Grupo Agora declares that it is fully compliant with the prevailing Spanish and European laws regarding Personal Data Protection, in particular with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, and the Organic Law 3/2018, of 5 December, on the Protection of Personal Data and Guarantee of Digital Rights.
Data Controller and statement of regulatory compliance. Contact details of the Data Protection Officer.
As part of their commitment to comply with current regulations, all member companies of Grupo Agora follow the same standards and policies in order to ensure the protection of your personal data. We present below the list of companies of Grupo Agora acting as Data Controllers. The company or companies acting as Data Controllers of your personal information will be specified in the first layer of informative clauses or in the contracts that you enter into with Grupo Agora.
|TAX ID NUMBER
|Logística, Reparto y Servicios S.L.
|Aparcamientos Garvi S.A.U.
|Distribucions 972 S.L.
|La Zaragozana S.A.
|New Cabma S.L.
|Noeda Distribuciones S.A.
|Cerevezas Moritz S.A.
|Envasadora de Miraflores S.L.
|Exclusivas de Reparto y Servicios S.L.
|Concesiones y Bebidas Carbónicas S.A.
|Muntaner 213 S.L.
|Distribuciones Pozo S.L.
If you would like to contact us for any question related to the processing of your data, or the data protection regulation in general, please do so through our Data Protection Officer. To that effect contact details are provided below.
• E-mail: dpo(@)agoragp.com
• Post: Calle Ramón Berenguer, IV, 1, 50007, Zaragoza (Spain)
Collectives whose personal data we process. Typology, purpose and legitimate aim.
Below is a list of the different data obtained in accordance with the processing activities performed by Grupo Agora:
+ Job applicants: these data are gathered with the aim of conducting selection processes and they affect categories such as identification details, special categories of data (health/disability), personal characteristics information, and academic and professional background and employment details. The legitimate basis for processing these data is the consent expressed by the affected individuals. All data shall be destroyed within six months.
+ Data of employees: these data are used to manage the employment relationship, for payroll management, workday control and all other obligations that the work relationship entails. The collected data are identifying data, of special categories (health/disability), personal characteristics information, academic and professional background, employment details, financial details and other types of data (such as geolocation, in certain circumstances in which the employee will be previously and expressly informed). In addition to this, in case that consent is given for that purpose, the data may be used to provide employees with social benefits or the like. The legitimate bases for processing are the relationship between the parties, the legal obligation to gather these types of data and the consent of those concerned. The conservation period shall be of five years from the date of termination of the work relationship, except for payrolls and the Spanish Social Security forms TC1 and TC2, which must be retained for ten years.
+ Marketing data (web users, clients and suppliers): these data are used to send the newsletter and other commercial communications. Similarly, they may be used to send gifts on occasion (for example, on the occasion of a festivity) to clients, suppliers and other persons linked to the company. The data included in this processing are identifying data, personal characteristics information and employment details. The legitimate bases for processing are the legitimate interest of the Data Controller and the consent of the interested party. These data shall be retained unless their cancellation is expressly requested by the stakeholder. To this end, personal data can be segmented in order to make mailings more personalised, for example by geographic location.
+ Data relative to attendants to events and activities, and/or to visitors to our facilities (employees, end costumers, journalists): only the identifying data are gathered, in order to organise events and convocations, as well as to send satisfaction surveys. Occasionally, photographs can be taken and recordings and/or videos made of the events. In order for these to be produced and subsequently published on different media (social networks, websites of Grupo Agora, etc.), the consent of the interested party is to be obtained, always provided that the type of event makes it possible. In the case of this not being an option, these photographs will be taken and these recordings and/or videos made in a manner in which the identification of the persons concerned is made impossible. However, if you feel that as a result of the production and publication of such materials your rights have not been observed, you may exercise your data subject rights in the manner specified in subsequent paragraphs, or write to dpo(@)agoragp.com.
The legitimate bases for processing are the legitimate interest of the Data Controller and the consent expressed by the stakeholder. The data shall be retained unless their cancellation is otherwise requested by the interested parties.
Occasionally we create webs for promotions or events, where we may also install cookies. For your reference, cookie policies are linked in each of the websites in question.
+ Data for promotions: these data are used to manage promotions, and to that end identifying data, personal characteristics data and employment details of those interested in participating are gathered. The interested party’s consent when registering is our legitimate ground to process his or her data, which shall be cancelled within five years of the promotion being carried out.
+ Reservation of facilities data: these data are used to manage reservations of Horeca spaces. These data are collected from cost quotations or contracts concluded with the interested parties and include purely identifying information. The legitimate basis for processing is the commercial relationship between the parties. The data shall be cancelled within five years from the date the reservation is concluded.
+ Data of suppliers: these data are used to manage the commercial contracts, and for this purpose are gathered identifying data, financial or fiscal information, and other data such as the Spanish Social Security form TC2 or civil liability insurance policies. It is the contract or pre-contract itself that gives us the legitimacy to processes your data, which shall be cancelled within five years of the termination of the business relationship.
+ Customer details: the purpose for which the data are processed is the performance of a commercial contract or pre-contract and the provision of the goods ordered. It is to that end that the identifying information, financial details and the data pertaining to social circumstances (marital status, family data, licenses and permits, etc.) are requested. The legitimate bases for processing are the legitimate interest of the Data Controller and the performance of a contract. The data shall be cancelled within five years of the termination of the business relationship.
+ Sponsorship details: the purpose for which the data are processed is the performance of a contract or pre-contract, and to this end the identifying data contained in the contract itself are solely requested. The legitimate basis for processing is the relationship between the parties. The data shall be cancelled within five years from the termination of this relationship.
+ Data relative to the exercise of rights: these data are used to satisfy the exercise of rights regarding data protection. These data shall be minimised and stored in compliance with the regulations regarding data protection at all times.
+ Video surveillance data: these data are used to ensure safety at our facilities. The legitimate basis for processing is the performance of a mission undertaken in the public interest. These data (the images) shall be cancelled within a period of not more than 30 days.
Your commitment: the veracity of the information that you provide to us.
The User declares that the personal data provided to Grupo Agora while using any section of this website are true.
Please be informed that, as User, you are solely responsible for any direct or indirect damages or losses that could be caused to Grupo Agora as the entity responsible for this website or to a third party, if you fill in any form with false or third party information without their previous consent thus causing deception, damages or losses.
We ask the User to inform us of any variation that may occur in the data provided, so that we can keep his or her data accurate and updated.
Consent of minors.
This website is not meant to be used by persons under the age of 18. If you are under said age, you are not allowed to browse and use this website.
Submission of personal data through this website by users under the age of 18 is prohibited by Grupo Agora. If Grupo Agora identifies users that could be under the required age, it will not process their data nor, consequently, will it answer their requests.
In case Grupo Agora has a reasonable suspicion that the User could be a minor, it reserves the right to request a copy of the User’s National Identity Card or equivalent document that demonstrates the User’s legal capacity.
However, Grupo Agora cannot verify the accuracy of the data provided, and it will not be responsible for those underage persons who, in order to access the website and contents of Grupo Agora, breach said condition of access.
Grupo Agora encourages parents, legal representatives or guardians to supervise or take the necessary precautions with regard to the online activity of those minors under their care.
In some cases, Grupo Agora uses third party tools and services in order to manage some of the services that this website offers. Certain such services may be owned by third parties located outside of the European Economic Area.
Grupo Agora seeks to use secure tools whose servers are preferably located in Spain, or in their absence in a member state of the European Union, or outside of the European Union provided that the European regulations are met in accordance with the guidelines and recommendations of the Spanish Data Protection Agency, the European Commission and the relevant Community agreements in matters of international transfers of data.
Security Measures Applicable to the Processing of Personal Data.
In order to protect personal data, Grupo Agora ascertains for itself and controls its Data Processors on the implementation of appropriate technical and organisational measures that are consistent with the level of technology available. To this effect it considers the extent, context and purpose of the processing and estimates the probability and the possible seriousness of the risks for the rights and freedoms of the stakeholders, seeking the ability to ensure the confidentiality, availability and resilience of the processing systems and services.
Our information security policies and procedures are regularly reviewed and updated, with the aim of satisfying our business needs, technological changes and policy requirements.
Exercise of rights.
The User may at any time request further information, as well as withdraw his or her consent and/or exercise his or her rights of access, rectification, erasure, restriction, objection and portability provided for in the European personal data protection regulations, by sending an e-mail to dpo(@)agoragp.com, or by post to the Data Controller, at Calle Ramón Berenguer IV,1, 50007 Zaragoza (Spain).
In such case, the User must clearly indicate the right that he or she wishes to exercise and the website over which he or she intends to assert that right, as well as enclose a copy of his or her National ID Card or any other valid identity document, including that which enables electronic identification.
If you have not been duly attended to in the exercise of your rights, you may lodge a complaint with the Spanish Data Protection Agency.
How do we share the information with third parties? Data Processors.
Grupo Agora informs the stakeholder that some of our providers may process his or her personal data in their capacity as Data Processors, for example in the case of our business partners and third party service providers, when it is necessary for the provision of services, internal management, software, systems and platforms support, cloud hosting services and electronic communications. In such cases, the service provider accesses personal data only when Grupo Agora is in a contractual relationship with the Data Processor that ensures the confidentiality of the data and the non-use of the personal information that we make available to the processor for any purposes other than those necessary to perform the contract, as well as for the fulfilment of our internal rules on the privacy and security of the information.
It could also be the case that said transfer of data may be permitted by the need to meet a legal obligation, or that Grupo Agora may be required by the competent authorities to respond to a legal requirement, a criminal investigation of a possible illegal activity or any claims stating that a certain content violates the rights of third parties, or to protect the rights, the property or the security of third parties.
Applicable legislation and jurisdiction.
Applicable legislation and jurisdiction.
By accepting this Policy, you accept that any and all claims or complaints against Grupo Agora that arise or are related to the use of this website and more specifically to the processing of your personal data will be resolved by the court of competent jurisdiction located in the city of Zaragoza. If Grupo Agora were to make a claim it shall do it before the court of competent jurisdiction located at the User’s place of residence or in the city of Zaragoza in the case of legal persons or non-consumer professionals.
If the User accesses this site from a location outside of Spain, he or she will be responsible for complying with all applicable local and international laws.