Privacy Policy
BANCO ALCALÁ, S.A., hereinafter “the Bank”, with registered office at Calle Ortega y Gasset, 7, 4º, 28006 Madrid, owns this website and is responsible for the personal data provided by users through this website.
The user has been informed and consents to the processing of the data provided while browsing the website and any that are produced by using it, including, where applicable, any international communications or transfers of data that may be made for the purposes stated in the section “Why do we process your personal data?”.
If the provided data refer to third-party natural persons other than the user, it assures that it will seek and obtain their prior consent for the communication of their data and inform them, in advance, of the purposes of the processing, communications and other terms provided in the section “Information on data protection”.
The user declares that he is over the age of 13. Equally, if the data provided while browsing the website are about minors, as father/mother or guardian of the minor, he expressly authorises the processing of such data including, where applicable, those relating to health, for the purposes described in the information on data protection.
The user guarantees the accuracy and truthfulness of the provided personal data, undertaking to keep them duly up to date and report any changes to the Bank.
The use of this website is subject to the Privacy and Personal Data Processing Policy, the Terms of Use described below and the cookie policy. We ask you to read them carefully. Accessing this website and using the materials
Who is responsible for processing your personal data?
- Identity: Banco Alcalá, SA, A-79074274
- Postal Address: Calle Ortega y Gasset, 7, 4º, 28006 Madrid
- Telephone: 00 34 911750700
- Email: info@creand.es
- Details of Data Protection Officer: dpo@creditandorragroup.com
What data do we keep?
The Bank obtains information about its users. The data it keeps are:
- The domain name of the service provider (ISP) giving access to the Internet. For example, a user of the ISP XXX is identified by the domain xxx.es.
- The date and time of access to our website.
- The Internet address containing the link leading to our website.
Why do we process your personal data?
The Bank processes any data supplied voluntarily while browsing on the website, and any that are obtained or produced by browsing the pages on the Internet or other medium, for the following purposes:
- To offer more personalised browsing to the user.
- To gather statistics on the countries and servers that most often visit the website.
- To find out when there is most traffic on the website and make specific adjustments to avoid access problems.
- To discover the effectiveness of the various buttons and links leading to our server and optimise those that offer the best results.
- To keep a record of the user’s online activity.
- To prevent and investigate fraud.
- To maintain and manage your relationship with CRÈDIT ANDORRÀ Group, integrally and centrally.
This site is being monitored using the solutions of Google Analytics. These solutions use markers on pages and cookies to analyse information on visitors (for example, number of visits, length of visit), users’ sociodemographic data and a record of their behaviour on our pages (for example, sources of traffic, visited pages, preferred sections, etc.). You can find more information about the privacy policy of Google Analytics at https://policies.google.com/privacy?hl=es.
Any data received, as well as the processing and above-mentioned purposes, are necessary or are related to providing an adequate service and management of the website and, where applicable, the maintenance, development and control of the relationship with the Bank.
How long do we keep your personal data?
Any personal data provided are kept for the specified period based on the following criteria: (i) legal retention period and (ii) deletion request from the person concerned in the appropriate circumstances.
What is the legal basis for processing your data?
The legal basis for processing your data for the purposes included in the section “Why do we process your data?” is the consent of the person concerned.
Who will your data be communicated to?
The Bank may communicate your data for the purposes indicated in the section “Why do we process your personal data?” to other entities belonging to the CRÈDIT ANDORRÀ Group (www.creditandorragroup.ad), subsidiaries and investees, CRÈDIT ANDORRÀ Foundation, and third parties with which it signs collaboration agreements.
Equally, any entity belonging to the CRÈDIT ANDORRÀ Group (www.creditandorragroup.ad), subsidiaries and investees, may communicate the personal data to any of the above-mentioned entities, in order to maintain integral, centralised management of the relationship of the persons concerned with the various entities in the CRÈDIT ANDORRÀ Group and the persons concerned may have access to their data from any of them, always respecting applicable legislation on personal data protection and without the need for each first communication to be communicated to the persons concerned.
Within the framework of the communications described in the previous paragraph, international data transfers may be made to third parties or international organisations, for which a European Commission adequacy finding exists or not. International transfers to countries that cannot guarantee an adequate level of protection, will be exceptional and only made when essential for the development of your relationship with the Entity.
What are your rights when you provide your data to us?
On the terms and within the scope set out in current legislation, everyone has the right to:
- Confirm whether the Bank is processing personal data that concerns him or not, to access them and any information relating to their processing.
- Request that any incorrect information be rectified.
- Request that the data be deleted if, among other reasons, they are no longer needed for the purposes for which they were gathered, in which case the Bank will stop processing the data except to make or defend any claims.
- Request restricted processing of their data, in which case they may only be processed with their consent, unless they are kept and used to make or defend claims or to protect the rights of another natural or legal person or for reasons of major public interest in the European Union or a specific member State.
- Object to the processing of their data, in which case the Bank will stop processing the data, except to defend any claims.
- Receive in a structured form that is in common use and machine-readable, the personal data that affects them which they provided to the Bank, or request the Bank to send them directly to another administrator if this is technically possible.
- Withdraw authorised consent, where applicable, for the purpose included in the section “Why do we process your personal data?”, with no effect on the legality of the processing based on consent prior to withdrawal.
The above access, rectification, deletion, restriction, objection and transfer rights may be exercised directly by the owner of the data or through a legal or voluntary representative, by written communication addressed to the Oficina Corporativa de Privacidad y Protección de Datos (Calle Ortega y Gasset, 7, 4º, 28006, Madrid).
The person concerned may file a claim with the Agencia Española de Protección de Datos, (Calle Jorge Juan, 6, 28001 – Madrid), especially if he believes that he has not obtained satisfaction when exercising his rights, through the webpage set up for the purpose by the relevant Control Authority.
It is understood that the user has been informed and accepts the above conditions if he continues to browse the website and, where applicable, presses the button “SEND/CONTINUE” located in the forms for collecting data.
The Bank accepts no responsibility for any information on this website from sources outside the CRÈDIT ANDORRÀ Group, and any content that it has not prepared itself.
The function of the links appearing on this website is exclusively to inform the user of the existence of other online sources of information on the matter, where he may supplement the data offered on this website. The Bank does not, in any case, accept responsibility for any result obtained via those hypertext links.
The user undertakes to make proper use of the website, i.e. in compliance with current legislation, good faith and public order.
Equally, the user undertakes not to use the website for fraudulent purposes, such as any action intended to damage, disable or overload the website, or that blocks its normal use or operation in any way.
The user is informed that, in the case of a breach of the Terms of Use, the Privacy Policy or any other terms or conditions included on the website, the Bank reserves the right to restrict, suspend or block his access to the website, by any technical means it considers necessary.
All rights reserved. The portal design and its source codes, logos, brands and other distinguishing signs that appear on it, belong to the Bank and are protected by the relevant intellectual and industrial property rights.
The reproduction, distribution, transformation, manipulation, public communication or any other full or partial use, whether free of charge or for payment, of the texts, images or any other content appearing on the website, is strictly prohibited without the written authorisation of the copyright owners.
The Bank reserves the right, at any time and without notice, to modify, alter, remove or delete the contents and their format as it considers necessary, whether temporarily or permanently. The user must ensure that he is using the updated version at all times. Users are not entitled to receive any compensation for damages.