In compliance with the provisions of the current national regulation concerning personal data protection and Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter GDPR); you are informed of how we will process your personal data below.
Which is the entity responsible for processing your data?
Your data will be processed by Red Eléctrica y de Telecomunicaciones, Innovación y Tecnología, S.A.U. and/or by the companies that make up the Red Eléctrica Group (hereinafter RE Group), based on the receiving party of your request or the relationship you have established with each of them. You can consult further information about the subsidiaries that are part of the RE Group at https://www.ree.es/en/about-us/red-electrica-group. Below you will find basic information about each company:
- Red Eléctrica de España S.A.U with Tax Identification Number A-85309219
- Red Eléctrica Corporación S.A with Tax Identification Number A-78003662
- Red Eléctrica Internacional S.A.U with Tax Identification Number A-82852906
- Red Eléctrica de España Finance, B.V. with Registration Identification Number: NL812199017B01
- Red Eléctrica Financiaciones, S.A.U with Tax Identification Number A-85724052
- REDCOR Reaseguros, S.A. with Registration Identification Number: B153252
- Red Eléctrica Infraestructuras de Telecomunicación, S.A.U with Tax Identification Number A-87323127
- Red Eléctrica Infraestructuras en Canarias, S.A.U. with Tax Identification Number A-76234822
- Red Eléctrica Sistemas de Telecomunicaciones, S.A.U. with Tax Identification Number A-79201075
- Red Eléctrica y de Telecomunicaciones, Innovación y Tecnología, S.A.U. with Tax Identification Number A-88409990
Postal address for notifications: Paseo Conde de los Gaitanes 177, La Moraleja, 28109 Alcobendas (Madrid – Spain).
Data Protection Office: firstname.lastname@example.org.
What is the purpose for processing your personal data?
As a general rule, your data will be processed by RETiT exclusively in order to fulfil one of the following purposes:
- Manage your relationship with RETiT: We will process your data to manage all matters related to maintaining the relationship established between you and RETiT.
- Manage users and provide the services offered on our website: We will process your data to provide the services that we offer on our website and to manage user registrations on the sections of the website requiring prior registration to access the restricted area.
- Manage information requests, enquiries, questions and doubts submitted via website forms, postal mail or email, or made directly by phone. . With the information you provide us, RETiT can furnish you with a response to these queries and offer up solutions that adapt to your needs. RETiT undertakes to process the data obtained and provided by you for the purpose described as long as said data is necessary. Phone calls may be recorded for security purposes and in order to guarantee service quality.
- Manage the contractual relationship between you and RETiT. . Generally, when the processing of your data is based on the execution of a contract to which you are a party, we will process your data in accordance with the provisions of the contract signed between you and RETiT in order to execute and carry out said contract.
- Comply with the legal obligations required of RETiT: RETiT in its role as the Data Controller, is obliged to comply with any requirement for the provision of your personal data to the bodies of the Public Administration, Courts, regulatory bodies, and the State’s Security Forces or law enforcement bodies with competence in the matter.
- Send newsletters and manage subscriptions: RETiT has forms where you can give your unequivocal consent to receive information through newsletters, both via ordinary and electronic means, as well as information about activities organised by RETiT.
- Send advertising communications: With the information you provide, RETiT may use your data to send you information, both via ordinary post or electronic means, about offers, products, recommendations, services, promotions that may be suitable to your interests, needs and preferences.
- Performing satisfaction surveys: With the purpose of verifying your degree of satisfaction with the work carried out by RETiT we may undertake satisfaction surveys to improve the quality of our procedures and services.
How will children’s personal data be processed?
In general, RETiT’s content and services are mostly targeted at and designed for people over 18.
RETiT will not gather or process the personal data of children under the age of 16, without fully complying with the requirements set forth in the applicable regulations on data protection, with regard to fulfilment of the duty to inform and obtain consent where necessary.
How long will your personal data be kept?
The personal data provided will be kept for the amount of time needed to manage your request, query, suggestion, complaint, or claim, or as long as there is a contractual relationship, the data subject does not request its erasure or opposition, and the data need not be deleted to comply with a legal obligation, or for the formulation, lodging, and defence of claims.
In this regard, RETiT will keep personal data duly blocked once its relationship with you has ended, except to make it available to Public Administrations, Judges, and Courts to respond to potential liabilities arising from the processing, as well as to lodge and defend claims with the Spanish Data Protection Agency, and they will be kept for the statute of limitations of the actions that may arise from the relationship maintained with the user.
Your personal data will be kept for the period of time necessary to fulfil the purpose for which it was collected. If your data is used for several purposes, thereby obliging us to keep it for different periods of time, we will apply the longest retention period.
What is the legal basis for processing your personal data?
RETiT has the authority to process your personal data on the following legal bases:
- Execution of a contract: Your data must be processed in order to manage, maintain, and execute a contract signed between you and RETiT.
- Consent of the interested party: You have expressed your consent by filling out a form authorising the processing of your personal data for a specific purpose or for certain purposes, such as subscribing to newsletters, dealing with queries, requests for information, claims, sending commercial communications, and conducting satisfaction surveys. You may revoke the consent given at any time through the means made available to you.
- Consent: You have given your consent by filling out a form authorising the processing of your personal data for a specific purpose or for certain purposes. You may revoke this consent at any time through the means we make available to you.
- Compliance with legal obligations: Your data must be processed in order to comply with the legal obligations established by law (tax, corporate, labour, etc.)
- Legitimate interest of RETiT: The processing of your data is based on the legitimate interest of RETiT when there is no other legitimate basis to allow for processing. In all cases, an analysis of our authority has been carried out so as not to violate your fundamental rights and freedoms in any way, considering the reasonable expectations pursuant to your relationship with RETiT.
How do we collect your personal data?
In each process in which you provide your personal data you will be informed of the obligatory or optional nature of completing the field and of the consequences of failing to provide said data.
In accordance with Article 14 of the GDPR, RETiT undertakes to provide any third party whose details you indicate with the relevant information.
Who are the recipients of your personal data?
RETiT will share and give up your personal data in the fulfilment of the aforementioned purposes and based on the above-mentioned legitimate bases for processing to:
- Companies of the RE Group. Details of such companies can be viewed at https://www.ree.es/en/about-us/red-electrica-group.
- Public Administrations and the Justice Administration, and generally the Competent Authorities when RETiT is legally obligated to provide the data.
RETiT suppliers that have access to your personal data and process said data as a designated data processor for RETiT, as a result of the services they provide RETiT.
All suppliers with access to personal data that provide services to RETiT have signed the corresponding processor contract in accordance with the provisions of Article 28 of GDPR, compelling them to fulfil the same obligations: apply appropriate technical and organisational measures; process personal data for the agreed upon purposes and only heeding the documented instructions of RETiT, and the obligation to erase the data once provision of service has finished.
Given the activity that RETiT carries out, it is possible that international data transfers to countries outside the European Economic Area (EEA) may take place.
For the cases in which international data transfers take place to countries outside the European Economic Area (EEA) or to countries that do not offer an adequate level of protection, the necessary measures will be applied with the appropriate guarantees through the use of Standard Contractual Clauses authorising the international transfer.
What rights are you entitled to once you provide us with your personal data?
You will be able to exercise the rights of Access, Rectification, Portability, Erasure, Restriction of Processing, or, if applicable, to Object. In order to exercise these rights, you must send a written statement to the aforementioned postal address or via email to the following address: email@example.com including “Data protection” in the subject line/section.
You must specify which of these rights you wish to exercise and, in turn, you must attach a photocopy of the national ID card or equivalent identity document of the data subject. In the event a legal or voluntary representative acts on the data subject’s behalf, they must also provide a document proving this representation and their identity document.
In addition, in the event you consider your right to personal data protection has been violated, you may file a claim with the Spanish Data Protection Agency via the web page enabled for this purpose by the corresponding Data Protection Control Authority. (www.agpd.es).
How do we safeguard and ensure the privacy of your personal data?
RETiT applies and maintains the appropriate technical and organisational measures to guarantee an adequate level of security based on prior risk analysis.
Specifically, RETiT has put in place all the technical resources at its disposal to prevent the loss, misuse, alteration, unauthorised access, and theft of the data you provide.