beyond the limits permitted or allowed by the applicable standards.
- File claims with us and/or with the data protection authorities
- For how long will we process your data?
Your data shall be safeguarded visibly during the term of the contract and through compliance with the legal and contractual obligations derived therefrom.
After this period has passed, the data shall be blocked; that is, it shall be retained—duly protected—but shall only be accessible by the personnel who so require to attend to any potential responsibilities that may arise from the contractual relationship, or for compliance with legal obligations (tax payments, social security fees, labor risk prevention obligation compliance, defense against the levying of administrative or criminal liability attributable to the legal entities, data protection obligations, etc.) during the term before the statute of liabilities for such expires.
At the end of the corresponding statute of liability terms, the data shall be deleted if there are no ongoing legal or administrative proceedings, and if there is no legal obligation to retain the documentation for such proceedings.
- How can you contact us and exercise your rights?
If you have any questions or consultations about how we process your personal data, or if you want to exercise any of the rights described in Section 6 of this Privacy Notice, you can contact us:
- By mail:
ALEATICA, S.A.U.
Paseo de la Castellana, 259 C, Planta 15 Norte,
Torre de Cristal,
28046 Madrid – ESPAÑA
- Using the web form available at https://www.aleatica.com/derechos-proteccion-de-datos/
- By email at: dpo@prealeatica.aleatica.com
You can also get protection of your rights from the Spanish Data Protection Agency through their website www.aepd.es.
This Privacy Notice was updated in September 2021
We protect your personal data
Protection of your privacy and your personal data is also a priority for Terminal de Contenedores de Tenerife S.A.U. This Privacy Notice explains what type of personal data we request or gather, how, for what purpose, and who it can be shared or disclosed to.
- Who is the party Responsible for processing?
The party Responsible for processing is an individual or legal entity or organization that, independently or together with others (parties co-responsible for processing) determines the purposes for which the data is requested, gathered and used, as well as what data is processed, for how long, or which third parties can be authorized to access such data.
With respect to your personal data
- Aleatica S.A.U. and Seconmex Administración S.A. de C.V. (hereinafter, jointly, ALEATICA) are the entities co-responsible for the Processing of personal data in the approval process.
- Terminal de Contenedores de Tenerife S.A.U., as the contracting company, shall be Responsible for the Processing of personal data for formalization and execution of the services contract and compliance with the legal and contractual obligations arising therefrom.
- What information and documentation can we request?
During the Supplier approval process, we may ask you for a series of documentation, which is necessary to verify that you as a supplier (in the case of individuals) or a company (legal entity or corporation) meet the legal requirements for development of the activity offered by the Supplier. The documentation we will request from you will depend on the country or countries where you will provide services as a supplier. Below we explain what documentation may be requested, some of which may contain personal data of individuals to whom you must provide the information set forth in this Privacy Notice.
Document | Justification |
Tax registry based on the legislation of the Country (RFC, RUT, NIF, updated RUC, VAT etc.) | Verify registration of the supplier as a taxpayer |
Legible incorporation papers of the company that include the full company name, which must coincide with the name registered in the Tax Registry and contain the corporate purpose described in the Approval Certificate | Verify that the Supplier is validly incorporated, and that the Service offered to Aleatica is part of its corporate purpose |
Notarized power of attorney with the name of the legal representative and the company name registered with the Tax Registry | Verify that the person acting in representation of the Supplier has sufficient representation, and has the power to perform administrative acts. |
Proof of address (not more than three months old) or Bank Account Statement that contains the supplier’s company address (location where the company or supplier can be found), if applicable for the country | Verify the Supplier’s (corporate) address, which—when applicable—shall be used in the Contract and to which the official communications that may be made by the contracting Grupo Aleatica companies shall be delivered.
|
Certificate of Bank Ownership of Bank statement of account made out in the supplier’s company name (not more than three months old) showing the bank and the account number where payment of the consideration shall be made or a letter signed and stamped (if possible) by the bank executive | Verify ownership of the bank account to which the payments will be made, for purposes of compliance with the payment obligations arising under the contract, as well as fraud prevention, money laundering and anti-corruption. |
Employer ID card or Registration with Social Security signed digitally or by hand, which contains the supplier’s company name and a digital or ink stamp by Social Security | Verify that the Supplier is registered as an employer and a contributor of the corresponding social security obligations. |
Certifications supporting the fact that the Supplier is current on its Social Security payments | Verify that the Supplier is current on the payment of its Social Security obligations, and—if applicable—release Aleatica from the liability (several or subsidiary) that may be determined against it under the applicable legislation in the case of (sub) contracting of services from suppliers with current debts. |
Certifications that prove that the Supplier is current on the payment of its tax obligations, in the terms required by the applicable regulations. | Verify that the Supplier is current on the payment of its tax obligations, and release Aleatica from the liabilities (several or subsidiary) that may be determined against it under the applicable legislation in the case of (sub) contracting of services from suppliers with current debts. |
Co-active Debt Statement Report | Verify that the Supplier has no seizures for unpaid tax amounts. |
Share Structure Certificate | Verify who—if applicable—the Supplier’s shareholders are; for example, for performing due diligence processes and verification that there are no potential conflicts of interest. |
In addition, if as a Supplier, you are approved for the signing of the Contract, Terminal de Contenedores de Tenerife S.A.U. will request confirmation of the identity of the individuals who, based on the powers of attorney provided, act as the Supplier’s representatives, and who will sign on behalf thereof, specifically:
- Signing of the contract through electronic certification issued by an official authority, after verification of the identity of the owner thereof (in countries and jurisdictions where these are valid), or
- Otherwise, a legible copy (on both sides, for documents that so require) of a valid official ID (NIF, NIE, Passport, Identity Card, Citizenship Card, Voter ID card, or Professional License, etc.)
- Why do we obtain and process this information and—when applicable—the personal data we request?
The Personal Data Protection regulations allow us to process the personal data of the individuals referred to in Section 2 of this Privacy Notice without needing to obtain the consent of the owners thereof, to comply with our legal or contractual obligations, or based on our legitimate interest of performing compliance and due diligence controls, both prior to the contract and throughout the term of the business relationship.
Specifically, Aleatica S.A.U and Seconmex Administración S.A. de C.V. shall process the personal documentation and information provided by the Supplier for the following purposes:
- Adoption of pre-contractual due diligence measures and supplier approval
- Compliance and Monitoring: compliance with internal policies, as well as any legal or contractual obligation, compliance with legal and administrative requirements, requirements of legal processes, exercise of legal rights and recourses, legal defense and management of any claim or complaint. This purpose includes the prevention of crime and fraud.
Terminal de Contenedores S.A.U. shall process the personal documentation and information provided by the Supplier, in addition to the above purposes, for the following:
- Formalization, maintenance, compliance, development, control and execution of the Contract.
- Execution of rights and compliance with legal obligations, such as defense if tax or social security liability is claimed against us, response to official information requirements issued by public authorities, courts and tribunals, etc.
- Exercise of rights of defense and legal and out-of-court claims.
- Commercial operations: management and protection of the assets of ALEATICA and/or other entities of Grupo ALEATICA (including any intellectual and industrial property rights, confidential information and IT systems), strategic planning, project management, gathering of audit evidence and other reporting tools, maintenance of records related to business activities, budgets, and financial management
- Who can we share your data with?
We may use the documentation we request from you and that you provide to us or that we obtain from the due diligence controls with:
- Other companies of Grupo Aleatica (the ALEATICA supplier approval process enables the supplier to enter into service contracts with any of the Grupo ALEATICA companies, thus optimizing the contracting process).
- IT service providers that process the personal data on behalf and based on the instructions of ALEATICA (such as data storage service providers, IT maintenance and support, cybersecurity controls, etc.).
- Advisory firms and independent firms that collaborate on compliance investigations and audits.
- Financial entities, for the payment of fees.
- Competent public administrations due to legal obligation.
- Courts, Tribunals and Tax Ministry, when applicable.
- Where is your personal data processed?
The documentation and data you provide to us shall be processed by Aleatica S.A.U. in Spain and by Seconmex Administración S.A. de C.V. in Mexico, both companies being subject to the European General Data Protection Regulation (GDPR), and Organic Law 3/2018 of December 5, for Protection of Personal Data and guarantee of digital rights in Spain, using permanent methods in this country for execution of this activity.
In addition, Seconmex Administración S.A. de C.V. shall be subject to the Federal Law for Protection of Personal Data Held by Private Parties and the Regulations for development thereof.
The information and documentation you provide to us shall be stored by:
- OVH Hispano SL on servers located in France and Canada
- Microsoft in a Data Center located in Europe
The Aleatica approval process verify the appropriateness of the suppliers based on legal and corporate criteria, and shall enable you to enter into contracts with any of the companies of our Business Group, which you can consult at www.aleatica.com. Some of the entities and suppliers of Grupo Aleatica are located in countries outside of the European Economic Area (“EEA”) and therefore have data protection standards that are not comparable to the standards of the EEA states. By requesting your approval, you agree that the results thereof and, when applicable, the documents provided during this process, shall be shared with these companies. If you do not agree to this, or if you would like to restrict the Companies of our group who have access to this documentation, please let us know by sending an email to dpo@prealeatica.aleatica.com. Keep in mind that this will mean that you cannot enter into contracts with such companies.
- What rights do you have over your personal data?
In accordance with the Personal Data Protection regulations applicable to Seconmex Administración S.A. de C.V. (Federal Law for Protection of Personal Data Held By Private Parties dated July 5, 2010 and the Regulations for development thereof of December 21, 2011) and to ALEATICA SAU (Organic Law 3/2018 of December 5, of Personal Data Protection and guarantee of digital rights; and Regulation (EU) 2016/679 of the European Parliament and the Board for protection of individuals with respect to the processing of personal data and the free circulation of such data, GDPR), the owner of the personal data may exercise the following rights:
- Access the personal data we process on your behalf, and know the origin of the data, the purposes for which it is processed and for how long, the information on the party or parties responsible for processing, and the third parties to whom the data may have been disclosed.
- Revoke consent at any time, when the processing of the data requires your authorization.
- Update or correct your personal data to guarantee it is accurate
- Request that your personal data that is unnecessary or irrelevant for the purposes reported in this Privacy Notice be deleted.
- Restrict the processing of your personal data in some cases, such as when you question the accuracy of the data, for the time it takes us to verify it.
- Obtain your personal data in electronic form, for such or for the new Party Responsible (in the case of processing of automated data that requires the consent of the owner of the data) and
- File claims with us and/or with data protection authorities
- In cases when so permitted by the data protection regulations, oppose the processing of your personal data or ask that we stop processing it. Exercise of this right shall imply that we will not be able to process your data beyond the limits permitted or allowed by the applicable standards.
- For how long will we process your data?
The documents provided by the Supplier during the approval process, and the personal data that such documentation may contain shall be processed:
- Suppliers that do not end up being approved
During the assessment and certification process. If the supplier is not approved, all of the documentation provided shall be blocked; that is, retained but with restricted access and available only to competent public authorities, courts and tribunals, to attend to responsibilities that may arise related to the processing of such information, and deleted completely after the statute of limitations has expired for such responsibilities.
- Suppliers that do end up being approved
During the assessment and certification process, throughout the entire term of the contractual relationship(s) that may be established and the conservation terms established in the applicable regulations (for example, the terms for conservation of the documentation that supports our accounting records).
At the end of such terms, the personal data shall be blocked; that is, it shall be retained exclusively to be made available to courts, tribunals, the Tax Ministry and public administrations during the terms of the statute of limitations for the actions and liabilities (civil, commercial, criminal, administrative, labor) that may arise from the contractual relationship and for which such data is, when applicable, relevant.
After such statutes of limitation have expired, if there are no open administrative or legal proceedings, the data shall be deleted.
- How can you contact us and exercise your rights?
If you have any questions or consultations about how we process your personal data, or if you want to exercise any of the rights described in Section 6 of this Privacy Notice, you can contact us by mail or email at:
- Mailing Address:
Aleatica SAU Paseo de la Castellana, 259 C. Piso 15 Madrid – 28046, España | Seconmex Administración S.A. de C.V. Boulevard Manuel Ávila Camacho No. 5 Edificio Toreo Parque Corporativo, Torre A, Piso 12, Colonia Lomas de Sotelo, C.P. 53390 Naucalpan de Juárez, Estado de México, México |
Terminal de Contenedores de Tenerife S.A.U. At the mailing address indicated in the Services Agreement |
|
- Using our web form for the exercise of Data protection rights
https://www.aleatica.com/derechos-proteccion-de-datos/
- Email:
dpo@prealeatica.aleatica.com
You can also access the protection of the data protection authorities:
- In Spain, Agencia Española de Protección de Datos (https://aepd.es)
- In México, Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales (INAI):https://home.inai.org.mx/
- How often is this Privacy Notice updated?
This Privacy Notice was updated in: December 2021.
