Skip to Content

Privacy Policy

DATA CONTROLLER

The Data Controller isMARINE PAINT SLL, Calle Guatlera, No. 15, Door 8, 07819, Jesús, Santa Eulalia (Balearic Islands), Spain.

Privacy Principles

At MARINE PAINT SLL, we are committed to continuously working to ensure the privacy of your personal data and to provide you with the most complete and clear information possible at all times. We encourage you to read this section carefully before providing us with your personal data.

If you are under fourteen years old, please do not provide us with your data without the consent of your parents or legal guardians.

In this section, we inform you about how we process the data of individuals who have a relationship with our organisation. Our principles are:

  • We do not request personal information unless it is necessary to provide you with the services you require.

  • We do not share personal information with third parties, except as required by law or when necessary to provide you with the service (for example, suppliers acting as data processors) or if we have your explicit consent.

  • We will not use your personal data for purposes other than those expressed in this privacy policy.

  • Your data will be processed with a level of protection appropriate to the legislation on data protection and we will not subject it to automated decisions that produce legal effects, unless you are informed and there is a legal basis for it.

Regulatory Framework

This privacy policy has been drafted taking into account the requirements of current legislation:

  • Regulation (EU) 2016/679 (GDPR).

  • Organic Law 3/2018 (LOPDGDD).

Date of update:6 February 2026.

Due to changes in processing criteria or to adapt it to current legislation, we may modify this policy. We will update the date so you can check its validity.

Processes we carry out

CONTACT PROCESSING

Legal basis:Consent of the data subject (GDPR art. 6.1.a).

Purposes of processing:To respond to your request, contact you, send you the requested information, and follow up on the request.

Group:Contact persons, potential clients, clients, suppliers.

Categories of data:First and last name, phone number, email address, and, where applicable, the content of the message.

Recipients:No data transfers to third parties are contemplated, except for legal obligations or suppliers providing necessary services (data processors).

International transfers:General international transfers are not planned. If suppliers outside the EEA are used, the appropriate safeguards provided for in the GDPR will apply (see section 'International transfers').

Retention period:They will be kept for the time necessary to manage the request and, where applicable, for the legally required periods to address potential liabilities.

Security measures:Adapted to the requirements of the GDPR.

RIGHTS MANAGEMENT TREATMENT (ARCO / GDPR)

Legal basis:Compliance with a legal obligation (GDPR art. 6.1.c).

Purpose of processing:To address requests for the exercise of rights (access, rectification, erasure, objection, restriction, portability and others provided for by the GDPR).

Group:Individuals making the request (employees, clients, suppliers, contacts).

Categories of data:Identifying and contact details (name and surname, address, signature, phone) and those necessary to verify identity.

Recipients:May be communicated to the supervisory authority (Spanish Data Protection Agency) in the context of an investigation or rights protection.

International transfers:Not planned.

Retention period:They will be kept forfive yearsfrom the request, unless a longer period is required by legal obligation.

Security measures:Adapted to the requirements of the GDPR.

SUPPLIER PROCESSING

Legal basis:

  • Execution of a contract or pre-contractual measures (GDPR art. 6.1.b).

  • Compliance with a legal obligation (GDPR art. 6.1.c), including applicable tax and accounting regulations.

Purpose of processing:

  • Management of the commercial and administrative relationship with suppliers.

  • Management of payments and invoicing.

  • Control of subcontractors, if applicable.

Group:Suppliers and supplier workers.

Data categories:Identifying and contact data (name, surname, ID/NIF or other identifying document, address, signature, phone) and banking data necessary for payments.

Recipients:Financial entities (invoice payments) and competent public administrations (for example, Tax Agency), when required.

International transfers:Not generally provided for.

Retention period:They will be kept for as long as necessary to fulfil the purpose and for the periods required by tax/accounting regulations and to address potential liabilities.

Security measures:Adapted to the requirements of the GDPR.

CUSTOMER PROCESSING

Legal basis:

  • Consent (GDPR art. 6.1.a), where applicable.

  • Execution of a contract or pre-contractual measures (GDPR art. 6.1.b).

  • Compliance with a legal obligation (GDPR art. 6.1.c), including applicable tax/accounting regulations.

Purpose of processing:Provision of services related to the rental/sale of movable and immovable property, administrative management, invoicing, and customer service.

Group:Customers.

Data categories:Identifying and contact data (name, surname, ID/NIF or other identifying document, address, signature, phone) and banking data necessary for payments/management.

Recipients:Competent financial entities and public administrations, when required.

International transfers:Not generally provided for.

Retention period:They will be kept for as long as necessary to fulfil the purpose and for the periods required by tax/accounting regulations and to address potential liabilities.

Security measures:Adapted to the requirements of the GDPR.

YOUR RIGHTS

You have the right to request a copy of your personal data, to rectify inaccurate data or to complete it if it is incomplete, and, where applicable, to delete it when it is no longer necessary for the purposes for which it was collected.

You also have the right to limit the processing of your personal data and to obtain it in a structured, commonly used, and machine-readable format, as well as to portability when applicable.

You can object to the processing of your personal data in certain circumstances, especially when the purpose of the processing is direct marketing or when there is no legal basis to legitimise it.

When you have given us your consent, you can withdraw it at any time. The withdrawal of consent will not affect the lawfulness of the processing based on consent before its withdrawal.

These rights may be limited in certain cases; for example, if to comply with your request we have to disclose data about another person or if there are legal obligations that require the retention of certain information.

To exercise your rights, you can contact us by any of the means indicated in the section "Data Controller", providing a document that proves your identity (usually an ID card).

In the event of any infringement of your rights, you have the right to lodge a complaint with the competent supervisory authority, in Spain theSpanish Agency for Data Protection (AEPD).

Additional information

International transfers (outside the EEA)

In general,international transfersof data outside the European Economic Area are not planned.

If it is necessary to use providers located outside the EEA to provide the service, the transfer will be carried out with theappropriate safeguardsprovided for in the GDPR, such asstandard contractual clausesor other applicable safeguards, or where appropriate asuitability decisionwhen applicable.

Links to third-party websites

Our website may contain links to other websites. It is your responsibility to ensure that you read the data protection policy and the legal conditions applicable to each site.

Third-party data

If you provide us with third-party data, you assume the responsibility of informing them in advance as established in Article 14 of the GDPR.