An OAB Company

Privacy Policy

ENTERPRISE FOR LARGE INTERNATIONAL ARCHITECTURE, S.L. is committed to ensuring that your personal data is protected and will not be used for purposes other than those indicated in this Privacy Policy. For this reason, in this section we inform users and interested parties of everything relating to the processing of their personal data, in accordance with the data protection regulations applicable in our country: General Data Protection Regulation (EU) 2016/679 of 27 April on the protection of natural persons with regard to the processing of personal data and the free movement of such data (hereinafter, “GDPR“) and Organic Law 3/2018 of 5 December on the Protection of Personal Data and guarantee of digital rights (hereinafter, “LOPDGDDD“).

This Privacy Policy is applicable to the processing of data carried out by ENTERPRISE FOR LARGE INTERNATIONAL ARCHITECTURE, S.L. through this website: www.eli-a.com (hereinafter, the “Website“) and/or any other processing activity that may be indicated.

We recommend that you read them carefully before using this Website or providing your personal data through it. You can contact us by e-mail: [email protected]

TABLE OF CONTENTS

In this Policy you will find all the information relating to the processing of your personal data and the rights you can exercise to maintain control over them. In this regard, you will find information on:

  1. Who is the Data Controller for the processing of your personal data?
  2. What are the requirements to provide us with your personal data?
  3. What data processing do we carry out through the Website and what are its main characteristics? Explaining to you:
    • What personal data do we collect?
    • What are the purposes of the processing of your personal data?
    • What is the legal basis that allows us to process your data?
    • How long do we keep your personal data?
  4. With whom do we share your personal data?
  5. Existence of international transfers of your data.
  6. What rights can you exercise as a data subject?
  7. How we protect your personal information. 
  8. Changes to this policy.
 

1.WHO IS THE DATA CONTROLLER FOR THE PROCESSING OF YOUR PERSONAL DATA?
Your personal data will be processed by the company ENTERPRISE FOR LARGE INTERNATIONAL ARCHITECTURE, S.L. (“ELIA”), with tax identification number B09838418 and whose contact details are as follows:

  • Address: Calle Còrsega, 254, Bajo, 08008, Barcelona, Spain
  • Contact email: [email protected]

2. WHAT ARE THE REQUIREMENTS TO PROVIDE US WITH YOUR PERSONAL DATA?

    • 2.1. Minimum age. In order to provide us with your personal data, you must be at least 14 years of age and/or have sufficient legal capacity to use this Website.
    • 2.2. Truthfulness. When you provide us with your data to use our services, you warrant that the data and information you provide is real, true, current and belongs to you and not to any third party.
      In addition, you must notify us of any changes to the information you provide, and you remain responsible for the truthfulness and accuracy of the information you provide at all times.
    • 2.3. Age and veracity checks. ELIA reserves the right to verify your age and identifying information at any time, if necessary, including by requesting an official proof of age or equivalent procedure and, in the event of fraud detection that proves or is suspected that you are under the age indicated.

3.WHAT DATA PROCESSING DO WE CARRY OUT THROUGH THE WEBSITE AND WHAT ARE ITS MAIN CHARACTERISTICS?
Below, we explain how we treat your personal information and provide you, in detail, with all relevant information regarding your privacy:

3.1 When you contact us through our channels (contact form, email):

 What are the data collection routes?

What personal data do we collect?

Identifying and contact information. We collect your identifying information (first and last name) and contact information (telephone and email address), as well as any other information that you voluntarily include in communications you send to us.

We may request additional information from you if necessary to fulfil with your request or requirement.

Curricular, academic, and professional information. If you send us your Curriculum Vitae (CV), we will be able to process the information relating to your studies, training, academic experience and what you have included in your professional documentation.

What are the purposes of the processing of your personal data?

To respond to your requests. The main purpose of the processing of this data will be to respond to your requests, resolve your queries and/or provide you with the necessary information and, where appropriate, to follow up on your requests.

Participate in our selection processes. If you send us your CV, we will process your personal data in order to initiate and follow up a selection process for possible recruitment.

What is the legal basis that allows us to process your data? Is the provision of this data mandatory?

Consent. The data provided for the above-mentioned purposes will be processed on the basis of your consent, given when you voluntarily contact us through the means made available to you to request information or make a request.

If you send us your CV for use without applying for a specific vacancy, and if you allow us to use your CV in future recruitment processes, we will do so on the basis of your consent, and we may keep your CV for this purpose.

Performance of the contract, taking of pre-contractual measures (Article 6(1)(b) of the GDPR). If you send us your CV in order to register for a specific offer, we will use your data for the purpose of carrying out pre-contractual measures or for the purpose of concluding a contract. 

The information you must provide is indicated by an asterisk or similar. Without this information we will not be able to process your enquiry or request.

How long do we keep your personal data?

We will process all of your personal data for the duration of the processing of your enquiries and, where necessary, to follow up on your enquiries. 

If you send us your CV, we will process your data for as long as is necessary to manage the selection process for which you have applied, or for one year if you have not applied for a specific vacancy.

At the end of this period, ELIA will keep this information locked for the periods provided for by law, in order to fulfil any obligations and to demonstrate compliance with our obligations.

Who do we share your personal information with?

 We do not make any other transfers to carry out this processing other than those generally set out in point 4. With whom do we share your personal information? In this regard, some of the channels through which you can contact us are managed by service providers who act as processors. For more information about how these service providers operate, please refer to section 4 above.


3.2. If you have a contractual relationship with us (provision of services)

 What are the data collection routes?   Contracting ELIA’s Services (signing of contracts, accepting offers or other legal acts).

What personal data do we collect?

Identifying and contact information. We collect your identifying information (first and last name), ID number, email and postal address, telephone number, and any other information you voluntarily choose to include in communications you send to us.

Employment details: During the contractual relationship, we may collect information about the contact person representing the client company (first and last name, professional email address, position and/or department).

What are the purposes of the processing of your personal data?

To manage and maintain the contractual relationship between the parties. The main purpose of the processing of this data will be the maintenance and execution of the contractual relationship between the parties, which may include Administrative, fiscal, legal, accounting and commercial management of customer data.  Drawing up and sending estimates. Execution of works. Dealing with queries and complaints by web, telephone, electronic or personal means. Arranging meetings and visits to customers. Managing collections.

What is the legal basis that allows us to process your data? Is the provision of this data mandatory?

Performance of the contract. The processing of the data is necessary for the performance of the contract between the parties

All the data requested and processed by ELIA for the above purposes are necessary for the purposes indicated. Failure to provide them will make it impossible to carry out the services and administrative tasks associated with them.

How long do we keep your personal data?

We will process all personal data for the duration of the contractual relationship between the parties. At the end of this period, ELIA will keep this information in a locked form for the periods provided for by law, in order to meet any obligations and to demonstrate compliance with our obligations.

Who do we share your personal information with?

We do not make any other transfers to carry out this processing other than those generally set out in point 4. With whom do we share your personal information? In this regard, some of the channels through which you can contact us are managed by service (e.g. management software), providers who act as processors. For more information about how these service providers operate, please refer to section 4 above.


3.3 Website navigation (cookies)
We use cookies or other tools on this Website to enable the operation of the Website and to allow the user to select preferences.
For more information about how we use these tools, please see our Cookie Policy.


3.4 ELIA’s social media profiles.
ELIA has a profile on the main social networks, such as Instagram or LinkedIn.
When you become a follower of one of our pages on social networks, the processing of data is governed by the terms of use, privacy policy and access rules of the corresponding social network, previously accepted by the user.
In this sense, ELIA will process your data for the correct management of its presence on the social network, to inform you about activities, products or services, as well as for any other purpose allowed by the regulations of the social network.
Please note that we do not have any control over the information that the social network collects or how it processes it, therefore we recommend that you inform yourself about the purpose and extent of the collection of information by these social

4. WITH WHOM DO WE SHARE YOUR PERSONAL DATA?
In general, ELIA will not communicate your data to third parties. However, in addition to the transfers that we specifically indicate in the section explaining the characteristics of the various operations (point 3), we inform you of the communications that we may make in general, which concern all the above-mentioned processing operations and their legal basis.

  • Service providers (for example, computer hosting companies or platforms for sending commercial communications). Notwithstanding the foregoing, these entities have signed confidentiality agreements and will only process your personal data in accordance with our instructions, and will not use it for their own purposes or for purposes other than the service they provide to us.
  • Public authorities. We may disclose the data and any other information in our possession or accessible through our systems to the relevant authorities if we are required to do so by law or if it is necessary, for example, in order to prevent or track the misuse of services or fraudulent activity through our website or web page. In such cases, the personal information you provide to us will be retained and made available to administrative or judicial authorities.
  • In the event of a corporate transaction: In the event of a merger, acquisition, sale of all or part of its assets or any other type of corporate transaction involving a third party, we may share, disclose or transfer user data to the successor entity (including during the pre-transaction phase).
  • To third parties after aggregation or anonymisation: we may disclose or use aggregated or anonymised data (i.e. data which cannot be linked to an identified or identifiable individual) for any purpose.
  • To third parties with your consent or other lawful basis: In the event If we wish to disclose information to third parties outside the scope of this Privacy Policy, we will always obtain your consent or inform you of your consent and legitimate basis.

We also inform you that this Privacy Policy only applies to the collection, processing and use of information (relating to personal data) by us through your interaction with our Website. Third party websites that you may access through links on the Website have their own privacy policies over which we have no control. We therefore recommend that you read their privacy policies before providing them with any personal information.


5. ARE YOUR PERSONAL DATA TRANSFERRED TO THIRD COUNTRIES OUTSIDE THE ECONOMIC AREA?

Some of our service providers are located in countries outside the European Economic Area (“EEA“).
The location of these companies outside the EEA implies the existence of an international transfer of your personal data, which may result in a lower level of protection than that provided by European legislation. However, ELIA has taken steps to ensure that such transfers do not result in a lower level of protection for your personal data.

In this regard, service providers outside the EEA have a valid mechanism to be able to carry out international transfers: (i) either they have signed the relevant Standard Contractual Clauses approved by the European Commission (“SCC“), an agreement signed by both entities in which the non-EU company guarantees that it will apply European data protection standards or, (ii) if they are US companies, they may be certified by the new EU-US Data Privacy Framework (“DPF”) compliance decision.

Therefore, using these providers will not result in a lower level of protection for your personal data than using providers located in the EU.

The content of the SCC and the EU-US Data Privacy Framework Adequacy Decision can be found at the following links:

https://commission.europa.eu/publications/standard-contractual-clauses-controllers-and-processors-eueea_en

https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en

Below is a list of the international transfers that we make from ELIA:

 Name  Country  Transfer mechanism
 Google LLC  United States  Data Privacy Framework
 GoDaddy.com, LLC  United States  Data Privacy Framework

6. WHAT RIGHTS CAN YOU EXERCISE AS A DATA SUBJECT
You may exercise the rights guaranteed to you by law in relation to the processing of your personal data by contacting us by e-mail at [email protected].
Any request to exercise your rights will be dealt with as soon as possible and in any event within the maximum period allowed by law from the time it is received. In some cases, we may need to ask you for a copy of your identity card or other form of identification to verify your identity.

Your rights as a data subject are as follows:

  • Right to withdraw consent
    You may withdraw your consent to any processing based on your consent at any time. However, withdrawal of your consent shall not affect the lawfulness of the processing based on your consent prior to its withdrawal.
  • Right of access
    You have the right to know what data is being processed and, if so, to obtain a copy of it, as well as information on:
    • the source and recipients of the data;
    • the purposes for which it is being processed;
    • whether there is any automated decision-making process, including profiling;
    • the storage period; and
    • the rights provided for in the Regulations
  • Right to rectification
    You have the right to obtain the rectification of your personal data or to complete them when they are incomplete.
  • Right to erasure
    You have the right to request the deletion of your personal data if they are no longer necessary for the purpose for which they were collected or, as the case may be, if we are no longer authorised to process them.
  • Right to data portability
    You have the right to request data portability in the case of processing of your data based on your consent or for the performance of a contract, provided that the processing is carried out by automated means. If you exercise this right, you will receive your personal data in a structured format that is commonly used and readable by any electronic device. However, you may also request, where possible, that your data be transferred directly to another company.
  • Right to restrict the processing of your personal data
    You have the right to restrict the processing of your data in the following cases:
    • When you have requested the rectification of your personal data during the period in which we verify the accuracy of your personal data.
    • When you believe that we are not authorised to process your data. In this case, you can ask us to limit its use instead of requesting its deletion.
    • When you consider that it is no longer necessary for us to continue processing your data and you want us to keep it for the purpose of exercising or defending claims.
    • Where there is processing based on our legitimate interest and you have exercised your right to object to such processing, you may ask us to restrict the use of your data during the verification of the prevalence of those interests over your interests.
  • Right to object
    You have the right to object at any time to the processing of your personal data on the basis of our legitimate interests, including profiling.
  • Right to complain to the Supervisory Authority
    Remember that if you feel that we have violated your right to data protection, you may at any time contact the competent supervisory authority, which in the case of Spain is the Spanish Data Protection Agency (www.aepd.es).

 

7. HOW DO WE GUARANTEE THE CONFIDENTIALITY OF YOUR INFORMATION?
The security of your personal data is a priority for us. For this reason, ELIA has adopted all the security measures necessary to guarantee the effective use and processing of the personal data provided by the user, guaranteeing the privacy, confidentiality and integrity of the same, and uses the necessary technical means to prevent the alteration, loss, unauthorised access or processing of your data, in accordance with the state of the art at all times.

We therefore comply with the security standards recommended for their protection. However, due to the nature of the Internet and the possibility of malicious acts by third parties over which we have no control, it is impossible to guarantee its security.
We are committed to acting promptly and diligently in the event of a breach of security and to notifying you.


8. CHANGES TO THIS POLICY
ELIA may modify the contents of this Privacy Policy at any time, especially in the event of legislative or jurisprudential changes or changes in the interpretation of the competent authorities that affect the processing of data carried out by ELIA through this Website. Any new version of this Privacy Policy will take effect on the date of its publication.

We therefore recommend that you regularly consult this Policy in order to be informed of how your personal data is processed and protected, as well as your rights.

This Privacy Policy was last updated in April 2024.