ENA belongs to ITÍNERE GROUP, available to the public at URL www.grupoitinere.com
Who is responsible for processing your personal data?
The party responsible for the processing is ENA INFRAESTRUCTURAS S.A.U, with Spanish tax code A28920965 and registered offices in Madrid (28020), C/ POETA JOAN MARAGALL, 1 – 11ª PLANTA (hereinafter, ENA).
ENA has formally appointed a Data Protection Officer and has also activated the following address for communication with users: firstname.lastname@example.org
What do we process your personal data for?
Personal data facilitated by users of the Website will be processed by ENA to ensure Website-user contact and management. This means that the personal data of users contacting ENA over any of the channels made available to them on the Website managed by ENA will be processed in order to manage the contact, deal with requests received, provide the services required or facilitate the information requested by the user.
What data are processed by ENA and what are their sources?
The data ENA processes as a consequence of interactions between users and the Website come from the following sources:
- Data from users who completed forms made available to them by ENA, filled out the spaces and forms provided to get into contact with ENA, sent emails or used other means of communication with ENA.
- Data generated by users browsing and utilising ENA websites.
- Data generated in the development, arrangement and maintenance of the relationship between users and ENA.
- Third-party data submitted by users.
ENA may process personal data of the following kinds, in line with the relationship it has established with each user:
- Identification data (eg, full name, email address, postal address, telephone, IP address, photo, etc).
- Data on personal characteristics and social circumstances (eg, age, date of birth, etc).
- Browsing data (eg, use of the ENA website, sections visited, etc).
What is the legal framework in which ENA processes your data?
ENA processes personal data facilitated by users of its Website pursuant to the following legal regulations, depending on the type of data and the interactions users establish with ENA:
The data processing for “Website user contact and management” is based on managing and processing the legal relationship established between users and ENA, ie, managing users’ requests, maintaining contact between the parties and, where appropriate, providing the service users may have requested.
Might your data be passed on?
How long does ENA keep your data?
ENA will keep your personal data for the time needed to provide the service requested and/or achieve the purpose of the processing.
After this end is reached, should users not have exercised their right to suppression, their data will be held during the legally established time periods for each case, taking into account the type of data and why they are being processed.
What personal data should you facilitate us in each case?
ENA informs users that, when the personal data are received through a form made available through our website, users must at least complete the fields marked with an asterisk (*). Should this minimum data not be supplied, ENA will be unable to provide the service or deal with the query or claim filed by the user.
What must we guarantee when submitting personal data?
Users guarantee that the data submitted are true, accurate, complete and current. Users are responsible for any direct or indirect loss or damage that may be caused as a consequence of failing to ensure this is the case.
ENA informs users that, in order to submit personal data over our Website, you must be older than 16. Users submitting data to ENA on the Website declare and guarantee that they are older than 16, assuming full responsibility for such declaration.
What measures does ENA adopt to protect your personal data?
ENA is fully committed to the security and confidentiality of your information and has adopted the levels of security required to protect personal data, installing all reasonable technical media to avoid loss, misuse, alteration, unauthorised access or theft of the personal data users facilitate over the Website. Nevertheless, please bear in mind that security measures on internet can never be 100% guaranteed.
What rights do you have over your personal data?
ENA informs you that you have the right to access your personal data and obtain confirmation on how they are being processed. You are also entitled to request the rectification of inaccurate data or, where appropriate, request their suppression when, among other reasons, the data are no longer necessary for the purposes for which ENA was using them.
Under certain circumstances, you may request limits to the processing of your data. Should you do so, ENA will only conserve those data for the purpose of dealing with possible claims.
Likewise, under certain circumstances, you may oppose or challenge the processing of your personal data for the purpose reported by ENA. In such case, ENA will cease to process your personal data, unless it has legitimate grounds to do otherwise, or needs to ensure that all parties may exercise their right to defence in the event of possible claims.
Finally, you have the right to request portability of your data and obtain specific information stemming from the relationship established between you and ENA for yourself or for other servicer, if this is technically possible.
Such rights can be exercised over the following channels, identifying your communication with the reference “DATA PROTECTION”:
- You may write to ENA INFRAESTRUCTURAS S.A.U, to the attention of the Data Protection Officer, at C/ Poeta Joan Maragall, 1 – 11ª Planta (28020 Madrid), Spain
- Or you may send an email to the Data Protection Officer at email@example.com
In both cases, you must accredit your identity as the person enforcing their rights, by sending a copy of the two sides of your identity document (ID, DNI, NIE, passport or equivalent).
ENA will facilitate the requested information to you within one month after receiving the request. This term may be extended a further two months should this be necessary due to the complexity or number of requests.
You may present a complaint to the competent Data Protection Authority. However, at first instance, you should contact the Data Protection Officer, who should resolve the issue within a maximum of two months.