PRIVACY AND DATA PROTECTION POLICY
In this Privacy Policy, we inform you clearly and transparently about how MARCOTRAN TRANSPORTES INTERNACIONALES, S.L. processes the personal data collected through the website www.marcotran.com, as well as your data protection rights.
1. Data Controller
Data Controller: MARCOTRAN TRANSPORTES INTERNACIONALES, S.L.
Tax ID: B50122894
Registered Office: CTRA. NATIONAL HIGHWAY 232, KM 271.100, 50690 Pedrola (Zaragoza), Spain
Contact email: marcotran@marcotran.com
Website: www.marcotran.com
2. Data Protection Officer
The company has a Data Protection Officer (DPO), whom interested parties may contact regarding any matter related to the processing of their personal data or the exercise of their rights.
DPO email: dpd@marcotran.com
3. What data we process
Through the website, we may process the personal data that the user provides directly through the available forms or through the available contact channels.
Depending on the service or form used, the data processed may include:
identification data;
contact data;
data contained in the query, request, or message submitted by the user;
any other information that the user voluntarily provides.
The user guarantees that the data provided is true, accurate, complete, and up-to-date, and is responsible for any direct or indirect damage or loss that may arise as a result of failing to comply with this obligation.
4. Purposes of Processing
The personal data collected through the website will be processed for the following purposes:
4.1. Handling inquiries and requests
To respond to inquiries, requests, or communications submitted by the user through web forms, email, or other available contact channels.
4.2. Managing the relationship with users
To take the necessary actions to maintain communication with the user, follow up on their request, and provide the required assistance.
4.3. Compliance with legal obligations
To comply with the legal obligations applicable to the data controller, as well as to cooperate with public or administrative authorities when legally required.
4.4. Website Security
Manage website security, prevent misuse, unauthorized access, technical incidents, or fraud.
5. Legal Basis for Processing
The legal bases that legitimize the processing of personal data, depending on the case, are as follows:
5.1. Data Subject's Consent
When the user completes and submits a form, checks the corresponding box, or makes a voluntary request through the website, the processing may be based on their consent.
5.2. Application of Pre-Contractual Measures or Performance of a Contract
When the user's request is related to services, proposals, preliminary procedures, or business relationships, the processing may be based on the application of pre-contractual measures or, where applicable, on the performance of the corresponding contract.
5.3. Compliance with Legal Obligations
Certain processing activities may be carried out when necessary for compliance with legal obligations applicable to the data controller.
5.4. Legitimate Interest
In certain cases, processing may be based on the legitimate interest of the data controller, for example, to ensure website security, manage technical issues, or defend against claims.
When processing is based on consent, the user may withdraw it at any time, without affecting the lawfulness of the processing carried out prior to its withdrawal.
6. Mandatory Nature of Data
Fields marked as mandatory on web forms must be completed in order to process the user's request.
If the required data is not provided, we may not be able to properly address the query, request, or action submitted.
7. Data Retention Period
Personal data will be retained for the time necessary to fulfill the purpose for which it was collected and, subsequently, for the legally required periods or while liabilities may arise from its processing.
In particular:
Data processed to handle inquiries or requests will be kept for the time necessary for their management and follow-up;
subsequently, they may be duly blocked for the applicable statutory limitation periods;
when processing is based on consent, the data will be kept until the data subject withdraws it or requests its deletion, provided there is no other legal basis justifying its retention.
8. Data Recipients
Generally, personal data will not be transferred to third parties.
However, the following may have access to the data:
• service providers acting as data processors for the data controller, with appropriate contractual safeguards;
• public administrations, judges, courts, or competent authorities, when there is a legal obligation;
• other third parties when necessary for the establishment, exercise, or defense of legal claims.
Data will not be transferred to third parties for their own purposes, except when legally required or when expressly informed.
9. International Data Transfers
Generally, international data transfers are not planned.
However, if the provision of any technological service involves providers located outside the European Economic Area or with access from third countries, such transfers will only be carried out when there are adequate safeguards in accordance with applicable regulations.
10. Automated Decisions and Profiling
No automated decisions are made, nor are profiles created, that produce legal effects concerning the user or similarly significantly affect them through this website.
11. Rights of Data Subjects
Everyone has the right to obtain confirmation as to whether or not we are processing personal data concerning them.
They may also exercise the following rights:
• Right of access: to know what personal data we process about them.
• Right to rectification: to request the correction of inaccurate or incomplete data.
• Right to erasure: to request the deletion of their data when, among other reasons, it is no longer necessary for the purposes for which it was collected.
• Right to restriction of processing: to request that we restrict the processing of their data in the cases provided for by law.
• Right to data portability: to receive the data provided in a structured, commonly used, and machine-readable format, and to transmit it to another controller where appropriate. • Right to object: to object to the processing of your data in certain circumstances and for reasons related to your particular situation.
• Right to withdraw consent: at any time, when the processing is based on consent.
12. How to exercise your rights
The data subject may exercise their rights by sending a request to:
Email: modifica.datos@marcotran.com
Postal address: MARCOTRAN TRANSPORTES INTERNACIONALES, S.L., CTRA. NACIONAL 232-KM 271.100, 50690 Pedrola (Zaragoza), Spain
When necessary to verify the identity of the requester, reasonable additional information may be requested.
13. Response time
Requests will be processed as soon as possible and, in any case, within a maximum period of one month from receipt. This period may be extended by up to two further months if necessary, taking into account the complexity and number of requests received. In that case, the data subject will be informed of the extension within the first month.
14. Right to lodge a complaint
If the data subject believes that the processing of their personal data infringes applicable regulations, they may lodge a complaint with the competent supervisory authority.
In Spain, the supervisory authority is the Spanish Data Protection Agency (AEPD).
They may also contact the Data Protection Officer beforehand by email at dpd@marcotran.com.
15. Minors
The services and content of this website are not generally directed at minors.
When the processing of data of minors requires consent, this consent must be given by the person holding parental authority or guardianship, in the legally required cases. 16. Data Security
The data controller implements appropriate technical and organizational measures to protect personal data against destruction, loss, alteration, unauthorized access, or improper disclosure, taking into account the state of the art, the nature of the data processed, and the associated risks.
However, users should be aware that internet security measures are not absolutely invulnerable.
17. Changes to the Privacy Policy
This Privacy Policy may be updated when necessary to adapt it to regulatory changes, criteria of supervisory authorities, modifications in the processing carried out, or changes in the operation of the website.
In the event of a modification, the updated version will be published on this same page.
