Privacy Policy PROSEGUR FOUNDATION

Additional Information 1. Data Controller

1.1. Information of the Data

The present document governs the privacy policy of the PROSEGUR’s website (hereinafter the "website").

PROSEGUR forms part of an international group dedicated to private security activities. As part of its activities, four lines of business are worth particular mention: Prosegur Cash, Prosegur Security, Prosegur Alarms and Prosegur Cybersecurity. For your information, the company’s identification data is provided below:

Business name: Prosegur Compañía de Seguridad, S.A. (hereinafter referred to as “PROSEGUR”).

NIF (Tax ID No.): A28430882

Address: Calle Pajaritos, 24, 28007, Madrid (Spain).

Data Protection Officer contact details: dpo@prosegur.com

1.2. Scope

This privacy policy governs the data processing activities undertaken by PROSEGUR in relation to users of the PROSEGUR’s corporate website. The foregoing includes processing the personal data of (i) customers and/or potential customers; (ii) suppliers and/or potential suppliers; and/or (iii) shareholders; accessing or transferring information via the website. Therefore, this privacy policy contains information on the processing of data corresponding to the different categories of the data subjects mentioned.

2. Purposes and Legitimisation

You are hereby informed that all the data that PROSEGUR requests or may request from you are required for the purposes described in this privacy policy and failing to provide them would make it impossible to contact you or handle the request made with PROSEGUR. Furthermore, PROSEGUR reserves the right to refrain from responding or handling requests that do not include the data requested.

You hereby guarantee the accuracy of the personal details provided to PROSEGUR. PROSEGUR may periodically ask that you revise and update your personal data.

Please refer to the website for more useful information about the services provided by PROSEGUR and additional information regarding the company. In this regard, PROSEGUR will only ask you for, and therefore, only process the data necessary to be able to commence and maintain a commercial and/or contractual relationship with you, render the contracted service and/or keep you informed of products and services or other information of the company that may be of interest to you whether you are a customer, potential customer, supplier or potential supplier, or shareholder.

The purposes for which your personal data is processed and the legal grounds that legitimize the processing of such data, in accordance with the abovementioned categories are described below:

2.1. If you are a customer or potential customer of PROSEGUR

The following is a description of the purposes for which we process personal data and the legal grounds that legitimize data processing, if you are a customer or potential customer:

1. Legitimation by the execution of the service contract between you and PROSEGUR or application of pre-contractual measures:

1. a.Management of the commercial relationship with prospective clients, conducting commercial visits and attending to requests for information on the products and services provided by PROSEGUR.
2. b.Formalisation of the contractual relationship, which will entail entering into and signing contracts.
3. c.Management of the contractual relationship with PROSEGUR’s Group customers and ensure the execution of the services under contract, including installation assistance, technical servicing, billing, collections and the termination of the contract.

2. Legitimation by express consent:

1. a.Sending of commercial communications, by any means, including electronic,  related to different products and services that those contracted by the customers, of PROSEGUR and its Group companies dedicated to providing security services.
2. b.Data transfers to PROSEGUR’s Group companies and third parties in order to receive commercial information.

3. Legitimation by the legitimate interests of PROSEGUR:

1. a.Sending commercial communications related to similar products and services that those contracted by the customers. In this case, the legitimate interest of PROSEGUR is based on keeping you informed of and introducing you to products or services that may be of interest to you.
2. b.Requesting public financial solvency files to verify that you are up to date with your payments, check whether you are in arrears, and if you had been in the past, how long it took you to pay off your debts, which will simplify and streamline the risk analysis at the time the contract is taken out. In such a case, the legitimate interest of PROSEGUR is to safeguard its own operations and prevent fraud.
3. c.Creation of business process automation projects to enhance the products and services provided by PROSEGUR. The legitimate interest in this case would be to improve the efficiency and productivity of PROSEGUR activities.
4. d.Profiling analysis based on personal data to calculate the degree of readiness to acquire other products or commission additional services, propensity to cancel contracted services and an assessment for the purpose of executing commercial activities.

2.2. If you are a PROSEGUR supplier or potential supplier

Please refer to the website for more useful information about PROSEGUR activities. To this end, if you are, or represent, a PROSEGUR supplier or potential supplier and decide to contact the company, the data processed will be the data required to start and maintain a contractual relationship with you, whether you are an entrepreneur or the representative of a company.

The following is a description of the purposes for which we process personal data and the grounds that legitimize data processing, if you are a supplier or prospective supplier:

1. Legitimation by the execution of the contract with PROSEGUR or application of pre-contractual measures:

1. a.Management of the commercial relationship with potential suppliers, in response to requests for information.
2. b.Formalisation of the contractual relationship, which will entail entering into and signing of contracts.
3. c.Management of the contractual relationship with PROSEGUR Group suppliers, including monitoring the relationship and the corresponding payments.

2. Legitimation by express consent:

1. a.Sending commercial communications, by any means, including electronic, related to different products and services of PROSEGUR and its Group companies dedicated to providing security services.
2. b.Data transfers to PROSEGUR’s to PROSEGUR Group companies and third parties in order to receive commercial information. 

3. Legitimation by the legitimate interests of PROSEGUR:

1. Sending commercial communications, by any means, including electronic, related to similar products and services. In this case, the legitimate interest of PROSEGUR is based on keeping you informed of and introducing you to products or services that may be of interest to you.

2.3. If you are a PROSEGUR shareholder

In such cases PROSEGUR will process your data as shareholder for the sole purpose of carrying out the necessary actions to manage the relationship with you, including providing you with relevant information about the company and complying with the legal requirements.

The following is a description of the purposes for which we process personal data and the grounds that legitimize data processing:

1. Legitimation by the formalisation of the employment contract between you and PROSEGUR or application of pre-contractual measures:

1. a.Manage the relationship with you as a shareholder, responding to requests for information, including monitoring the relationship.
2. b.Formalize the relationship with you as a shareholder, which will include the process of buying and selling shares and signing contracts.

2. Legitimation by compliance with legal obligations

1. a.Comply with legal obligations and requirements in this area, which require the processing of your personal data, taking into account your status as a shareholder.

3. Legitimation by express consent:

1. a.Sending commercial communications by any means, including electronic, of products and services of PROSEGUR, different from those related to the security sector.
2. b.Data transfers to PROSEGUR’s Group companies and third parties in order to send commercial communications of security, logistics, transport and cash management sector.

4. Legitimation by the legitimate interests of PROSEGUR:

1. a.Provide you with relevant information about the company, taking into account your status as a shareholder. In this case, the legitimate interest of PROSEGUR is based on keeping you informed and updated on relevant aspects of the company that may be of interest.
2. b.Sending commercial communications by any means, including electronic, of products and services of PROSEGUR related to the security sector, which as a shareholder may be of your interest.

3. Recipients

The personal data that you provide to PROSEGUR may be sent to the following recipient categories:

• Third parties to whom PROSEGUR is obliged to send information, including public authorities, in order to comply with the requirements of these authorities and the applicable regulations, where appropriate.
• Companies that form part of the PROSEGUR Group, in order to manage the corresponding contractual relationship appropriately as a result of the centralisation of administrative and computing processes within the PROSEGUR Group.

You are hereby informed that the PROSEGUR Group may include companies outside the European Economic Area. In these instances, the parent company requires that these companies fulfil the measures designed to protect personal data established in a binding contract, unless for instances in which the European Commission has determined that the country in which the recipient is located provides an appropriate level of personal data protection.

4. Data Retention

The criteria that PROSEGUR uses to define the period for storing your data have been established in line with the requirements set forth in the applicable legislation, regulations and guidelines, in addition to PROSEGUR's operating requirements relating to the correct management of its relationship with present and/or potential customers.

Your data will not be stored for a period longer than six years following the end of any contractual relationship between you and PROSEGUR. This period for the storage of data has been defined in accordance with the pertinent trade legislation and, more specifically, in accordance with the provisions set forth in the Code of Commerce. Notwithstanding the foregoing, in the event that legal proceedings are taken against you, your data may be stored in a blocked format for the additional amount of time required until the final legal ruling is obtained. Once this period comes to an end, your data will be deleted.

5. Your Data Protection Rights

You may make contact PROSEGUR at any time to exercise your rights of access, rectification, erasure, limitation and opposition, in addition to the data portability and to not be subject to automated decisions, by writing to Prosegur Compañía de Seguridad, S.A. at Calle Pajaritos, 24, 28007, Madrid (Spain), or the following email address: protecciondedatos.seguridad@prosegur.com, attaching a copy of your national ID or documentation proving your identity.

Furthermore, you are hereby informed that you may withdraw your consent whenever you so desire by contacting PROSEGUR at the address or email address mentioned above.

Finally, if you wish to receive further information on your data protection rights or file a claim, you can contact the corresponding Data Protection Authority to safeguard your rights.

© 2018 Prosegur Compañía de Seguridad, S.A. All rights reserved.

*In the event of any discrepancies between the Spanish and the English version, the Spanish version shall prevail.