Politica de Privacidad

Política de privacidad

Data protection policy

Below is the basic and essential information that you need to know about the processing that we do with your data at Reale. We recommend you visit our website and read our complete Policy to learn in detail how we will process your data.

If you have any queries, please write to us at dpo@reale.es and we will try to answer all your questions.

Selecciona tu idioma:

Castellano Catalán Euskera Gallego Italiano Alemán Holandés Francés

Data controller

REALE SEGUROS GENERALES, S.A. (RSG) or REALE VIDA Y PENSIONES, S.A. DE SEGUROS (RV), depending on the product for which you have requested a price or which you have finally decided to hire.

Purpose and legitimation

The data you have provided will be used by GSR or RV, as appropriate, for:

(1) the management of the project, application or pricing of the requested insurance, as well as the formalisation and management of the insurance if you decide to contract it. Legitimation: execution of the contract.
(2) the communication of the data to other insurers or reinsurers, as well as to the insurance broker that has brokered the policy. Legitimation: execution of the contract.
(3) compliance with our legal obligations as an insurer, mainly for the selection of the risk to be insured, or the prevention of money laundering for RV, among others. Legitimation: legal obligation.
(4) the prevention of fraud, default and identity theft (including profiling). Legitimation: legitimate interest.
(5) the preparation of statistical studies and the development of new products and services prior to the process ofanonymising your data. Legitimation: legitimate interest.
(6) carrying out loyalty-based activities and opinion surveys. Legitimation: legitimate interest.
Jointly between RSG and RV as joint data controllers to:
(7) centrally manage your data and provide you with a more immediate and complete service in all our branches. Legitimation: legitimate interest.
(8) send you commercial communications of own products and similar to those previously contracted, by any means while you are a customer (includes the preparation of “basic” profiles). Legitimation: legitimate interest.
(9) Other purposes based on your consent (see the You decide! section of this clause).

Recipients

To other entities of the Reale Group for the fulfilment of our legal obligations and the centralised management of the service.
To financial entities, for the management of collection and payments.
To entities and organisations, public or private, involved in the management of the insurance contract, insurers and reinsurers, involved in the management of the policy as managers, as well as State security forces and bodies, regulators or government bodies.
To the broker or insurance brokerage firm who has brokered your policy.
To common solvency databases relating to compliance with and breach of monetary obligations.
To common databases for fraud prevention and detection, as appropriate for the underwritten insurance.
To the Insured Vehicles Information Database (FIVA).

Rights

You can also file a complaint with the Spanish Data Protection Authority (www.aepd.es) in cases where you consider that the processing does not comply with current regulations or has not obtained satisfaction in the exercise of their rights." in the "RIGHTS" section of the privacy policy (Politica de Privacidad (reale.es))

Additional
information

We recommend that you read the comprehensive, detailed information on the processing of your data at www.reale.es/es/politica-de-privacidad, or by contacting us at 900 101 480 so that we can send it to you by the means you prefer.

We will communicate with you by any means (including WhatsApp) when necessary for any of the purposes described above. If you do not want to receive communications by a specific means, please contact us to register your preferences.

YOU DECIDE! Only if you give us your consent will we use the data for:

Preparation of “advanced” profiles for commercial or promotional purposes.
Sending of sales actions for two years once the pre-contractual and/or contractual relationship has ended.
Sending of promotional and advertising information from Grupo Reale entities and third-party companies, whether or not you are a customer.

You can decide whether you give us your consent, by going to https://consentimientos.reale.es/

Reale seguros

Data protection policy

What will you find in this policy?

01 Who processes your personal data? who is the owner of this data protection policy?

The protection of your personal data and your privacy is one of the priorities of the Reale Group...

The protection of your personal data and your privacy is one of the priorities of the Reale Group. In this data protection policy you will find all the information regarding who, how and for what purposes your data is processed.

The owners of this data protection policy are:

REALE SEGUROS GENERALES, S.A. (REALE SEGUROS GENERALES) Tax ID (CIF) A78520293
REALE VIDA Y PENSIONES, S.A. DE SEGUROS (REALE VIDA) Tax ID (CIF) A85877066
Address: C/ Príncipe de Vergara, 125, 28002, Madrid

These entities (hereinafter “we” or “Grupo Reale”) will process your personal data either as independent data controllers - when each entity determines separately and independently the purposes and means of processing your data - or as joint data controllers, when said ends and means are jointly determined. We only act as joint data controllers in relation to:

The centralised management of the contracts you have with us for organisational customer management purposes.
Our commercial prospecting and profiling practices.

We have made our best efforts to prepare a simple and fully transparent policy. You will find in different sections the processing carried out by REALE SEGUROS GENERALES and REALE VIDA (i) separately, as independent data controllers, in relation to the development and management of insurance applications, pricing, quotes or contracting of products that you request from each of them (hereinafter, your “Insurance carrier”), see SECTION 4; and (ii) jointly, as joint data controllers (hereinafter, the “joint data controllers”), see SECTION 5. In each case, we have detailed the purpose, legitimising basis for the processing, affected data and where they are obtained, with whom the data is shared and the data retention period.

PLEASE READ THIS DATA PROTECTION POLICY CAREFULLY

02 Data protection officer: Do you have any questions about your personal data?

You can contact the data protection officer of REALE SEGUROS GENERALES and REALE VIDA to ask...

You can contact the data protection officer of REALE SEGUROS GENERALES and REALE VIDA to ask any questions about the processing of your data at the address dpo@reale.es, regardless of whether your question refers to processing that each entity carries out separately or under a joint data controller regime.

03 Do you know your rights in relation to your personal data?

Tienes derecho a acceder a tus datos personales y obtener confirmación sobre cómo se están tratando dichos...

You have the right to access your personal data and obtain confirmation on how said data is being processed (Right of access). You also have the right to request the correction of inaccurate or incorrect data (right of rectification) and, where appropriate, request their deletion where the data are no longer necessary for the purposes for which they were collected (right of deletion).

In certain circumstances, you may request the restriction of the processing of your data, in which case we will only keep it for the exercise or defence of possible claims (right to restricting of processing). You can also request certain personal data in a structured, commonly used and machine-readable format and transmit it to another data controller (right of portability).

In addition, in certain circumstances (specifically when the processing is based on legitimate interest), you can object to the processing of your personal data (right of opposition).

Finally, you can withdraw the consent you have granted for a specific purpose at any time, without this affecting the legality of the processing based on prior consent to its withdrawal.

In any case, you may also file a complaint with the Spanish Data Protection Agency (www.aepd.es).

FOR THE EXERCISE OF ANY OF THESE RIGHTS, YOU CAN CONTACT YOUR INSURER OR ANY OF THE JOINT DATA CONTROLLERS IN RELATION TO PROCESSING CARRIED OUT JOINTLY; CONTACTING THEM VIA E-MAIL AT protecciondedatos@reale.es.

04 What processing do we perform with your personal data as independent data controllers?: Purposes, legal bases and personal data processed by your insurer(s)

Your Insurer is responsible for the processing of your personal data in relation to the insurance contracted with it. In the event that you now have or you have requested products from both entities, each of them respectively will be the data controller. It will be specified, where appropriate, when there are specialties or differences in the processing carried out by each of the entities.

4.1 Processing necessary for the management of an insurance request, project or pricing (pre-contractual phase) as well as the execution of the insurance contract finally requested (contractual phase)

1. Formalisation, management, maintenance and execution of the pre-contractual and contractual phase

Purpose / Description of the processing: As an insurer, we will process your personal data to formalise, manage, maintain and execute the contractual relationship with you, as well as the procedures prior to contracting. This processing involves in the initial phase in which you request the insurance, the processing and management of insurance applications and rates that best suit your demands and needs through the available channels; and, in contractual phase, the formalisation of the insurance contract, as well as the management, maintenance and execution of the operation on the same through the available channels. That is to say, the ordinary management during the life of the insurance contract (modifications of the data initially provided, extensions of coverage, delivery of the mandatory information of the contracted product), the provision of the insured coverage or complementary services included in the insurance policy, management of your queries through the authorised channels, performance of the checks and investigations necessary to determine, where appropriate, the payment of the applicable compensation.

This processing includes the sending of necessary communications and/or those derived from the management of our contractual and/or pre-contractual relationship with you by the means agreed in the policy (i.e. postal letter, e-mail, telephone, including SMS or WhatsApp and push notifications), using for this any of the contact details that you have provided to us during the same (i.e. including that provided during claims management). If you do not want to receive such communications by any of the aforementioned means, please contact us so that we can register your preferences at protecciondedastos@reale.es.

In addition, we inform you that we carry out continuous improvement processes in order to optimise the solutions that allow us to manage the aforementioned purposes, so we can carry out processing methods that include Artificial Intelligence components. These processing methods will not involve decision-making based solely on automated processing of personal data. You can obtain updated information at www.reale.es/es/politica-de-privacidad (www.reale.es/en/privacy-policy)

Data processed:

Those obtained directly from you or your relationship with us:

Identification, personal and contact data: name, surnames, identity document, sex, nationality, age, marital status, postal and electronic address, landline, mobile and digital signature.
Financial and work data / academic data: employment status, profession, level of education, level of income and expenses and bank account identification data.
Asset solvency data: data on the breach of a debt contracted with us.
Information regarding family circumstances and socio-economic and socio-demographic data: life cycle, personal data of third parties included in the coverage of the policies offered (e.g. family members or employees), their family connection, types of persons according to age and level of studies living in the geographical environment of the data subject, types of families living in said environment according to the number and characteristics of their members, categories of professional activities existing in the geographical environment in which the data subject resides, purchasing power based on annual income, the level of grouping - detached house or block - and whether there are shopping areas present.
Information obtained from our business with you and relationship with you: project requests and pricing including details, preferred languages and channels of communication, previous relationships with entities and age, data contained in complaints and claims that you make to us, conversations recorded in the Contact Centre (CC), data obtained in videoconferences, online chat, telephone calls or equivalent means with you and consultations made through the different means offered (CC, Mediator, Private Web Area and App) personal data of third parties included in the coverage of the policies offered (e.g. relatives or employees) and their family connection.
Historical information on current and past insured risks: information on the policy(ies), the vehicle(s) and drivers, information on the dwelling(s), information on the insured risk in branches other than vehicle and home, age of the contracted policies, discounts and/or commercial actions applied to the policies, reason for cancellation, supplements and/or changes made to the policies and premiums associated with them.
Historical information on internal claims: reported claims including reasons and dates of occurrence and reporting, status of the claim, associated files, key results, workshops and professionals involved, itemised amount of the claim (both provisions and pending settlements and payments made), identification and contact details of harmed or injured parties, contact information that you have provided us, contact persons and inquiries made.
Log of your satisfaction/experience information: global and particular satisfaction according to the times an evaluation or opinion has been requested, comments made in the satisfaction surveys, actions carried out as a result of the evaluation or opinion provided, as well as complaints and claims made.
Information associated with your historical profitability as a customer: earned premium, claims.

We also process personal data obtained from external sources. Specifically:

Asset solvency data: data on the default of a debt contracted with a private company (including other entities of the Reale Group), data obtained from credit information systems, credit rating companies and fraud prevention information systems. You can consult more information at www.reale.es/es/politica-de-privacidad (www.reale.es/en/privacy-policy) in section 10. Credit Information Systems.
Information included in common databases protected by codes of conduct of the insurance sector: data obtained from common databases as appropriate for the type of insurance subscribed, these being the Historic Automobile Insurance Database (Sinco), the Total Loss, Theft and Fire Automobile Database and the Miscellaneous insurance fraud prevention database as well as accident certificates from other companies. The age of such data is limited to a maximum of 5 years.
Information associated with your location and online behaviour: browsing and activity data (i.e. cookie information, device ID, advertising ID, IP address and browsing history) obtained from websites, web Private Area and App or other devices provided by the same (e.g. black box in vehicles) and data inferred from the monitoring and analysis carried out; all this as long as you have given your permission through said devices.
Aggregated information from external public and private sources about the risk: Google geopositioning information, information associated with the location of the risk obtained from external sources of a public or private nature (i.e. from the INE, AEMET, DGT, registry of tourist rental homes (Airbnb), census data, information from the IGN) and data obtained from other publicly accessible sources such as newspapers and official bulletins, public records, resolutions of the Public Administrations, cadastre, telephone directories, lists of people belonging to professional associations or autonomous, commercial information from Google, satellite images of a home, building, company, and home automation.

Processing of health data: In addition, when necessary for the provision of services, we will process data on your past and/or present physical and mental health status that you have provided directly or that have been obtained during the management or processing of a claim (including those about third parties affected, whom we will also inform), in order to:

Determine the health care and compensation to which, where appropriate, the injured party is entitled.
Make the payment to health providers or the reimbursement to the insured or their beneficiaries of the health care expenses that have been incurred within the scope of the insurance contract.

Law 20/2015, of 14 July, on the organisation, supervision and solvency of insurance and reinsurance entities (“LOSSEAR”) covers the processing of these personal data that may be necessary for the execution of the insurance contract and for reasons of public interest in the field of public health.

2. Communication of the data of the policyholder, those of the insured, beneficiary or injured third party to other insurance or reinsurance entities when it is necessary for the execution of the subscribed coinsurance or reinsurance contract, as well as to the insurance broker that has brokered the policy when necessary for the management of thereof.

Purpose / Description of the processing: When we go to a reinsurance entity in relation to your contract, we will communicate only those personal data indicated above that are strictly necessary to these ends for the execution and management of the reinsurance or coinsurance contract, in the terms provided in the LOSSEAR. In addition, for those cases in which your insurance has been mediated by a broker, we must also communicate to the broker certain personal data insofar as this is necessary for the management of your policy, in the terms provided in the regulations governing the distribution insurance.

4.2 Processing necessary to comply with legal obligations

1. Comply with general obligations under the regulations applicable to insurance entities.

Purpose / Description of the processing: As an insurance company we need to process your personal data in order to comply with the legal obligations set forth in Law 50/1980, of 8 October, on the Insurance Contract (“LCS”), the LOSSEAR and other regulations applicable to insurance companies, as well as general tax and commercial regulations.

These obligations include (i) the communication of your personal data to authorities, regulators or public bodies; (ii) the assessment, selection and pricing of risks (including the preparation of profiles for statistical-actuarial purposes), both prior to contracting and during its term, as well as obtaining information prior to contracting insurance, as well as periodically when appropriate, by evaluating the suitability of the requested product according to your demands and needs; (iii) the adoption of effective measures to prevent, identify, report and remedy fraudulent conduct; (iv) the processing and, where appropriate, communication of your data for the fulfilment of tax obligations and (v) the keeping of the accounting books required by the Code of Commerce and other applicable provisions, as well as the records of accounts, claims, technical provisions, investments, reinsurance contracts and policies, supplements and cancellations issued.

In addition, we will process your data to comply with our obligation to attend to and resolve the complaints and claims that the policyholders, insured, beneficiaries, injured third parties or successors of any of them may present, related to their legally recognised interests and rights. For these purposes, we have our Customer Service and Defence Services, which are responsible for dealing with and resolving complaints and claims.

Finally, and in compliance with our obligations, common databases such as those indicated in the following section will be consulted in relation to the data processed.

Data processed:

Information included in common databases protected by codes of conduct of the insurance sector: data obtained from common databases as appropriate for the type of insurance subscribed, these being the Historic Automobile Insurance Database (Sinco), the Total Loss, Theft and Fire Automobile Database and the Miscellaneous insurance fraud prevention database, as well as accident certificates from other companies. The age of such data is limited to a maximum of 5 years.

Processing of health data: In addition, when necessary we will process your health data provided in the health questionnaire and, where appropriate, collected through the medical health examination by a doctor or hospital for this purpose. The LCS protects the processing of this personal data that is necessary for compliance with legal obligations and for reasons of public interest in the field of public health (exception Article 9.2 g) of the GDPR).

2. Comply with the regulations on the prevention of money laundering and financing of terrorism.

Purpose / Description of the processing: REALE VIDA needs to process your personal data to carry out the corresponding checks and fulfil its obligations in accordance with the provisions of Law 10/2010, on the Prevention of Money Laundering and the Financing of Terrorism, and its implementing regulations.

Data processed:

Those obtained directly from you or your relationship with us:

Identification, personal and contact data: name, surnames, identity document, sex, nationality, age, marital status, postal and electronic address.

We also process personal data obtained from external sources. Specifically:

Information obtained from FACTIVA: National identity document, sex, criminal record, profession, nationality, postal address.
Information obtained from the Registry of the General Council of Notaries for the identification of the real owner of the operations: Name, surnames and national identity document.

4.3 Processing based on legitimate interest

1. Fraud prevention (including profiling).

Purpose / Description of the processing: We will process your personal data to carry out studies and automatic controls of fraud, defaults, and incidents derived from the products requested or contracted, both in the pre-contractual and contractual phase, for the prevention, detection and control of fraud.

Within the insurance field, in accordance with the LOSSEAR, insurance companies must adopt effective measures to prevent, impede, identify, detect, report and remedy fraudulent conduct related to insurance, whether adopted individually, or through participation in common databases officially created between insurance companies that contain personal data. These measures are aimed at the settlement of claims and actuarial statistical collaboration in order to allow pricing, risk selection, as well as the preparation of insurance technical studies.

This processing also entails the communication of personal data between companies of the Reale Group, with the purpose indicated above (to carry out cross-checks on fraud committed with any of them).

This profiling does not imply decision-making based solely on automated processing of the personal data that we indicate below. Likewise, this profiling is carried out based on the analysis of the existence of debts in order to assess the level of fraud risk, to avoid identity theft, as well as to prevent delinquency.

Data processed:

Those obtained directly from you or your relationship with us:

Identification, personal and contact data: name, surnames, identity document, sex, nationality, age, marital status, postal and electronic address, landline and mobile phone and digital signature.
Asset solvency data: data on the breach of a debt contracted with us."

We also process personal data obtained from external sources. Specifically:

Asset solvency data: data on the default of a debt contracted with a private company (including other entities of the Reale Group), data obtained from credit information systems, credit rating companies and fraud prevention information systems. You can find more information at www.reale.es/es/politica-de-privacidad (www.reale.es/en/privacy-policy) in section 10. Credit Information Systems.
Information included in common databases protected by codes of conduct of the insurance sector: data obtained from common databases as appropriate for the type of insurance subscribed, these being the Historic Automobile Insurance Database (SINCO), the Total Loss, Theft and Fire Automobile Database and the Miscellaneous insurance fraud prevention database, as well as accident certificates from other companies. The age of such data is limited to a maximum of 5 years.

Legitimate interest: The legitimising basis for this purpose is the legitimate interest in preventing and hindering fraudulent conduct (such as identity theft) that directly affects your Insurer, the Reale Group (e.g. assuming economic or reputational losses) or the sector in general. We have made a weighting judgement - available on request - to ensure that said legitimate interest prevails and that your interests and rights remain appropriately protected.

2. Conducting satisfaction surveys and studies related to the insurance contract application and management process.

Purpose / Description of the processing: We may contact you to carry out quality surveys and satisfaction studies related to the insurance contract application and management process.

Data processed:

We only process data obtained directly from you for this purpose. Specifically:

Identification, personal and contact data: name, surnames, identity document, nationality, age, marital status, postal and electronic address, landline and mobile phone.
Financial and work data / academic data: employment status, profession, level of education, level of income and expenses.
Information obtained from our business with you and relationship with you: project requests and pricing including details, preferred languages and communication channels, previous relationships with entities and seniority, data contained in complaints and claims that you make to us, conversations recorded in the Contact Centre (CC), data obtained in videoconferences, telephone calls or equivalent means with you and consultations made through the different means offered (CC, Mediator, Private Web Area and App).
Historical information on current and past insured risks: information on the policy(ies), the vehicle(s) and drivers, information on the dwelling(s), information on the insured risk in branches other than car and home, age of the contracted policies, discounts and/or commercial actions applied to the policies, reason for withdrawal, supplements and/or changes made to the policies and premiums associated with them.
Historical information on internal claims: reported claims including reasons and dates of occurrence and reporting, status of the claim, associated files, key results, workshops and professionals involved, itemised amount of the claim (both provisions and pending settlements and payments made), identification, contact and health data of harmed or injured parties, contact information that you have provided us and contacts and consultations made.
Log of your satisfaction/experience information: overall and specific satisfaction according to the times you have been asked for a rating or opinion, comments made in satisfaction surveys, actions carried out as a result of the rating or opinion provided and complaints and claims made.

Legitimate interest: The legitimate basis for this purpose is the legitimate interest of your Insurer in the proper functioning of its services and the company. We have made a weighting judgement - available on request - to ensure that said legitimate interest prevails and that your interests and rights remain appropriately protected.

3. Anonymisation and pseudonymisation of personal data to carry out statistical and historical studies for the monitoring and management of our insurance activity, as well as for the improvement of our products or services.

Purpose / Description of the processing: We will carry out processes of anonymisation of your personal data to (i) carry out studies, statistical analysis, analytical and artificial intelligence models for the development of improvements and new products; (ii) develop and improve analytical and artificial intelligence models to determine purchase intentions and/or retention actions on our products; and (iii) prepare reports on our activity in relation to the market and customers that allow us to efficiently direct and manage our business, as well as create statistical and mathematical models to assist in said task.

The processing of statistical reports and mathematical models is not intended to process personal data individually, but is carried out for the purpose of obtaining statistical and aggregate data, dissociated from the information of their owners, to prepare management reports and algorithmic or mathematical formulas. The processing of your personal data is accessory to the purpose pursued and implies that your personal data will be modified and added in such a way that does not allow you to be identified (anonymisation) or will be processed once encrypted (pseudonymisation).

Data processed:

Those obtained directly from you or your relationship with us:

Identification, personal and contact data: name, surnames, identity document, sex, nationality, age, marital status, postal and electronic address, landline and mobile phone and digital signature.
Financial and work data / academic data: employment status, profession, level of education, level of income and expenses and bank account information.
Asset solvency data: data on the breach of a debt contracted with us.
Information regarding family circumstances and socio-economic data and socio-demographic data: life cycle, personal data of third parties included in the coverage of the policies offered (e.g. family members or employees), their family connection, types of persons according to age and level of studies living in the geographical environment of the data subject, types of families living in said environment according to the number and characteristics of their members, categories of professional activities existing in the geographical environment in which the data subject resides, purchasing power based on annual income, the level of grouping - detached house or block - and whether there are shopping areas present.
Information obtained from our business with you and relationship with you: project requests and pricing including details, preferred languages and channels of communication, previous relationships with entities and seniority, data contained in complaints and claims that you make to us, conversations recorded in the Contact Centre (CC), data obtained in videoconferences, telephone calls or equivalent means with you and consultations made through the different means offered (CC, Mediator, Private Web Area and App).
Historical information on current and past insured risks: information on the policy(ies), the vehicle(s) and drivers, information on the dwelling(s), information on the insured risk in branches other than car and home, age of the contracted policies, discounts and/or commercial actions applied to the policies, reason for cancellation, supplements and/or changes made to the policies and premiums associated with them.
Historical information on internal claims: reported claims including reasons and dates of occurrence and reporting, status of the claim, associated files, key results, workshops and professionals involved, itemised amount of the claim (both provisions and pending settlements and payments made), identification, contact and health data of harmed or injured parties, contact information that you have provided us and contacts and consultations made.
Log of your satisfaction/experience information: overall and particular satisfaction according to the times you have been asked for a rating or opinion, comments made in satisfaction surveys, actions carried out as a result of the rating or opinion provided and complaints and claims made.
Information associated with your historical profitability as a customer: earned premium, claims and commercial expenses).

We also process personal data obtained from external sources. Specifically:

Asset solvency data: data on the default of a debt contracted with a private company (including other entities of the Reale Group), data obtained from credit information systems, credit rating companies and fraud prevention information systems. You can consult more information at www.reale.es/es/politica-de-privacidad (www.reale.es/en/privacy-policy) in section 10. Credit Information Systems.
Information included in common databases protected by codes of conduct of the insurance sector: data obtained from common databases (as appropriate by the type of insurance subscribed, the Historical Automobile Insurance Database (SINCO), the Total Loss, Theft and Fire Automobile Database and the Miscellaneous insurance fraud prevention database) and accident certificates from other companies. The age of such data is limited to a maximum of 5 years.
Information associated with your location and online behaviour: browsing and activity data (i.e. cookie information, device ID, advertising ID, IP address and browsing history) obtained from websites, Private Area/Apps or other channels of these, other devices provided by them (e.g. black box in vehicles) and data inferred from the monitoring and analysis carried out; all this as long as you have allowed it through said devices.
Aggregated information from external public and private sources on the risk: geopositioning information on Google, information associated with the location obtained from external sources of a public or private nature (i.e. from the INE, AEMET, DGT, registry of tourist rental homes (Airbnb), census data, information from the IGN) and data obtained from other publicly accessing sources such as official newspapers and bulletins, public registers, resolutions by Public Administrations, cadastre, telephone directories, lists of people belonging to professional associations, satellite images of a home, building, company, and home automation).
Other data obtained from social networks: social media profiles, comments and posts made publicly on social media (e.g. Facebook, Twitter, Instagram, etc.), blogs, forums, comments and posts made privately on the profiles of the social network entity, provided that you have given us your consent.

Legitimate interest: The legitimate basis for this purpose is our legitimate interest in designing, organising and optimising business and commercial activity in the most efficient way possible. As well as to define or improve the design of our products or services. We have made a weighting judgement - available on request - to ensure that said legitimate interest prevails and that your interests and rights remain appropriately protected.

4. To ascertain your financial solvency and creditworthiness.

Purpose / Description of the processing: your Insurer will consult the common databases related to the fulfilment or breach of monetary obligations. This consultation can be performed before and during the contractual relationship. In the same way and subject to current regulations, the customer is informed that the breach of the monetary obligations assumed by virtue of the contracts that he/she maintains may cause the inclusion of his/her personal data in a common database related to the fulfilment or breach of monetary obligations.

Those obtained directly from you or your relationship with us:

Identification, personal and contact data: name, surnames, identity document, sex, nationality, age, marital status, postal and electronic address, landline and mobile phone numbers.
Asset solvency data: data on the breach of a debt contracted with us."

We also process personal data obtained from external sources. Specifically:

Asset solvency data: data on the default of a debt contracted with a private company (including other entities of the Reale Group), data obtained from credit information systems, credit rating companies and fraud prevention information systems. You can consult more information at www.reale.es/es/politica-de-privacidad (www.reale.es/en/privacy-policy) in section 10. Credit Information Systems.

Legitimate interest: The legitimising basis for this purpose is its legitimate interest in avoiding fraud and ensuring payment for the products and services that we offer you. We have made a weighting judgement - available on request - to ensure that said legitimate interest prevails and that your interests and rights remain appropriately protected.

05 What processing do we perform with your personal data as joint data controllers?: Purposes, legal bases and personal data

REALE SEGUROS GENERALES and REALE VIDA carry out the following processing as joint data controllers since they jointly determine the purposes and means thereof. You can access the essential aspects of the joint data controller agreement between the Joint Data Controllers through: www.reale.es/es/politica-de-privacidad (www.reale.es/en/privacy-policy) in section 11. Joint data controllers.

5.1 Processing based on our legitimate interests

1. Centralised management of personal data for organisational purposes of customer management.

Purpose / Description of the processing: We process your personal data jointly for the centralised management of our internal resources, as well as to provide you with a more immediate and complete service upon request. This entails the maintenance of a common database that helps us manage your requests and our internal resources together.

For example, when you go to any of our branches to ask us for help in relation to one or several insurance policies contracted with one or any of us, our agents consult the personal data necessary for said consultation that any of us have in order to have a more and to be able to provide you with a more efficient service.

Data processed:

Those obtained directly from you or your relationship with us:

Identification, personal and contact data: name, surnames, identity document, sex, nationality, age, marital status, postal and electronic address, landline, mobile and digital signature.
Financial and work data / academic data: employment status, profession, level of education, level of income and expenses and bank account details.
Asset solvency data: data on the breach of a debt contracted with us.
Information regarding family circumstances and socio-economic data and socio-demographic data: life cycle, personal data of third parties included in the coverage of the policies offered (e.g. family members or employees), their family connection, types of persons according to age and level of studies living in the geographical environment of the data subject, types of families living in said environment according to the number and characteristics of their members, categories of professional activities existing in the geographical environment in which the data subject resides, purchasing power based on annual income, the level of grouping - detached house or block - and whether there are shopping areas present.
Information obtained from our business with you and relationship with you: project requests and pricing including details, preferred languages and channels of communication, previous relationships with entities and seniority, data contained in complaints and claims that you make to us, conversations recorded in the Contact Centre (CC), data obtained in videoconferences, telephone calls or equivalent means with you and consultations made through the different means offered (CC, Mediator, Private Web Area and App) personal data of third parties included in the coverage of the policies offered (eg relatives or employees) and their family connection.
Historical information on current and past insured risks: information on the policy(ies), the vehicle(s) and drivers, information on the dwelling(s), information on the insured risk in branches other than car and home, age of the contracted policies, discounts and/or commercial actions applied to the policies, reason for cancellation, supplements and/or changes made to the policies and premiums associated with them.
Historical information on internal claims: reported claims including reasons and dates of occurrence and reporting, status of the claim, associated files, key results, workshops and professionals who have intervened, itemised amount of the claim (both provisions and pending settlements and payments made), identification and contact details of harmed or injured, contact information that you have provided us, contacts and inquiries made.
Log of your satisfaction/experience information: overall and particular satisfaction according to the times you have been asked for a rating or opinion, comments made in satisfaction surveys, actions carried out as a result of the rating or opinion provided and complaints and claims made.
Information associated with your historical profitability as a customer: earned premium, claims.

Legitimate interest: The legitimising basis for this purpose is the legitimate interest of the Joint Data Controllers in maintaining a common repository of your personal data in order to be able to manage our internal resources more efficiently and to be able to provide our services in an integral manner. We have made a weighting judgement - available on request - to ensure that said legitimate interest prevails and that your interests and rights remain appropriately protected.

2. Preparation of “basic” profiles for commercial or promotional purposes only while you are a customer of any of the Joint Data Controllers.

Purpose / Description of the processing: We process your personal data to create “basic” profiles about you using marketing studies, statistical procedures and segmentation techniques for commercial or promotional purposes only while you are a customer of any of the Joint Data Controllers and on the basis of the data we obtain from you and during the relationship with you

MORE INFO: This means that we will develop cross-selling commercial models between the Joint Data Controllers (which do not involve the crossing and/or combination of your personal data held by each Joint Data Controller) and joint customer acquisition, loyalty, development and retention actions.

This profiling will be done without involving decision-making based solely on automated processing, based on simple parameters, to evaluate certain general aspects about you, in particular to analyse and predict or infer aspects related to your preferences or needs to offer you the products and services that we believe may interest you based on your preferences and needs that we have inferred. To prepare the aforementioned profiles, the Joint Data Controllers will take into account the data detailed below, to assess which products may be of interest to you based on models that allow us to assess your intention to purchase.

This profiling does not entail comprehensive processing of your personal data (both in duration –i.e. we will not process personal data older than five (5) years– and in quantity or origin) nor do we process particularly intrusive personal data as sensitive data, external data or data about your online behaviour and geolocation. That is why we call it “basic”. In addition, we will not use this commercial profiling, in any case, for the refusal of any product or service or other purposes that may have a significant impact on you.

Data processed:

Identification, personal and contact data: name, surnames, identity document, sex, nationality, age, marital status, postal and electronic address, landline and mobile phone.
Financial and work data / academic data: employment status, profession, level of education, level of income and expenses, bank account information.
Asset solvency data: data on the breach of a debt contracted with us.
Information regarding family circumstances and socio-economic data and socio-demographic data: life cycle, personal data of third parties included in the coverage of the policies offered (e.g. family members or employees), their family connection, types of persons according to age and level of studies living in the geographical environment of the data subject, types of families living in said environment according to the number and characteristics of their members, categories of professional activities existing in the geographical environment in which the data subject resides, purchasing power based on annual income, the level of grouping - detached house or block - and whether there are shopping areas present.
Information obtained from our business with you and relationship with you: project requests and pricing including details, preferred languages and channels of communication, previous relationships with entities and seniority, data contained in complaints and claims that you make to us, conversations recorded in the Contact Centre (CC), data obtained in videoconferences, telephone calls or equivalent means with you and consultations made through the different means offered by the Joint Data Controllers (CC, Mediator, Private Web Area and App).
Historical information on current and past insured risks: information on the policy(ies), the vehicle(s) and drivers, information on the dwelling(s), information on the insured risk in branches other than car and home, age of the contracted policies, discounts and/or commercial actions applied to the policies, reason for cancellation, supplements and/or changes made to the policies and premiums associated with them.
Log of your satisfaction/experience information: global and particular satisfaction according to the times an evaluation or opinion was requested, comments made in the satisfaction surveys, actions carried out as a result of the evaluation or opinion provided and complaints and claims made to the Joint Data Controllers.
Information associated with your historical profitability as a customer: earned premium, claims and commercial expenses).

Legitimate interest: The legitimising basis for this purpose is the legitimate interest of the Joint Data Controllers in knowing your preferences and interests to offer you services and products that may be of interest to you instead of treating you as a stranger and making generic offers, improving the offer that is sent to you and the customer service provided. We have made a weighting judgement - available on request - to ensure that said legitimate interest prevails and that your interests and rights remain appropriately protected.

3. Sending of commercial communications of own products and services and similar to those previously contracted, by any means only while you are a customer of any of the Joint Data Controllers.

Purpose / Description of the processing: We process your personal data to send you commercial communications about our own products and services (i.e. from any of the Joint Data Controllers or other companies of the Reale Group) and similar to those previously contracted by any means (i.e. postal letter, email, telephone including SMS, WhatsApp and Push notifications) only while you are a customer of any of the Joint Data Controllers.

Data processed: Each Joint Data Controller will send said communications to their own customers processing the identification and contact information of yours that they have. In addition, we will start from the information obtained from profiling provided that you have not objected to or have given your consent to it, as applicable.

Legitimate interest: The legitimising basis for this purpose is the legitimate interest of the Joint Data Controllers in offering you products and services, where appropriate, based on your profile and promoting our insurance activity (after making a weighting judgement - available on request - to ensure that said legitimate interest prevails and that your interests and rights remain appropriately protected), as well as the legal authorisation provided for by the regulations of the services of the information society and electronic commerce with respect to commercial communications by electronic means.

If your insurance has been brokered by a Banca Seguros Broker or Operator, we will only process your data for this purpose if your Insurance Broker/Operator previously authorises us to carry out each action, and in the cases in which it applies, additionally, you have given your consent.

5.2 Processing based on consent (remember that you can withdraw your consent at any time)

Only if you have given us your consent will we use your data for the following purposes:

In addition, if your insurance has been brokered by a Banca Seguros Broker or Operator, we will only process your data for these purposes if your Insurance Broker/Operator previously authorises us for each action.

You decide!

You can decide whether or not to give us your consent by going to https://consentimientos.reale.es/.

1. Preparation of “advanced” profiles for commercial or promotional purposes.

Purpose / Description of the processing: If you give us your consent, we will prepare “advanced” profiles about you through marketing studies and statistical, analytical and artificial intelligence techniques and procedures, and segmentation with the aim of carrying out commercial and promotional activities that are not generic and that fit your preferences, interests and behaviour (i.e. that are tailored to you). You can grant your consent regardless of whether or not you are a customer.

This profiling will be carried out automatically (without involving decision-making based solely on automated processing) and will allow us to evaluate personal aspects about you in a more exhaustive way in contrast to “basic” profiling (see section 5.A. purpose 2), that is, with a greater amount of data and including external sources, by carrying out cross-selling business models between the Joint Data Controllers or actions to capture, build loyalty, develop and retain joint customers. To prepare the aforementioned profiles, the Joint Data Controllers will take into account the data indicated below, to offer you products, benefits and personalised promotions.

Under no circumstances will this advanced profiling serve as a basis for the refusal of any product or service or other purposes that may have a significant impact on you.

If you have objected to the basic profiling, this processing will not be carried out regardless of whether or not you have given your consent.

Data processed:

Data processed for the preparation of the basic profiling.
Capital solvency data: data on the default of a debt contracted with a private company (including other entities of the Reale Group), data obtained from credit information systems (Experian), credit rating companies (Equifax Ibérica, S.L.) and fraud prevention information systems (Confirma and Experian). You can consult more information at www.reale.es/es/politica-de-privacidad (www.reale.es/en/privacy-policy) in section 10. Credit Information Systems.
Information included in common databases protected by codes of conduct of the insurance sector: data obtained from common databases (as appropriate by the type of insurance subscribed, the Historical Automobile Insurance Database (SINCO), the Total Loss, Theft and Fire Automobile Database and the Miscellaneous insurance fraud prevention database) and accident certificates from other companies. The age of such data is limited to a maximum of 5 years.
Geopositioning and insured risk information: location, information associated with the location obtained from external sources of a public or private nature (ie from the INE, AEMET, DGT, Google, telephone companies or internet services).
Aggregated information from external public and private sources on the risk: geopositioning information on Google, information associated with the location obtained from external sources of a public or private nature (i.e. from the INE, AEMET, DGT, registry of tourist rental homes (Airbnb), census data, information from the IGN) and data obtained from other publicly accessible sources such as official newspapers and bulletins, public registers, resolutions by Public Administrations, cadastre, telephone directories, lists of people belonging to professional associations, satellite images of a home, building, company, and home automation).
Other data obtained from social networks: social media profiles, comments and posts made publicly on social media (e.g. Facebook, Twitter, Instagram, etc.), blogs, forums, comments and publications made privately on the Joint Data Controllers’ profiles on social networks.

Data processed: Each Joint Data Controller will send said communications to their own customers and for this will process the identification and contact information they have on you. In addition, we will start from the information obtained as a result of the preparation of profiles indicated in the previous purposes, provided that you have not objected or have given your consent for it, as applicable.

2. Sending of sales actions for two years once the pre-contractual and/or contractual relationship has ended.

Purpose / Description of the processing: If you give us your consent, we may keep your data for two years once the validity of your insurance, project or pricing application (pre-contractual relationship) and/or your insurance (contractual relationship) has ended, to offer you products, bonuses and participate in promotional campaigns that may prove of interest to you based on the knowledge we have about you. For this we will need to manage and evaluate the data that we have detailed below.

Data processed:

Those obtained directly from you or your relationship with us:

Identification, personal and contact data: name, surnames, identity document, sex, nationality, age, marital status, postal and electronic address, landline, mobile and digital signature.
Financial and work data / academic data: employment status, profession, level of education, level of income and expenses and bank account details.
Asset solvency data: data on the breach of a debt contracted with us.
Information regarding family circumstances and socio-economic data and socio-demographic data: life cycle, personal data of third parties included in the coverage of the policies offered (e.g. family members or employees), their family connection, types of persons according to age and level of studies living in the geographical environment of the data subject, types of families living in said environment according to the number and characteristics of their members, categories of professional activities existing in the geographical environment in which the data subject resides, purchasing power based on annual income, the level of grouping - detached house or block - and whether there are shopping areas present.
Information obtained from our business with you and relationship with you: project requests and pricing including details, preferred languages and channels of communication, previous relationships with entities and seniority, data contained in complaints and claims that you make to us, conversations recorded in the Contact Centre (CC), data obtained in videoconferences, telephone calls or equivalent means with you and consultations made through the different means offered (CC, Mediator, Private Web Area and App) personal data of third parties included in the coverage of the policies offered (eg relatives or employees) and their family connection.
Historical information on current and past insured risks: information on the policy(ies), the vehicle(s) and drivers, information on the dwelling(s), information on the insured risk in branches other than car and home, age of the contracted policies, discounts and/or commercial actions applied to the policies, reason for cancellation, supplements and/or changes made to the policies and premiums associated with them.
Historical information on internal claims: declared claims including reasons and dates of occurrence and declaration, status of the claim, associated files, key results, workshops and professionals involved, itemised amount of the claim (both provisions and pending settlements and payments made), identification and contact details of harmed or injured, contact information that you have provided us, contacts and inquiries made.
Log of your satisfaction/experience information: global and particular satisfaction according to the time an evaluation or opinion has been requested, comments made in the satisfaction surveys, actions carried out as a result of the evaluation or opinion provided, as well as complaints and claims made.
Information associated with your historical profitability as a customer: earned premium, claims.

Data processed: Each Joint Data Controller will send said communications to their own customers and for this will process the identification and contact information they have on you. In addition, we will start from the information obtained as a result of the preparation of profiles indicated in the previous purposes, provided that you have not objected to or have given your consent for it, as applicable.

3. Sending of promotional and advertising information from Grupo Reale entities and third-party companies, whether or not you are a customer.

Purpose / Description of the processing: If you give us your consent, we may send you, by any means, promotional and advertising information from entities of the Reale Group, affiliated entities and/or other third-party companies with which your Insurer has collaboration agreements belonging to the following sectors of activity: insurance, health-related services and welfare, financial, telecommunications, security, technology, energy, audiovisual, education, leisure, automotive and mass consumption and that may be of interest to you.

You can consult the entities of the Reale Group, investee entities and/or other third-party companies with which your Insurer has collaboration agreements. You can find more information on our website in the Who We Are section.

Data processed:

Those obtained directly from you or your relationship with us:

Identification, personal and contact data: name, surnames, identity document, sex, nationality, age, marital status, postal and electronic address, landline, mobile and digital signature.
Financial and work data / academic data: employment status, profession, level of education, level of income and expenses and bank account details.
Asset solvency data: data on the breach of a debt contracted with us.
Information regarding family circumstances and socio-economic data and socio-demographic data: life cycle, personal data of third parties included in the coverage of the policies offered (e.g. family members or employees), their family connection, types of persons according to age and level of studies living in the geographical environment of the data subject, types of families living in said environment according to the number and characteristics of their members, categories of professional activities existing in the geographical environment in which the data subject resides, purchasing power based on annual income, the level of grouping - detached house or block - and whether there are shopping areas present.
Information obtained from our business with you and relationship with you: project requests and pricing including details, preferred languages and channels of communication, previous relationships with entities and seniority, data contained in complaints and claims that you make to us, conversations recorded in the Contact Centre (CC), data obtained in videoconferences, telephone calls or equivalent means with you and consultations made through the different means offered (CC, Mediator, Private Web Area and App) personal data of third parties included in the coverage of the policies offered (eg relatives or employees) and their family connection.
Historical information on current and past insured risks: information on the policy(ies), the vehicle(s) and drivers, information on the dwelling(s), information on the insured risk in branches other than car and home, age of the contracted policies, discounts and/or commercial actions applied to the policies, reason for cancellation, supplements and/or changes made to the policies and premiums associated with them.
Historical information on internal claims: declared claims including reasons and dates of occurrence and declaration, status of the claim, associated files, key results, workshops and professionals involved, itemised amount of the claim (both provisions and pending settlements and payments made), identification and contact details of harmed or injured, contact information that you have provided us, contacts and inquiries made.
Log of your satisfaction/experience information: global and particular satisfaction according to the time an evaluation or opinion has been requested, comments transferred in the satisfaction surveys, actions carried out as a result of the evaluation or opinion provided, as well as complaints and claims made.
Information associated with your historical profitability as a customer: earned premium, claims.

06 For how long will we keep your personal data?

Conservaremos tus datos personales mientras sean necesarios para cumplir con las finalidades...

We will keep your personal data as long as they are needed to fulfil the purposes mentioned above (either as independent data controllers or as joint data controllers) and as long as there is a legal basis for it. Specifically, your Insurer will keep the necessary data for the execution of your contract, while it is in force (i.e. during the term of the policy or while related operations are pending such as claims, receipts or claims) or until it is determined whether or not it is formalised in the case of insurance requests or rates. We will also keep your personal data while necessary for us to comply with legal obligations to which we are subject and while said obligations are applicable. In compliance with the specific insurance regulations, the information will be kept for at least 5 years and up to 10 years in compliance with our obligations related to the fight against money laundering.

Notwithstanding the foregoing, we inform you that, once your relationship with us has ended, your data will remain blocked, being accessible only by authorised personnel, for the period of time necessary for protection against potential legal actions, and kept at the disposal of the competent authorities during the applicable retention periods.

In the case of processing of personal data that is covered by your consent, we will retain your personal data until you revoke said consent; or, in the case of personal data processing that is covered by our legitimate interest, we will keep it until you object to such processing (and as long as said legitimate interest prevails over your interests and rights). Subsequently, they will remain blocked and kept only at the disposal of the competent authorities during the legal retention periods and during the period of time necessary to protect against any legal and contractual action.

07 To whom do we communicate your personal data?

In compliance with our legal obligations, your personal data will be communicated to the competent administrative...

In compliance with our legal obligations, your personal data will be communicated to the competent administrative and judicial authorities, when required within the framework of their powers. Likewise, we may communicate your data to these same authorities for the defence of our rights and on the basis of our legitimate interest in the proper execution of our activity and rights (after carrying out a weighting judgement -available on request- to ensure that your interests and rights do not prevail over our legitimate interest).

We will also communicate your data to the following entities:

To other entities of the Reale Group for the fulfilment of our supervisory obligations or for the centralised management of our IT resources based on our legitimate interest in transmitting personal data within the corporate group for internal administrative purposes.
To financial institutions, for the management of collections and payments, when necessary for the execution of the contract with you.
To entities and organisations, public or private, involved in the management of the insurance contract, such as other insurers or reinsurers or those involved in the management of the policy that act as managers (lawyers, experts, repair shops, clinics for assistance health, etc., as well as State security forces and bodies, regulators or government bodies provided that their communication is strictly necessary for the execution of the contract and in the terms provided in the LOSSEAR.
To the insurance broker or brokerage firm with whom you maintain a relationship and who broker the insurance contract based on the brokerage agreement, always respecting current regulations.
To common solvency databases relating to compliance with and breach of monetary obligations. In case of non-payment under the terms provided for in the contracts you sign with REALE, and in order to comply with the obligations established for this purpose in data protection regulations, the information relating to non-payment may be disclosed to joint solvency databases related to compliance with or breach of monetary obligations on the basis of our legitimate interest in combating fraud and after carrying out a weighting test (available on request).
To common databases to which the Insurer has adhered for the prevention of fraud and detection, as appropriate for the type of insurance subscribed, these being the Historical Automobile Insurance Database (SINCO), the Total Loss, Theft and Fire Automobile Database and the Miscellaneous insurance fraud prevention database whose owner is UNESPA, for the management of claims settlement and actuarial statistical collaboration and to allow the pricing/selection of risks for the preparation of insurance technical studies; on the basis of our legitimate interest - after carrying out a weighting test (available on request) and that of the sector for the prevention of and fight against fraud, under the terms provided in the LOSSEAR.
To the Insured Vehicles Information Database (FIVA) to facilitate the control of the obligation that every owner of a motor vehicle normally based in Spain has to subscribe and maintain in force an insurance contract that covers, in the areas and up to the limits established for the compulsory subscription insurance, the civil liability of the driver.

Your personal data processed within the framework of joint data controllers will not be communicated to any third party apart from the Joint Data Controllers identified here, that is to say, REALE SEGUROS GENERALES AND REALE VIDA and for the purposes and on the legitimating basis set forth herein.

08 Do we make international transfers with your personal data?

At Grupo Reale we process your data within the European Economic Area and, in general...

At Grupo Reale we process your data within the European Economic Area and, in general, we hire service providers also located within the European Economic Area or in countries that have been declared to have an adequate level of protection by the European Commission.

If we need to use service providers or reinsurers that carry out processing outside the European Economic Area or in countries that have not been declared to have an adequate level of protection by the European Commission, we will make sure to guarantee the security and legitimacy of the processing of your data and we will inform you of this in advance indicating the receiving countries, the additional guarantees adopted and make them available to you through our data protection officer.

09 Common Databases: REGULATORY CODE OF CONDUCT FOR PROCESSING PERSONAL DATA IN THE COMMON INFORMATION SYSTEMS OF THE INSURANCE SECTOR.

https://www.unespa.es/que-hacemos/politica-proteccion-ficheros-comunes/

10 Credit information files:

Below, you can find the external files of credit rating companies and fraud prevention information systems...

Below, you can find the external files of credit rating companies and fraud prevention information systems, which we consult to obtain information regarding the breach of a debt contracted with a private company.

11 Joint Controllers Agreement:

The essential aspects of the Co-responsibility Agreement between...

The essential aspects of the Co-responsibility Agreement between REALE SEGUROS GENERALES, S.A. ("RSG") and REALE VIDA Y PENSIONES, S.A. DE SEGUROS ("REALE VIDA") are described below.

Parties / Co-responsible Parties

REALE SEGUROS GENERALES, S.A. ("RSG"), a company validly incorporated and existing in Spain, with registered address at C/ Príncipe de Vergara, 125, 280002 Madrid and Corporate Tax ID No. A78520293; and
REALE VIDA Y PENSIONES, S.A. DE SEGUROS ("REALE VIDA"), a company validly incorporated and existing in Spain, with registered address at C/ Príncipe de Vergara, 125, 280002 Madrid and Corporate Tax ID No. A85877066.

Personal data protection information

Available here:

https://www.reale.es/es/politica-de-privacidad

Scope of joint agreement

Centralised management of insurance agreements for organisational purposes in the field of customer management.

Sales prospecting activities (including cross-selling).

Creating profiles for commercial purposes (including analytical models for customer classification (potential, existing and past)) in their different areas for segmentation and/or profiling to carry out sales actions such as cross-selling business models or retention/loyalty actions

Data subject and personal data categories

Potential customers of RSG and REALE VIDA.

Existing and past customers of RSG and REALE VIDA.

Compliance with the requirements of articles 6, 7, 8, 13, 14 and 26 of Regulation [EU] 2016/679 ("GDPR") when personal data is collected

The requirements must be fulfilled by the co-responsible party that initially collects the personal data.

Personal data security breaches

Each co-responsible party that is subject to a breach of personal data security that affects the personal data subject to co-responsibility must evaluate it and comply with the notification obligations pursuant to articles 33 and 34 GDPR.

Contact point for data subjects

REALE SEGUROS GENERALES, S.A.
Postal address: C/Príncipe de Vergara, 125, 28002, Madrid, Spain]
Email address:
protecciondedatos@reale.es

Rights of the Data Subject

Data subjects may exercise their rights to information, access, modification, deletion, opposition, portability and limitation of processing pursuant to the data protection regulations that apply to each co-responsible party, the contact point for the data subjects or the two co-responsible parties jointly.

Responsable

REALE Seguros Generales, S.A. (RSG), REALE Vida y Pensiones (RV) , S.A. de Seguros, REALE ITES Esp, S.L. (RItes), REALE IMMOBILI ESPAÑA, S.A.

Finalidad y legitimación

Los datos que nos has facilitado serán utilizados por RSG, RV,RItes o RImmobili según corresponda, para:

(1) Atender su ofrecimiento y gestionar su candidatura en los procesos de selección de los que forme parte Legitimación: consentimiento.
(2) Elaboración de perfiles de los candidatos que otorgue, potencialmente, una mayor coherencia o lealtad en el proceso de selección (p. ej., reduciendo la posibilidad de error humano, la discriminación y el abuso de poder). Legitimación: ejecución del contrato.

Destinatarios

A otras entidades del Grupo Reale para el cumplimiento de nuestras obligaciones legales y la gestión centralizada del servicio.

Derechos

Puedes ejercer tus derechos de acceso, rectificación, supresión, portabilidad, limitación y, en su caso, oposición al tratamiento, así como revocar tu consentimiento en cualquier momento, dirigiéndote a la Entidad REALE que corresponda a través del correo protecciondedatos@reale.es.

Información
adicional

Te recomendamos consultes información completa y detallada sobre el tratamiento de tus datos aquí.

Nos comunicaremos contigo a través de cualquier medio (incluyendo Whatsapp) cuando sea necesario para alguna de las finalidades descritas anteriormente. Si no quieres recibir comunicaciones por algún medio en concreto, ponte en contacto con nosotros para registrar tus preferencias.

Reale seguros

DATA PROTECTION POLICY

01 ¿Quién es el responsable del tratamiento de sus datos personales?

El responsable del tratamiento podrá ser REALE Seguros Generales, REALE Vida, REALE ITES...

El responsable del tratamiento podrá ser REALE Seguros Generales, REALE Vida, REALE ITES o REALE IMMOBILI ESPAÑA, S.A. (en adelante “las ENTIDADES” o “REALE”), en función de la oferta de empleo que solicite.

REALE Seguros Generales, S.A. con domicilio Calle Príncipe de Vergara, 125, 28002, Madrid y CIF A-78520293.
REALE Vida y Pensiones, S.A. de Seguros con domicilio en Calle Príncipe de Vergara, 125, 28002, Madrid y CIF A-85877066.
REALE ITES Esp, S.L., con domicilio en Calle Príncipe de Vergara, 125, 28002, Madrid y CIF B-88196605.
REALE IMMOBILI ESPAÑA, S.A. con domicilio en Calle Príncipe de Vergara, 125, 28002, Madrid y CIF A81337172.

REALE ha nombrado formalmente un Delegado de Protección de Datos y además tiene habilitado el siguiente canal de comunicación: dpo@reale.es.

02 ¿Cómo hemos obtenido sus datos personales?

REALE ha obtenido sus datos de carácter personal de alguna de las siguientes fuentes...

REALE ha obtenido sus datos de carácter personal de alguna de las siguientes fuentes:

Aportados por EL CANDIDATO para la gestión de su candidatura en procesos de selección promovidos por las ENTIDADES.
Derivados de la propia gestión, mantenimiento y desarrollo del proceso de selección.

En caso de que proporcione datos de terceros usted garantiza que cuenta con el consentimiento expreso de los terceros para que REALE pueda tratar sus datos. Asimismo, garantiza que los terceros cuyos datos proporcione han sido debidamente informados de los tratamientos que REALE llevará a cabo con dichos datos.

03 ¿Qué tipo de datos personales tratamos?

REALE podrá tratar los siguientes datos de carácter personal, así como aquellos que se generen de nuestra...

REALE podrá tratar los siguientes datos de carácter personal, así como aquellos que se generen de nuestra interacción con el candidato a lo largo de los procesos de selección de los que forme parte:

Datos identificativos y de contacto (p.ej., nombre, apellidos, edad, dirección postal, correo electrónico y teléfono).
Datos de características personales (p.ej., edad, lengua materna y fecha de nacimiento).
Datos de circunstancias sociales (p.ej., aficiones y estilo de vida).
Datos académicos y profesionales (p.ej., formación, titulaciones, historial del estudiante y experiencia profesional).
Datos de detalles del empleo (p.ej., puesto de trabajo e historial del trabajador).

04 ¿Con qué finalidad y con qué legitimación tratamos sus datos personales?

En REALE se tratarán sus datos personales para alcanzar las finalidades que se detallan a continuación...

En REALE se tratarán sus datos personales para alcanzar las finalidades que se detallan a continuación. Asimismo, cada finalidad del tratamiento tiene una legitimación en la que se basa el tratamiento de sus datos personales.

REALE tratará sus datos personales basándose en el consentimiento con la siguiente finalidad:

Atender su ofrecimiento y gestionar su candidatura en los procesos de selección de los que forme parte.

REALE tratará sus datos personales en base al interés legítimo con la siguiente finalidad:

Elaboración de perfiles de los candidatos que otorgue, potencialmente, una mayor coherencia o lealtad en el proceso de selección (p. ej., reduciendo la posibilidad de error humano, la discriminación y el abuso de poder).

05 ¿A qué destinatarios se comunicarán sus datos personales?

Para poder realizar la valoración de la candidatura, los datos personales tratados por REALE...

Para poder realizar la valoración de la candidatura, los datos personales tratados por REALE serán comunicados a las sociedades pertenecientes en cada momento al Grupo REALE o participadas por el Grupo.

06 ¿A qué destinatarios se comunicarán sus datos personales?

Los datos personales obrantes en su currículum vitae serán conservados, para los fines previstos...

Los datos personales obrantes en su currículum vitae serán conservados, para los fines previstos, durante un plazo de dos (2) años, desde la finalización del proceso de selección.

Transcurrido el mencionado plazo se procederá a su destrucción, garantizándole un total respecto a la confidencialidad de sus datos, tanto en el tratamiento como en la posterior destrucción.

Transcurrido el citado plazo, si desea continuar participando en los procesos de selección que se desarrollen, le rogamos nos remita nuevamente su Currículum Vitae o proceda a la actualización de los datos contenidos cuando así le sea comunicado por la ENTIDAD.

07 ¿Cuáles son sus derechos en relación con el tratamiento que hacemos de los mismos?

REALE le informa de que tiene derecho a acceder a sus datos personales y obtener confirmación...

REALE le informa de que tiene derecho a acceder a sus datos personales y obtener confirmación sobre cómo se están tratando dichos datos. Asimismo, tiene derecho a solicitar la rectificación de los datos inexactos o, en su caso, solicitar su supresión cuando, entre otros motivos, los datos ya no sean necesarios para los fines que hayan sido recabados por la ENTIDAD.

En determinadas circunstancias, podrá solicitar la limitación del tratamiento de sus datos, en cuyo caso REALE únicamente los conservará para el ejercicio o la defensa de las posibles reclamaciones.

Asimismo, también en determinadas circunstancias, usted podrá oponerse al tratamiento de sus datos personales con la finalidad informada por la ENTIDAD. En ese caso, REALE cesará en el tratamiento de los datos personales salvo que concurran motivos legítimos, o para garantizar el ejercicio o la defensa de posibles reclamaciones.

Por último, usted podrá solicitar el derecho a la portabilidad y obtener para sí mismo o para otro prestador de servicios determinada información que usted facilitó a REALE.

Para el ejercicio de cualquiera de estos derechos, usted podrá dirigirse a la Entidad REALE que corresponda según el caso, identificadas al inicio de esta cláusula, todas ellas con domicilio en calle Príncipe de Vergara 125, 28002 Madrid o a través del siguiente mail: protecciondedatos@reale.es, acompañando copia de su DNI o documento oficial acreditativo de su identidad. Asimismo, puede presentar una reclamación ante la Agencia Española de Protección de Datos si no ve satisfecho sus derechos.

***

Cláusula Mod. 101- Última actualización: 28 de noviembre de 2018