PRIVACY POLICY

1. Identification

  • Data controller: ORION PREMIER SL
  • TAX ID: B85734945
  • Address: C/ Lola Flores 1
  • City: Madrid
  • ZIP: 28022
  • Province: MADRID
  • E-mail: recepcion@cpmadridairport.com

2. Information and Consent.

By accepting this Privacy Policy, the user is informed and gives his free and specific consent for the personal data provided through our websites hereinafter, the “Website”, and those that may be provided by other means or in the future, are treated by ORION PREMIER SL, in the remainder of the document called the RESPONSIBLE.

3. Obligatory nature of providing data.

The data requested in the forms on the Web Site are mandatory unless otherwise indicated in the field indicated. If they are not provided or are not provided correctly, the user’s request cannot be fulfilled.

The user will be able to freely view the content of the Website if he/she accepts the use of cookies, otherwise he/she will be invited to leave the website or to browse, as the case may be, for content without cookies.

4. For what purposes will the controller process the user’s personal data? – What is the legitimacy of the processing of the user’s data?

The personal data provided through the Website will be processed by RESPONSABLE in accordance with the following purposes:

a. For purposes of contractual compliance.

To comply with the agreements in the supply of products or services that you hire us and to be able to perform them according to the conditions set out in each case. Also for the establishment of labor agreements and contracts.

Ground of legitimacy Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (hereinafter GDPR), Article 6.1b the processing is necessary for the performance of a contract to which the data subject is a party or for the implementation at his request of pre-contractual measures.

b. For purposes of commercial communication and information based on your consent.

In order to be able to communicate commercial promotions, product information and news, invite you to events and activities, we ask for your express consent, which can be revoked easily at any time you deem appropriate.

Cause of legitimacy RGPD article 6.1ba the data subject gave his consent to the processing of his personal data for one or more specific purposes.

c. Data provided for sending Newsletter.

Manage the subscription and/or unsubscription to the Newsletter, carried out through the channel provided on the Website of the RESPONSIBLE.

Cause of legitimacy RGPD Article 6.1a the data subject gave his consent to the processing of his personal data for one or more specific purposes.

d. Data provided in contact forms.

To manage the user’s requests for contact and information through the channels provided for this purpose on the RESPONSIBLE’s websites, to answer the request raised.

Grounds for legitimacy GDPR Article 6.1f the processing is necessary for the satisfaction of legitimate interests pursued by the controller or by a third party, provided that such interests are not overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data, in particular where the data subject is a child.

e. Navigation data provided.

Perform analysis on the use of the Website and check the preferences and behavior of users.

Grounds for legitimacy GDPR Article 6.1f the processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, provided that such interests are not overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data, in particular where the data subject is a child.

5. What user data will RESPONSABLE process?

RESPONSABLE will process the following categories of personal data depending on the application or request made by the user:

  • Personal characteristics
  • Social circumstances
  • Economic
  • Navigation data
  • User and/or owner identification codes or passwords

6. With which recipients will the user’s data be shared?

The user’s data, depending on the relationship that is established and always with your authorization, could be communicated to:

  • Organizations or persons directly related to the responsible.
  • Law enforcement agencies.
  • Organisms of the European Union.
  • Entities dedicated to the fulfillment or non-fulfillment of monetary obligations.
  • Banks, savings banks and rural banks.
  • Insurance companies.
  • Other financial entities.
  • Public administration with competence in the matter.

7. International Data Transfers.

We inform you that your data could be transferred always with your prior authorization to:

  • Organizations or persons directly related to the responsible.
  • Service providers.

8. Data Retention.

a. For purposes of contractual compliance.

The data will be kept during the term of the contract and, once it has ended, during the period of limitation of the legal actions that may arise from it.

b. For commercial communication and information purposes based on your consent.

The data will be kept as long as the user does not revoke the consent given.

c. Data provided for the sending of Newsletter.

The data will be kept as long as the user does not revoke the consent given.

d. Data provided in the contact forms.

The data will be kept as long as the user does not revoke the consent given, for the duration of the service requested and, once completed, during the period of limitation of legal actions that may arise from it.

e. Navigation data provided.

The data will be kept as long as the user does not revoke the consent given.

9. Responsibility of the User.

The user guarantees that he/she is of legal age and that the information provided to the RESPONSIBLE is true and up to date. The user will keep the information provided conveniently updated.

The user guarantees that he/she has informed the third parties of whom he/she provides data, if he/she does so, of the aspects contained in this document, guaranteeing in turn that he/she has obtained their authorization to provide their data to RESPONSABLE.

The user shall be liable for any false or inaccurate information provided through the Website and for any damages, direct or indirect, that this may cause to RESPONSABLE or third parties.

10. Exercise of Rights.

The user may send a letter to the RESPONSIBLE, to the postal or e-mail address indicated in the heading of this Policy, attaching a photocopy of his identity card or equivalent document, at any time and free of charge, to:

  • Revoke the consents granted.
  • Obtain confirmation as to whether the RESPONSIBLE is processing personal data concerning him/her.
  • Access your personal data.
  • Rectify inaccurate or incomplete data.
  • Request the deletion of your data when, among other reasons, the data are no longer necessary for the purposes for which they were collected.
  • Obtain from the RESPONSIBLE the limitation of data processing when any of the conditions provided for in the current data protection regulations are met.
  • Request the portability of the data provided in those cases provided for in the current data protection regulations.
  • File a complaint with the Spanish Data Protection Agency at the address Calle de Jorge Juan, 6, 28001 Madrid, if you consider that the RESPONSIBLE does not treat your data in accordance with the law.

11. Security Measures.

The RESPONSIBLE will treat the user’s data at all times in a confidential manner and keeping the obligatory duty of secrecy regarding the same, in compliance with the advised and provided for in the Organic Law 3/2018, of December 5 on data protection and guarantee of digital rights, adopting for this purpose the necessary technical and organizational measures that guarantee the security of your data and avoid its alteration, loss, treatment or unauthorized access, taking into account the state of technology, the nature of the data stored and the risks to which they are exposed.