Who is the Data Controller responsible for processing your data?
Monty Global Payments S.A.U. E.P.Calle Miguel Ángel Nº 21, 7ª planta
28010 – Madrid
NIF: A83949222
Contact details: dpo@mgpsa.com
What data do we collect via our website?
As a consequence of your browsing this website, MGP has access to data regarding your IP address and information concerning your query, request or the hiring of any products or services, as well as any transaction or operation carried out, and these may be used for the issuing of commercial communications, including electronic ones, as provided for by Spanish Law 34/2002 on Information Society Services.
MGP uses the Google Places API Web Service, which therefore also applies, and by using it, clients expressly accept the Google Privacy Policy.
For what purposes will we process your personal data?
Your data will be processed by MGP for the marketing of products and services, for the entering into, and maintenance of, your contractual relations with MGP, and management thereof, with the goal of customising our commercial products and services to your particular characteristics.
What is the legal authorisation for the processing of your data?
The legal basis is the execution and upholding of relations of a contractual nature, as well as the consent of the data subject in the event of the issue of commercial communications or information.
With whom will your data be shared?
Your data will be shared with MGP’s commercial and technical services. Data subjects also accept that their information may be transferred by MGP to any financial entities belonging to the same group, as well as to partners providing the service that has been contracted (correspondent or paying financial entities), solely for the aforementioned purposes.
For how long will we store your data?
We will only keep your information for as long as is necessary to meet the specific requirements of each case, which means a maximum of 7 years from the last transaction carried out. In the event of clients requesting their data be erased, MGP may retain their personal data in order to comply with legislation applying to financial transactions, such as, for instance: laws to combat the financing of terrorism and to combat moneylaundering, as well as to safeguard a legitimate interest or to meet regulatory requirements.
In any event, we will continue to uphold your privacy, which is of great concern to us.
What rights do you have?
- To know whether or not we are processing your data.
- To access your personal data.
- To request the rectification of your data if these are not accurate.
- To request the erasure of your data if these are no longer necessary to the purposes for which they were collected, or if you withdraw your previously given consent.
- To request the restriction of the processing of your data in certain scenarios, in which case we will only continue to store them in accordance with current regulations.
- Portability of your data, which will be provided in a structured, commonly used and machine-readable format. If preferred, we can transfer them to a new controller as designated by you. This is only valid in specific circumstances.
- To file a claim with the Spanish Data Protection Agency or competent supervisory authority if you think we have not performed our tasks correctly.
- To withdraw your consent for each specific purpose without said withdrawal affecting the lawfulness of processing based on express consent.
How can your exercise your rights?
Data subjects may exercise their rights by sending an email to dpo@mgpsa.com, or by post to the MGP address. In both cases, they should attach their identification documentation.
What is the set period for resolving the exercise of rights?
We will notify data subjects of any actions being taken with regard to any of their requests within one month, with it being possible to extend said period a further two months in the event of particularly complex requests, in which case we will notify data subjects of said extension during the first month.
In those cases where we are unable to deal with your request, we will notify you, providing reasons thereof, within one month of receiving said request.
What security measures are in place?
MGP will at all times process data subjects’ information in absolute confidentiality and respecting the required obligation of secrecy, in accordance with the terms provided for in the applicable regulations. To this effect, it will also adopt the necessary technical and organisational measures to guarantee the security of your data and to avoid their alteration, loss or unauthorised processing or access, taking into account available technology, the nature of the data being stored and the risks to which they are exposed.