ARCOPAL Law - Airtificial

Data Subjects’ Rights Management Procedure

Current data protection legislation regulates both the rights that the data subject may exercise and the mechanisms for exercising such rights towards the Controller. This request should be sent:

By post to the following address: Madrid, General Díaz Porlier 49, 28001.
By e-mail to the following address: …

1.-The rights that the Data Subject may exercise are as follows:

The right of access, commonly referred to as subject access, gives individuals the right to obtain a copy of their personal data, as well as other supplementary information. It helps individuals to understand how and why someone is using their data, and check if they are doing it lawfully.
The right of rectification: data subject shall have the right to have inaccurate personal data concerning him corrected without undue delay by the controller. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data supplemented, including by an additional declaration.
Right to restriction of processing: The data subject shall have the right to obtain from the Privacy Officer the restriction of the processing of the data.
Right to erasure (Right to be forgotten): The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay if one of a number of conditions applies.
Right to data portability: The data subject shall have the right to have his or her data transmitted by the Privacy Officer to another Data Processor or to the data subject himself or herself, in a structured format for normal use and mechanical reading, when processing is carried out by automated means.
Right of objection: the data subject have the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data relating to him or her for the purposes of fulfilling a public interest or legitimate interest, including profiling on the basis of such provisions.

2.- Reply deadlines

The deadlines available to the Controller for resolving the exercise of the above rights by the data subject are set out below:

The Controller shall provide the data subject with the exercise of his or her rights and information on the actions requested and carried out without delay and, at the latest, within one month of receipt of the request.

This period may be extended beyond one month, but in such cases AIRTIFICIAL shall carry the burden of proving that the request is manifestly unfounded or excessive.

The data subject may exercise his or her data protection rights free of charge.

In any case, all applications must be accompanied by:

Name, surname(s) of the Data Subject and a copy of the National Identity Document (DNI). In the exceptional cases in which representation is admitted, it will also be necessary to identify the person representing the Data Subject by the same means, as well as the document accrediting the representation. The photocopy of the National Identity Number may be substituted provided that the identity is accredited by any other legally valid method.
Request in which the application is made. (Exercise requested or information to which access is sought):

If you do not refer to a specific filing system, you will be provided with all the information held by the company in your name.

If you request information on a specific filing system, only the information on this filing system.

If you request information relating to a third party, it will never be provided.

If you request it by telephone, you will be instructed to do so in writing and you will be informed of how to do so and the address to which you should send it. You will never be given information by telephone.

Address for notification purposes.
Date and signature of the applicant.
Documents accrediting the request being made.

DATA PROTECTION

In accordance with the provisions of Regulation (EU) 2016/679, of April 27, 2016, relating to the protection of natural persons with regard to the processing of personal data and the free circulation of these data (RGPD), We inform you that the data provided will be incorporated into the files owned by GRUPO AIRTIFICIAL and its subsidiaries for the purpose of evaluating and processing your candidacy and managing your participation in the selection processes that fit your profile.

The legal basis for data processing is legitimation by consent of the interested party. Your data will not be transferred to third parties outside Grupo Airtificial or its subsidiaries, except in cases where there is a legal obligation. The data provided will be kept limited for a maximum period of two years.

Likewise, we inform you that if you are not selected for the position you have applied for or if you do not fit the profile of the currently open processes, your data will be kept for future selection processes that could fit your profile until the maximum period of two years, at which time your Curriculum Vitae will be permanently deleted. During this time, you authorize Grupo Airtificial and its subsidiaries to contact you for the sole purpose of keeping your personal data updated.

If you wish, you have the right to access, rectify, port, delete, limit, cancel and oppose those treatments that you do not want, to do so you must send a letter to the address indicated above or to the email address: , attaching a photocopy of your ID Card and indicating “Data Processing” in the subject line. Grupo Airtificial and its subsidiaries will proceed accordingly within 1 month.

Grupo Airtificial and its subsidiaries inform you that it has adopted all technical and organizational security measures to guarantee the confidentiality, availability and integrity of your personal information in its information systems.

You may contact the competent Control Authority to present the claim you consider appropriate.