INTRODUCTION

Actemium (hereinafter, Actemium), as the owner company of the website actemium.se (hereinafter, the “Website”), we undertake to ensure that your personal information is protected and not used inappropriately.

In this document, we explain who is responsible for its processing, the purposes for which your personal information will be processed, the legitimization for its processing, how we collect it, why we collect it, how we use it, your rights in relation thereto and also explain the processes we have implemented to protect your privacy.

By providing us with your personal information and using our websites, we understand that you have read and understood the terms related to personal data protection information as declared. Acuntia, S.A.U., as the owner of the Website, takes responsibility for complying with the applicable national and European data protection legislation, and aims to process your data fairly, lawfully and in a transparent manner.

2.DATA COLLECTION, PURPOSE AND PROCESSING

When a user uses the website’s contact form, they are providing personal information for which Actemium is responsible. This information may include personal information such as your IP address, name or email address. By providing this information, the user gives his consent for their information to be collected, used, managed and stored by Actemium, only as described in the Legal Notice and in this Privacy Policy.

The website only employs one system for acquiring personal information, and it only processes information provided by interested parties for the following purposes:

  • Form to apply for jobs in the company: We request some personal data, provided by the user, when making an application to work with the owner of the Web, with the sole purpose of keeping you informed of the different vacancies to a job that occur in our organization. The personal data and other information contained in the attached documents will be treated with the sole purpose of assessing whether your profile fits in the possible vacancies that occur in the company.

4.PERSONAL DATA PROCESSING LEGITIMIZATION

The legal basis for the treatment of your data is: consent.

To be able to use the website’s contact form you are required to provide your express consent to this Privacy Policy.

7.USER RIGHTS

Anyone has the right to obtain confirmation regarding whether Actemium is processing our personal data or not. Interested parties have the right to:

  • Request access to their personal data.
  • Request it be rectified or deleted.
  • Request that a limitation is placed on its processing.
  • Object to its processing.
  • Request the portability of the data.

Interested parties may access their personal data and request the rectification of any inaccurate data or, where applicable, request its deletion when, amongst other reasons, the data is no longer necessary for the purposes for which it was collected. In certain circumstances, interested parties may request the limitation of the data processing, in which case we will only keep it to process or defend complaints.

In certain cases and for reasons related to their individual circumstances, interested parties may object to the processing of their data. Actemium will stop processing the data, except for compelling legitimate reasons, or process or defend against possible complaints. As an interested party, you have the right to receive the personal data held about you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit that data to another controller when:

  • Processing is based on consent.
  • The data has been provided by the interested party.
  • Processing is performed automatically.

When exercising their right to data portability, the interested parties have the right to have the personal data transmitted directly from one controller to another when technically feasible. Likewise, they will also have the right to an effective remedy and to submit a claim to the supervisory authority, in this case, the Spanish Data Protection Agency, if they consider that the processing of their personal data infringes the Regulation

To exercise these rights, the user must send an email or a letter to the Controller identified under point 2 of this document. In order to respond to your request, you must also provide us with your name and surname(s), documentation that demonstrates your identity (ID Card or passport) and an address where you would like a response to be sent.

These rights are to be exercised by the user. However, they may be exercised by a legal representative of the authorized party. In which case, documentation must be provided to demonstrate that they represent the interested party.

13.COMMERCIAL EMAILS

According to the Law on Information Society Services and Electronic Commerce (LSSICE), Actemium does conduct spamming and therefore does not send commercial e-mails that have not been previously requested or authorized by the user.

According to the terms of Law 34/2002 on Information Society Services and Electronic Commerce, Actemium undertakes not to send commercial communications without identifying them as such.

In accordance with the controller definition provided in the General Data Protection Regulation, a

controller’ means the natural or legal person, public authority, agency or another body which, alone or jointly with others, determines the purposes and means of the processing of personal data;

the controller for the said personal data collected from emails and website forms is:

Actemium

Office: Vinci Energies Sweden AB

Knipplekullen 11

Göteborg 417 05

Sweden

Email: anita.kasto@vinci-energies.se / pierre-yves.guiot@vinci-energies.com

Tel : +46 031-65 90 00

VAT Number: SE556579229701

Business Registry: Sweden

Website: actemium.se

3.PRINCIPLES APPLIED TO YOUR PERSONAL DATA

In processing your personal data, we will apply the following principles in compliance with the stipulations contained in the new Organic Law 3/2018 on the Protection of Personal Data and the Guarantee of Digital Rights and the new General Data Protection Regulation (GDPR):

Principle of lawfulness, fairness and transparency: We will always require that you consent to the processing of your personal data for one or more specific purposes that you will be notified of in advance with absolute transparency.

Principle of data minimisation: We will only request data that is strictly necessary in relation to the purposes for which we require it. The minimum possible.

Principle of storage limitation: The data will not be kept for longer than is necessary for its intended purposes, and will be deleted once these have been completed. In the case of a subscription, this will be maintained until the user withdraws their consent.

Principle of integrity and confidentiality: Your data will be processed in a manner that ensures appropriate security of the personal data, and guarantees confidentiality. Please be aware that we have taken all necessary precautions to avoid the unauthorised access or improper use of our users’ data by third parties.

5.PERSONAL DATA CATEGORY

The category of data that is processed is identification data. Special protected data is not processed.

6.COMMUNICATION OF INFORMATION TO THIRD PARTIES

Actemium informs users that their personal data will not be transferred to third-party organizations, unless the said data transfer is covered by a legal obligation or when the provision of a service involves the need for a contractual relationship with a processor.

8.DATA SECRECY AND SECURITY

Actemium is committed, when using and processing the personal data of users, to respecting their confidentiality and using it in accordance with the purpose thereof, and to comply with its obligation to save it and implement any measures to avoid its alteration, loss or unauthorized processing or access, in accordance with the provisions of the applicable data protection regulations.

Actemium cannot guarantee the absolute impregnability of the Internet and, therefore, cannot rule out data breaches as a result of fraudulent access by third parties.

With respect to the confidentiality of the processing, Actemium will ensure that any person authorized to process the user’s data (including its staff, collaborators and providers), will be subject to the appropriate confidentiality requirements (either contractual or legal).

In the event of a security incident, upon discovery, Actemium will notify the user without undue delay and will provide timely information related to the security incident in a transparent manner or when the user reasonably requests it.

9.DATA ACCURACY AND VERACITY

The user is solely responsible for the veracity and correctness of the data that they submit via the Website, and exonerate Actemium from any responsibility in this regard.

The users guarantee and are responsible for, in any event, the accuracy, validity and authenticity of the personal data provided, and undertake to keep it duly updated. The user agrees to provide only complete and correct information via the contact or subscription form.

10.ACCEPTANCE AND CONSENT

The user declares that they have been informed of the conditions regarding the protection of personal data, and accepts and consents to its processing by Actemium in the manner and for the purposes indicated in this privacy policy.

11.CANCELLATION

The consent provided, both regarding the processing and the cessation of the data for the interested party can be cancelled at any time by notifying Actemium according to the terms established in this Policy for the exercise of their rights. This cancellation will under no circumstances be retroactive.

12.CHANGES TO THE PRIVACY POLICY

Actemium reserves the right to modify this policy to adapt it to legislative or jurisprudential developments and to meet industry practice. In such cases, Actemium will announce any changes introduced on this web page, with reasonable notice of implementation.