Privacy Policy

PRIVACY POLICY

PYMSAFOREST, S.L. informs users of this website about its policy regarding the processing and protection of users’ and clients’ personal data.

It also guarantees full and ongoing compliance with the obligations established by current legislation on data protection and information society services: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR), the Spanish Organic Law 3/2018 of 5 December on Personal Data Protection and guarantee of digital rights (LOPDGDD), and Law 34/2002 of 11 July on Information Society Services and Electronic Commerce (LSSI-CE).

DATA CONTROLLER

PYMSAFOREST, S.L. – Tax ID (CIF): B64373178
Registered office: C/ BRUC, 36 – 08241 – MANRESA (BARCELONA), Spain
Registered with the Mercantile Registry of Barcelona, volume 43764, folio 43, sheet B-341605, entry 16, dated 16 November 2006
Phone: +34 938 720 800 – Email: info@pymsaforest.com

PURPOSES OF DATA PROCESSING

The data provided by the User shall be used for various purposes, as outlined below:

Purpose of Processing Legal Basis
To manage queries or any kind of request submitted via the contact forms available on the website. Legitimate interest of the Company to respond to information requests.
Explicit consent provided at the time of data collection through web forms.
To send newsletters, commercial communications and promotional material. Explicit consent provided at the time of data collection through web forms.
To manage incidents and maintain the website. Legitimate interest of the Company.

DATA RETENTION PERIODS

Purpose of Processing Retention Period
To manage queries or any kind of request via the website contact forms. Data will be processed for the time necessary to respond to the request.
To send newsletters, commercial communications and promotions. Data will be processed until the user unsubscribes.
To manage incidents and maintain the website. Data will be processed for the time necessary to comply with applicable legal limitation periods.

DATA RECIPIENTS

To fulfil the purposes indicated in this Privacy Policy, it may be necessary to provide access to your personal data to third parties who support us in the services we offer (Data Processors).

These processors act on the basis of a service contract or agreement, follow our instructions at all times, and ensure the same levels of security.

USER RIGHTS

The user has the right to:

  • Request access to their personal data being processed and receive this information in writing via the requested means.

  • Request rectification of inaccurate personal data, or request deletion when the data is no longer necessary for the original purpose.

  • Request the restriction of the processing of their data.

  • Object to the processing of their personal data, in which case the data will no longer be processed unless there are legitimate grounds.

  • Request data portability when processing is based on consent and carried out by automated means. Data will be provided in a structured, commonly used, machine-readable format.

  • Withdraw previously granted consent at any time.

  • File a complaint with the Spanish Data Protection Agency (AEPD).

Users may exercise the above rights by submitting a request to the postal or email address of the Data Controller, providing proof of identity by attaching a scanned copy of their ID or equivalent document, and specifying the right they wish to exercise.

SOURCE OF DATA

Personal data is provided directly and voluntarily by the data subject. Failure to provide certain information in the registration or contact forms may prevent access to certain services that require personal data. In such cases, the Controller will indicate the required and/or necessary nature of the information.

The Controller guarantees the confidentiality and security of the personal data, taking all necessary measures to prevent its alteration, loss, or unauthorised access or processing.

INFORMATION PROVIDED BY THE USER

Minors under the age of 18 may not submit their personal data without prior consent from their parents or legal guardians.

By entering their data into the contact or download forms, Users explicitly and freely accept that their data is necessary to respond to their request, and that providing the rest of the data is voluntary.

The User guarantees that the personal data provided is truthful and agrees to notify any changes.

All data requested via the website is necessary to provide an optimal service. If not all required data is provided, the information and services offered may not fully meet the User’s needs.

SECURITY MEASURES

In accordance with current regulations on personal data protection, the Controller complies with all provisions of the GDPR and LOPDGDD, ensuring that personal data is processed lawfully, fairly and transparently, and is adequate, relevant and limited to what is necessary.

The Controller guarantees that appropriate technical and organisational policies have been implemented to enforce the security measures required by the GDPR and LOPDGDD, and has provided the necessary information to enable Users to exercise their rights.

SECURITY BREACHES

The Controller shall report any data security breach affecting the website’s database or any third-party services to the affected individuals and authorities within 72 hours of detection.

APPLICABLE LAW AND JURISDICTION

The Controller reserves the right to take any legal action deemed necessary in the event of improper use of the Website or its content.

The relationship between the User and the Controller shall be governed by current legislation applicable in Spain. Any disputes regarding interpretation or application shall be submitted to the competent courts in accordance with the law.