• LocationC/ URARTEA, 7
    01010 VITORIA - GASTEIZ
  • Phone(+34) 945 248 144
  • Fax(+34) 945 241 468
  • Emailnuter@nuter.es

PRIVACY POLICY

Legal notice · Cookie policy

Privacy policy

1. Introduction

At NUTER, S.A.U., we are committed to protecting privacy and to the lawful use of the personal data we process and that you provide to us, both online on this website and, where applicable, any of its subdomains and microsites, and offline.

Please read this policy carefully and make sure you understand and agree with it before providing us with your personal data. If you do not agree, do not use this website or its services or provide us with your data.

2. Who is the controller of your personal data?

NUTER, S.A.U.

  • Postal address: C/ Urartea, nº 7 (01010), Vitoria-Gasteiz, Spain.
  • Email: nuter@nuter.es.
  • Phone: +34 945 248 144.
3. How have we obtained your data?
3.1. Data provided by the data subject

If you are a customer (current or prospective) or a user of our website, you have provided the data yourself, offline or online, when requesting our products or services or contacting us for information. You may also have provided them in person if you have visited our facilities.

By providing your data, you warrant that you are entitled to do so, that the information is true and up to date, and that it does not breach any contractual restriction or third-party rights. You are responsible for keeping your data and profile accurate and up to date; NUTER, S.A.U. disclaims any liability if you fail to do so. You undertake not to impersonate other users by using their registration data for any services and/or content on the website.

3.2. Communication of your data by a third party

Your data may not have been provided to us directly by you, but by a third party we work with to whom you had previously given those data (for example, public ownership records, commercial or distributor networks, etc.).

In addition, by accepting this privacy policy and, where applicable, by the express consent you have given, you authorise NUTER, S.A.U. to request from third parties the data necessary to perform the service or services.

3.3. Communication by the data subject of third-party data

With regard to other people’s data, you must respect their privacy and take particular care when communicating or publishing their personal data. Only the data subject may authorise the processing of their personal data. Publishing third-party data without their consent may breach data protection rules as well as rules on honour, privacy or image rights.

If you provide us with third-party data, it is your responsibility to have their prior express consent for us to use them, and your duty to inform them of the processing we will carry out. By accepting this privacy policy, you expressly warrant that you have such authorisation and you hold us harmless against any claim by the data subject.

4. What types of data do we process?

The categories of data we may process include:

  • Obtained from the data subject: identification data (name and surname, tax ID), contact data (phone, postal address, email address, billing or delivery address), commercial and economic data (information on products requested, customer history and data required for payment: bank, credit card, etc.).
  • Provided by a third party: identification data; personal characteristics; social, academic and professional circumstances; economic, financial and insurance data; goods and services transaction data; employment details.

Special categories of data: we do not process special categories of personal data.

5. For what purposes do we process your data and on what legal basis?

The data you provide to us, as well as any generated during our relationship with you, may be processed for different purposes.

Summary of purposes and legal bases (extract).

  • If you are a current or prospective customer, to manage the contractual and/or commercial relationship with current and/or prospective customers and suppliers (contractual relationship).
  • To disclose your data to other companies or entities directly related to NUTER, S.A.U., in order to provide the service or product you have requested, and the administrative and accounting management required for such performance (contractual relationship).
6. How long will we keep your data?
6.1. General retention period

We will keep the personal data you provide for as long as the contractual, pre-contractual or commercial relationship lasts and, once it has ended, until the data subject requests erasure. Even after erasure is requested, we may retain data for as long as necessary, restricting processing, solely to:

  • Comply with legal and/or contractual obligations to which we are subject.
  • Meet statutory limitation periods for any liability on our part.
  • Exercise or defend claims arising from the relationship with the data subject.

Consistently with the above, erasure of personal data in IT systems or on paper may be carried out, at the organisation’s discretion, depending on logistical and/or storage needs that make it advisable to delete information or documentation.

7. To which recipients may we disclose your data?

The data you provide may be disclosed to third parties for purposes directly related to the legitimate functions of the disclosing and receiving parties, such as:

  1. Credit institutions: for collection and payment management.
  2. Entities or bodies where there is a legal obligation to disclose data: for example, the tax administration or social security authorities.
  3. Executive Service of the Commission for the Prevention of Money Laundering and Monetary Offences (SEPBLAC), to report suspicious transactions, as entities subject to anti-money laundering obligations.

Providing the requested data is mandatory because it is essential to formalise and/or maintain the contractual or pre-contractual relationship and to comply with the legal obligations arising from it; if you do not provide them, we cannot provide the service arising from that relationship.

Where the processing described is based on our legitimate interests, we consider it proportionate with minimal impact on your privacy; however, your interests, rights and freedoms will always prevail over our legitimate interests. If you do not wish us to process your data for these purposes, please email us at nuter@nuter.es and we will comply.

8. International transfers of data

At NUTER, S.A.U., we endeavour to ensure that personal data are always processed and located within the European Economic Area. However, in certain circumstances we may carry out international transfers of data, for example where necessary for the conclusion or performance of a contract, in the interest of the data subject, between NUTER, S.A.U. and another natural or legal person; or where necessary for the performance of a contract between the data subject and NUTER, S.A.U.

For example, when using service providers located outside the European Union who may have access to personal data, to provide ancillary services to our activity (hosting, colocation, SaaS, remote backups, IT support or maintenance, email services, email marketing, file transfer, etc.) or to carry out pre-contractual measures taken at the data subject’s request.

These entities may vary over time, but we will seek to choose entities either in countries with a level of data protection equivalent to the European standard, or with appropriate safeguards to achieve that level, or transfers will be made on one of the grounds permitted under the GDPR.

9. What are your rights when you provide us with your data?

Where applicable, you may exercise your rights of access, rectification, erasure, restriction of processing and objection to processing, as well as other rights, at the postal or email addresses indicated at the beginning of this privacy policy; in both cases by means of a signed written request attaching a copy of your national ID card, passport or other valid identification document. If your data change, you must notify us at the same address; this entity disclaims any liability if you fail to do so.

  • Right of access: you may ask what personal data we are processing and request a copy.
  • Right to rectification: you may request correction of inaccurate personal data or completion of incomplete data, including by means of a supplementary statement.
  • Right to erasure (“right to be forgotten”): you may request erasure of your personal data when they are no longer necessary for the purposes for which they were collected, you withdraw consent, processing was unlawful or erasure is required to comply with a legal obligation.
  • Right to restriction of processing: you may request restriction of processing of your data, in which case we will only retain them for the establishment, exercise or defence of legal claims.
  • Right to object: you may object to processing of your data where it is based on the controller’s legitimate interests or is for advertising purposes.

Once we receive any of the above requests, we will respond within the statutory time limits. You may lodge a complaint with the Spanish Data Protection Agency (AEPD). For more information on the rights you may exercise and for sample forms, you may visit the AEPD website at www.aepd.es.