Respecting your privacy and complying with data protection regulations are vitally important to all the companies in Correos Group.
We want you to know why we are using, or want to use, your data, and what your rights are, at all times. For that reason, we have drafted the following Data Protection terms and conditions (“Website Privacy Policy”) to regulate the data processing that will be carried out when any User browses our website www.correos.es, any of its sub-domains, or any other Correos website that shows this Privacy Policy in the footer.
This Web Privacy Policy may be subject to change to adapt it to future legislative or jurisprudential developments or industry practices. In any case, the processing of user data will be regulated by the Data Protection Policy in force at the time of the browsing.
1. Who will process your data?
The data controller is “Sociedad Estatal Correos y Telégrafos, S.A., S.M.E” (“Correos”), with Spanish Tax ID No. A-83052407 and registered address at Vía Dublín no. 7 (Campo de las Naciones) 28070 Madrid (Spain).
To ensure this processing is managed correctly, Correos has appointed a Data Protection Officer (DPD or DPO) who you can write to at the following email address: dpdgrupocorreos@correos.com
2. What are your data processed for and why?
Users’ personal data will be used for the following purposes:
Finally, our website has different forms that allow you to request information about some of our products and/or services, sign up for them, or contact us for other reasons. If you use these forms, the data provided on them will be processed in order to complete your request. In any case, before you use any of the different web forms you will be informed about how your data will be processed, if different from the processing described in this Web Privacy Policy, and you will be asked for your consent when necessary.
3. What data will be processed?
We will process the personal data that we obtain from you when you browse our website, including:
a) Data that Users provide directly:
Browsing our website does not require prior registration. However, when you visit our website, it is standard for our web servers to store information like the IP address and domain from which you are accessing it, the date and time of the visit, etc.
On the other hand, certain features of our website require you to provide additional information through forms (e.g. your name and surname, postal or email address, telephone number, etc.).
Unless specifically stated otherwise, all form fields are required, so if information is missing your request may not be processed.
b) Data that Users provide indirectly:
As you browse, different cookies may be installed on your device in accordance with the provisions of our Cookies Policy.
4. Are your data communicated to third parties?
In general, we do not intend to communicate your data to people outside Correos. However, the following exceptions may occur:
5. How long will your data be processed?
Personal data will be held only for the time necessary to enable your browsing of the website, analyse your browsing (if you accept our cookies policy) or process your service requests through the website. When they are no longer necessary, the data will be deleted in accordance with data protection regulations, meaning that they will be blocked, and only available at the request of judges and courts, the Office of the Public Prosecutor or relevant Public Administrations during the statute of limitations for any related legal actions. Following the block period, they will be fully erased. As an example, the statute of limitations will be 3 years in most cases derived from the data protection regulations.
In any event, if there are any outstanding legal disputes after the contractual relationship has terminated, the data may be held while the legal proceedings are under way, for evidential purposes only, until the final decision has been made; at that point the data will be blocked and subsequently erased.
6. What are your rights?
Users may exercise the following rights related to the processing of their data to the extent they are recognised in the data protection regulations applicable at any time:
You may exercise your rights through any of the following channels, indicating the right being exercised and attaching a copy of your Spanish Identification Document or similar document as well as any other documentation you deem to be necessary:
You can find a set of forms that will help you exercise your rights on the website of the Spanish Data Protection Agency (AEPD). Moreover, we inform you that you have the right to file a claim with the control authority (in Spain, the AEPD) if you feel that your rights have been breached.