Contact us

Privacy policy

This Privacy Policy has been developed by taking into account the provisions of current legislation on data protection, Regulation 2016/679 from the European Parliament and Council, April 27, 2016 on the protection of natural persons regarding the processing of personal data and their circulation; hereinafter, the RGPD.

The aim of this Privacy Policy is to inform the owners of personal data, whose information is being collected, about specific aspects relating to the processing of their data: e.g. the purposes of the processing, contact information to exercise their rights, the period the information is kept for and security measures; among other things.

Responsible for Processing

In terms of data protection, ASSEMBLY must be considered responsible for the processing, in relation to the files and processing specified in this policy, especially the Data Processing section.

The website owner details are:

  • Responsible for processing: Assembly Conveying Systems, S.L
  • Postal address: Carretera de Logroño (N-232), Km. 9.3, 50120 Zaragoza, España
  • Email address: info@assembly

Data Processing

The personal data requested, if appropriate, will consist only of those strictly necessary to identify and respond to the request made by their owner, hereinafter the interested party. This information will be treated in a fair, lawful and transparent manner in relation to the interested party. Also, the personal data will be collected for explicit and legitimate purposes and not be further processed in a manner incompatible with these purposes.

The data collected from each interested party will be adequate, relevant and not excessive in relation to the corresponding purposes in each case, and will be updated whenever necessary.

Before their data is collected, the data owner will be informed of the general purposes regulated in this policy to be able to provide express, precise and unequivocal consent for the processing of their data, in accordance with the following aspects.

Processing Aims

The explicit purposes for the processing are included in the information included in each of the data collection channels (e.g. web forms, paper forms, contracts, posters or information notes).

However, in general, the collection and processing of the data is intended to:

  • Maintain the contractual relationship established between the data owner and ASSEMBLY.
  • Implement, maintain and manage any relationship that ASSEMBLY and the Data Owner may have: commercial, administrative, accounting, employment, marketing (prospecting and commercial promotion), human resources, training or any other services provision requested from ASSEMBLY by the Data Owner.
  • Have data from candidates who choose to participate in selection processes promoted by ASSEMBLY.
  • Send technical, operational, advertising, promotional information related to ASSEMBLY’s own products, provided that consent for this is given or there is a prior commercial/contractual relationship with the legal entity or professional referring to the sending of commercial communications for products or services similar to those initially contracted with the customer (article 21.2 of Law 34/2002, July 11, Services of the Information Society and Electronic Commerce).

In no case will they be used for purposes other than those for which they were collected.


As a general rule, before processing personal data, ASSEMBLY will obtain unequivocal consent from the owner via the incorporation of informed consent terms in the different information collection systems.

However, if the consent of the interested party is not required, the basis for legitimising the processing in which ASSEMBLY is covered is the implementation of the established contractual relationship, our legitimate interest in the development of the business, if promoting and commercial prospecting or in compliance with a law that authorises or requires the processing of the interested party data.

If your consent was requested for any of the processing we are going to carry out (such as sending information) we hereby inform you that you can withdraw it at any time.


As a general rule, ASSEMBLY will not transfer any personal data to a third party, unless the Holders have granted their consent for these purposes or if the transfer is authorised by Law.

Data maintenance periods

The personal data collected from the interested party will be kept as long as necessary to fulfil the purpose for which the information was collected. Once this purpose is no longer applicable, the data will be cancelled or blocked and kept for the availability only of Public Administrations, Judges and Courts, to attend to possible responsibilities arising from processing during their validity period. Once this period has elapsed, the information will be destroyed.

For information purposes, the following are the legal periods for keeping the information according to the document type:

Related to employment or social security 4 Article 21, Royal Legislative Decree 5/2000, August 4, approving the revised text of the Law on Social Order Infractions and Sanctions
Accounting and fiscal for commercial purposes 6 Article 30, Commercial Code
Accounting and fiscal for tax purposes 4 Articles 66-70, General Tax Law
CV information (candidates) 2 Not applicable

Browsing Data

In relation to the browsing data that can be processed through the website, consult the Cookies Policy on our website for data collected subject to the regulations.

Rights of Interested Parts

Data protection regulations grant a series of rights to interested parties or data holders. The rights applicable to interested parties are the following:

  • Access: To obtain information about whether and for what purpose your data are being processed, the categories of data concerned, the recipients or recipient categories, the term of conservation and the origin of these data.
  • Rectification: To correct inaccurate or incomplete personal data.
  • Removal: To obtain deletion of data when:
    • The data are no longer necessary for the purpose for which they were collected
    • The data owner withdraws consent
    • The interested party opposes processing
    • The data have to be deleted in compliance with a legal obligation
    • The data were obtained by an information society service based on the provisions of article 8, section 1 of the European Regulation on Data Protection
  • Objection: Be opposed to specific processing based on the consent of the interested party.
  • Limitation: Limit the data processing when:
    • The interested party challenges the accuracy of the personal data; applicable while the company checks their accuracy
    • The processing is illegal and the interested party objects to the data being deleted
    • The company no longer needs the data for the purposes for which they were collected, but the interested party needs them to prepare, exercise or defend a claim
    • The interested party has opposed processing; applicable while it is checked if the legitimate reasons of the company prevail over those of the interested party
  • Portability: Obtain the data in a structured, commonly used and machine-readable format to transfer them to another data controller when the processing is:
    • Based on consent
    • Done automatically
  • Make a claim Against the competent control authority.

Interested parties may exercise the above rights by post to Assembly Conveying Systems, S.L., Carretera de Logroño (N-232), Km. 9.3, 50120 Zaragoza (España), or by email to info@assembly, enclosing a photocopy of the ID document (DNI) or equivalent valid in law which proves their identity.

Assembly will respond to your request as soon as possible and within the deadlines established in the data protection regulations.


The security measures adopted by ASSEMBLY are in accordance with the provisions of article 32 of the RGPD. Taking into account the state of the art, the costs of application and the nature, scope, context and purposes of the processing, as well as the variable severity and probability risks for the rights and freedoms of physical persons, the company has established the appropriate technical and organisational measures to ensure the appropriate level of security for the existing risk.

In all cases, ASSEMBLY has implemented sufficient mechanisms to:

  1. Ensure the confidentiality, integrity, availability and permanent resilience of the processing systems and services.
  2. Restore availability and access to personal data quickly following a physical or technical incident
  3. Regularly check, evaluate and assess the effectiveness of the technical and organisational measures implemented to guarantee the safety of the processing
  4. Pseudonymise and encrypt personal data, if applicable