PRIVACY POLICY 2022

AKO GROUP

The AKO Group, as data controller and owner of this website, in compliance with the information duty established by the applicable laws to the company and EU Regulation 2016/679, General Data Protection Regulation (GDPR), we make this privacy policy available to inform you about how we process and protect your privacy and the data you provide us

In this notice we explain what your rights are and how to exercise them in regards to your personal information. Additionally, in the event you should require to contact the Data Protection Authority in charge, we provide you with the details.

‘Us’ the data controllers of the processing of your personal information The AKO Group – (AKO)

Address: Av. Roquetes, no. 30/38 Sant Pere de Ribes (08010) Barcelona

Phone No.: +34 938 142 700 – SAT: +34 938 115 800

E-mail: rgpd@ako.es

Ako group, ‘our group’ Multiple Engineered Solutions, S.L.U. (B-63423032)

AKO Electromecánica S.A. (A-60997582)

AKO Electromecánica Mexico (AEM080418QA9)

 

WHAT KIND OF INFORMATION ABOUT YOU WE MAY COLLECT?

The personal data that we collect from our users and customers can be grouped according to the following categories:

  • Basic and contact data: such as name, surname, username or similar identifier, marital status, degree, date of birth or gender. This category also may include your billing and delivery address, email and phone number.
  • Financial and economic data: this category includes payment, return and reimbursement details as well as the commercial transactions you completed with us. This may include data to verify your identity for payment acceptance purposes to be able to perform commercial transactions with you.
  • Professional and employment data: this category includes your professional interests and your professional identity that is public and online. For example, your LinkedIn profile.
  • Technical data: including IP address, registration data, browser and version used, zone and time usage, type of plugins installed in your browser, operating system and other technology used during navigation through our platform.
  • User account data: such as your profile name and password, history of subscriptions/purchases, interests, preferences, suggestions sent by you or any type of survey that you have responded to us.
  • Browsing data: includes information regarding the way your brows when visiting our platform.
  • Marketing and communication preferences: we collect your preferences in regards to accepting our commercial updates, information and Newsletters. We gather all your granted consents and your chosen communication preferences.
  • Images captured by surveillance cameras: footage that we may capture through our security video surveillance systems in our premises.

We do not collect personal data that is may be considered sensitive or specially protected.

HOW DO WE COLLECT YOUR PERSONAL INFORMATION?

Generally, you provide most of the personal information we collect directly. Either personally at our stores or by telephone, mail, web forms or by responding to our surveys. However, we may also collect personal information from:

  • Publicly accessible sources, such as commercial or property registries.
  • From third parties linked to us, such as:
  • A company of our group
  • Credit reference agencies
  • From your employer
  • From a third party that has previously obtained your consent to do so, such as your bank.
  • From the cookies that we enable on our website – For more information on how we use cookies, please visit our Cookie Policy.
  • From our systems to access our premises, if there are any. Such as, for example, entry and reception registers, security surveillance cameras, communication systems and instant messaging, email or social networks.

WHAT HAPPENS IF YOU REFUSE TO PROVIDE US YOUR PERSONAL INFORMATION?

Sometimes we are required by the law to collect personal data or it may be essential to be able to perform a contract with you, if you refuse to provide us with your personal data, it may become impossible for us to offer you our services. In the event that we need to cancel your order because of this, we will notify you first whenever necessary.

FOR WHAT PURPOSES DO WE PROCESS YOUR PERSONAL INFORMATION?

Here is a table with detailed information in regards to the purposes for which we collect your personal data and the legal basis that enables us to process it.

Purpose / Activity
¿Why do we collect your information?
Lawful basis for processing
your personal data
Provide our products or services to you, ship orders to you, manage fees, accept payments and recover money owed to us (1) To perform a contract

(2) In our legitimate interest (to be able to recover debts)

Registration of new customers (1) Express consent of the interest party

(2) To perform a contract

To manage our relationship with customers, which includes:

(1) Notifying about changes in our policies

(2) Requesting you to take a survey or to leave a review

(1) To perform a contract

(2) To comply with our legal obligation

(3) In our legitimate interest (to update our registry and to find out the customers opinion in regards to our products/services)

To send you our commercial information, Newsletter or advertising, through any means of communication (1) Express consent of the interest party

(2) In our legitimate interest (providing that you have not expressed your desire to stop receiving communication, ‘opt-out’)

To respond to your enquiries and forward requested information, including the sending of budgets (1) In our legitimate interest

(2) To perform a contract

(3) Express consent of the interest party

(4) To comply with our legal obligation

Manage user interaction in our Social Media platforms (1) To comply with our legal obligation (for example, to remove ofensive, racist or rude comments or to preserve the privacy of minors, etc.)

(2) In our legitimate interest (to delete third parties illegitimate adds placed on our social media)

To use data analytics to improve our website, services and products, customer experience and purchasing process by using cookies (1) In our legitimate interest

(2) Express consent of the interest party (for example, when you enable our analytic cookies)

Manage and protect our business and website. This includes navigation problems, data analytics, website testing, etc. (1) To comply with our legal obligation

(2) In our legitimate interest (manage our business, provide security to our network, prevent fraud, etc.)

To suggest and recommend to you the products and services that may be of interest. (1) In our legitimate interest (to promote the growth of our business)
To provide or to respond the legal Authority with the appropriate information To comply with our legal obligation
Improve the safety of our premises (installation of CCTV cameras/ video surveillance, access control) In our legitimate interest and in that of third parties involved. For example, to prevent damage or attack on our staff or customers.
Updating and enhancing our customer records (1) To comply with our legal obligation

(2) To perform a contract

(3) In our legitimate interest (to make sure that we can stay in contact with our customers in regards to subscriptions, orders or purchased products).

Guaranteeing the safety of our staff, managing our personnel and employing job candidates (1) To comply with our legal obligation

(2) In our legitimate interest and of third parties. To improve the work experience for our staff members.

 

WHO DO WE PLAN TO SHARE YOUR PERSONAL DATA WITH?

We may share your personal information with the following:

  • Companies within our group
  • Third parties that we use to help manage our business or our suppliers for delivery, payment service providers, warehouses, etc.
  • Third parties we need in order to manage our business. For example, lawyers, marketing agencies, etc.
  • Our insurance companies, brokers
  • The bank entities that we work with

All the third parties and suppliers we work with are contractually bound to us. We guarantee that they comply with all the necessary security measures to safeguard your personal information and that they will use your personal data exclusively for the specified purposes, in accordance with our instructions.

We will also share personal information with the authorities when required to do so by law.

WHERE DO WE STORE YOUR PERSONAL INFORMATION?

All the information you provide us, either through this website or by any other means or channels, will be hosted on the servers of the AKO Group. These servers are hosted within the European Economic Area. Specifically, in Spain. We also host information on CLOUD servers contracted with Microsoft who we are linked through the relevant service contract.

INTERNATIONAL DATA TRANSFER

In order to be able to provide the service, we may sometimes need to transfer your data outside the European Economic Area (EEA). For example:

  • In the case of having to communicate with our delegations outside the EEA.
  • To communicate with you or with our suppliers when located outside the EU.
  • When there is an international dimension in the products/services that we provide you.

International data transfers are subject to special rules governed by the principles of data protection laws. This means that we can only transfer your data to countries or international organizations outside the EU, when:

  • The countries to which your data is transferred are deemed to provide an adequate level of protection for personal data;
  • All the appropriate measures have been taken to guarantee the safeguarding of security and the correct development of the subject’s legal rights, as well as the possibility of filing claims.
  • There is a specific exception applicable according to data protection law.

FOR HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION?

Your personal information will be kept during all the entire duration of our relationship unless you state otherwise by exercising your right to access, rectification, erasure, restriction, portability or to withdraw consent. Nevertheless, we will keep specific personal data during the maximum 2-year term by legal imposition to respond to the  Authority when required for legal prosecution purposes regarding unlawful web usage.

Hereby we inform you that our conservation policies meet the legal terms regarding conservation:

  1. a) General rule

In virtue of what is stated in art. 30 of the Commerce Code, all business data will be kept during 6 years.

This affects all accounting, tax, labour or commercial documentation, including correspondence.

  1. b) Specific terms

Our company must also set minimum deadlines depending on the type of data in question and considering the different prescription periods, which each department must know.

This table lists the prescription periods that affect or may affect our organization:

Subject Period Rule
Labour infringements 3 years Art. 4.1 RD 5/2000
 Social security regarding infringements 4 years Art. 4.2 RD 5/2000
Prevention of occupational hazards for the purposes of infractions 5 years Art. 4.3 RD 5/2000
Fiscal for the purpose of tax debts 4 years Art. 66 Ley 58/2003
Tax for the purposes of checks on compensated fees or applied deductions 10 years Art. 66 bis Ley 58/2003
Accounting and commercial 6 years Art. 30 del CC
Crimes against Public Finance and Social Security 10 years Art. 131 LO 10/1995

 

We will never subject your personal data to automated decisions or any mechanism of the likes.

HOW TO OPT-OUT OF OUR MARKETING MAILS?

Please remember you can revoke any express consent you may have granted to us and we will immediately stop sending you marketing communications. To do this, you may request to unsubscribe using the opt-out option whenever available, the unsubscribe button in our emails or by writing us an email with the subject “Unsubscribe” to rgpd@ako.es

In accordance to the applicable laws, we never carry out SPAM, therefore we will not send you commercial emails if we don’t have appropriate legitimization to do so. In any case, you will be able to revoke your given consent in all our communications.

We will not process your personal data for any other purpose other than those described, except for legal obligation or judicial requirement.

RESPOSABILITY OF THE USER – DECLARATION OF VERACITY

By providing us with your personal information through electronic channels, users declare that they are over 14 years of age and that all the data provided to the AKO GROUP is truthful, accurate, complete and up-to-date. In addition to the aforementioned, users confirm that they are responsible for the veracity of the forwarded data and that they will keep said information conveniently updated. Users are liable for any damage that may arise from false or inaccurate data provided to us.

SENDING OF YOUR CV

In the event that you may submit your CV through any means established by the Ako Group, we inform you that the information provided will be processed to make you participant in the selection of personnel that may exist, carrying out an analysis of your profile in order to select the best candidate for the vacancy.

We will not consider any CV submitted by another means other than the official ones established by the Ako Group.  In case of any change in the data provided, please inform us in writing as soon as possible, in order to keep your data properly updated.

Your resume will be kept for a maximum period of one year. After this term all data will be deleted in a safe destruction procedure. If you wish to continue participating in our job selection processes, please re-submit your CV.

The data may be processed and/or transferred to the member companies of our group during the time of conservation of their curriculum and for the same purposes previously reported.

HOW DO WE KEEP YOUR INFORMATION SAFE?

We take data protection very seriously. For this reason, we guarantee the implementation of the appropriate security measures, controls and procedures prevent your information from being accidentally lost, used or accessed maliciously.

We limit access to your data to authorized persons or competent authorities. To do so, we make sure to properly train all our staff. All those involved in the processing of your personal data are subject to the duty of confidentiality.

Additionally, we apply technical procedures to react to any suspicion of a data security breach. In the event of a security breach we will notify you whenever necessary, as well as the data control authority (the AEPD in Spain), in accordance with all current regulations.

HOW TO EXERCISE YOUR RIGHTS IN REGARDS TO PERSONAL DATA?

You may exercise your following rights, free of charge, at any time:

Right of Access The right to be provided with a copy of your personal information
Right to Rectification The right to require us to correct any mistakes in your personal information
Right to be forgotten The right to require us to delete your personal information
Restriction of processing The right to object:

—At any time to your personal information being processed for direct marketing (including profiling);

—In certain other situations to our continued processing of your personal information, e.g. processing carried out for the purpose of our legitimate interests.

Right to data portability The right to receive the personal information you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations
Not to be subject to automated individual decision making The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you

 

To exercise any of the aforementioned rights, please write to us with your request to the email specifically enabled for this purpose: rgpd@ako.es

Please attach to your request of right exercise, information on exactly what you need and legal proof of your identity.

THE DATA PROTECTION SUPERVISORY AUTHORITY

We hope to be able to resolve any question or doubt that may concern you in regards to your personal information. But, if you still wish to file a complaint to the competent authority, you have the right to do so.

In Spain, the highest authority in terms of data protection is the Spanish Data Protection Agency (AEPD).

https://www.aepd.es/es – Tel: 91 266 35 17.

CHANGES IN THIS PRIVACY POLICY

The Ako Group informs you that we may modify this policy to adapt it to new legislation or jurisprudence at any time. Please check regularly for any updates.