Privacy policy

BASIC INFORMATION ON PERSONAL DATA PROTECTION

Who is responsible for the

data processing?

• Identity: GRUP VFV, S.L. (AURENS)

• TAX IDENTIFICATION NUMBER: B-62885645.

• Address: C/Saragossa, nº 6, 08830, Sant Boi de Llobregat (Barcelona)

• Telephone: 971923649

• Email: protecciondatos@aurens.es

+ see more

What do we use personal data for

and what is the basis of legitimacy?

Execution of the contract: To provide services, manage payment, contact the client.

Consent: To answer queries, marketing.

Legitimate interest: Send commercial information.

Legal obligation: Interested parties' requests.

+ see more

What data will we process?

• Identification data

• Contact details

• Financial and bank details

• Academic and professional data

• Browsing history data

+ see more

Recipients of personal data

Ancillary services are contracted with service providers who, as data processors, will have committed themselves to comply with the applicable data protection regulations at the time of contracting.

+ see more

When and how do we collect your data?

We collect information about you when you request information through forms on the website.

forms on the website.

+ see more

What rights can you exercise and how?

You have the right to access, rectify or delete your personal data. In some cases, you also have other rights, for example, to object to our use of or transfer of your data.

+ see more

GRUP VFV, S.L., with its commercial brand AURENS (hereinafter, "AURENS"), respects the current legislation on personal data protection, the privacy of users and the secrecy and security of the data in accordance with the provisions of the applicable legislation on data protection, and applies the appropriate technical and organisational measures in order to guarantee and be able to demonstrate that the data processing for which AURENS is responsible complies with the aforementioned regulations.

1. WHO IS RESPONSIBLE FOR THE PROCESSING OF YOUR DATA?

The person responsible for the treatment of personal data is GRUP VFV, S.L. (hereinafter, AURENS), with registered office at C/Saragossa, nº 6, 08830, Sant Boi de Llobregat (Barcelona) and NIF B-62885645.

Email: protecciondatos@aurens.es

2. WHAT PERSONAL DATA WILL WE PROCESS?

AURENS only processes personal data that are relevant for the purposes mentioned in Section 4. Specifically, it processes the following categories of personal data of the data subject (indicative, non-exhaustive list), regardless of the legitimacy of the processing and regardless of whether the data are obtained from third parties or directly from the data subject:

Identifying data: name, surname and identity/passport number.
Contact data: e-mail address, postal address and telephone number.
Financial and bank details, necessary for the correct provision of the service.
Contracted service data. These data are necessary for the correct provision of the service.
Other data provided voluntarily by the interested party or third party when contacting us for any reason (making a complaint or query, etc.) and providing a response. If you are a customer, they will be included in the contract file and will be used for the correct provision of the service (contact details of a third party for notifications, details of third parties who are authorised by the customer to carry out various formalities on their behalf in relation to their contract).
Academic and professional data: training/qualifications, professional experience, and all those data that are incorporated in the CV, in the case of selection processes.
Browsing history data: IP address, web pages visited and country from which the connection is made.

In general, the personal data of minors will only be processed when their parents or legal guardians have given their consent for the processing that is necessary for the execution of the corresponding contract/service, compliance with a legal obligation and/or in our legitimate interest.

3. WHEN AND HOW DO WE OBTAIN THE DATA?

The provision of personal data through the forms on the website is completely voluntary, although failure to provide certain data may make it impossible to obtain a response.

Similarly, there will be personal data required for the provision of contracted services that it will be essential to provide, in which case we will inform you of the mandatory and/or necessary nature of providing personal data for the operation of the service.

In this sense, the concept of "client" includes any interested party who has the status of: declarant, contracting party, deceased, designated, relatives of the deceased or rightful claimant, who establishes a contractual or service relationship. In the event that personal data is provided by a person other than the data subject, the data provider is obliged to provide this information to the data subject in advance and to obtain the consent of the data subject where necessary for processing by us.

4. WHAT DO WE USE THE PERSONAL DATA FOR AND WHAT IS THE BASIS OF LEGITIMACY?

We use personal data for the following purposes and with the following legitimate basis as the case may be:

PURPOSE

LEGAL BASIS

To execute and maintain the existing contractual relationship between AURENS and the interested parties, including the communication to the financial institutions of the personal data strictly necessary to carry out the agreed payments.

This purpose includes the processing of your data for, mainly:

- Management of the data of relatives and deceased for the provision of funeral services.

- Contact you in relation to informative communications related to the products or services contracted, relating to funeral services/products or floral products (online sales), if applicable.

- Manage possible changes or refunds once the funeral services/products and/or floral products (if applicable) have been contracted, and manage requests for information on availability depending on whether they are available at any given time and place.

- To manage the payment of contracted services and/or purchased products, regardless of the means of payment used.

- For billing purposes, as well as to make available to the user the tickets and invoices for the services and/or products contracted.

Execution of a contract (art. 6.1. b) RGPD):

Refusal to provide the personal data requested by AURENS could result in the impossibility of concluding or maintaining such a contract.

- Attention to queries and requests made by users or potential customers. They will be processed for the purpose of managing or resolving the query, application or request made.

The user is informed that, if he/she chooses to contact AURENS through the telephone customer service, his/her call may be recorded in order to process the query, request or application made by the user.

- Marketing. Personal data will be processed to manage the sending of information, advertising and commercial promotion of products, services and activities of interest related to funeral services, including by electronic means (e-mail or SMS).

- To create profiles of the interested parties based on their personal preferences and interests, which are obtained from information provided by the interested parties themselves and from the analysis of their behaviour when receiving communications from AURENS or when surfing the Internet. AURENS will use these profiles to send communications that are tailored to the preferences, interests and behaviour shown by the data subjects. No automated individual decisions will be made on the basis of these profiles. Data subjects may exercise their right to object and revoke consent to the processing of their personal data for direct marketing purposes, including the right to object to profiling activities when these are carried out for direct marketing purposes.

- To personalise certain functionalities of the web pages (e.g. the language in which the content is displayed) according to the browsing preferences expressed by the data subjects and to analyse their browsing behaviour (e.g. sections that attract more or fewer visits) in order to improve the services offered through the website. There is more information about this in the Cookies Policy of the website.

Consent (art. 6.1.a) GDPR):

Data subjects may grant their consent through data collection forms, by clicking on acceptance buttons or ticking boxes, replying to emails or taking any other clear affirmative action.

Data subjects may revoke their consent at any time, as detailed in Section 8. In any case, the withdrawal of consent will not affect the lawfulness of the processing previously carried out.

- Contact when there is a contractual relationship, by any means, including electronic means, for quality surveys and similar, to help us improve the service or design new features, also to analyze the satisfaction of the quality of care received before a consultation; for this purpose we could contact via telephone and / or email.

- To send commercial information by any means, including electronic means, when there is a contractual relationship with the interested party and the information is about products and services similar to those contracted. Data subjects may exercise their right to object to the processing of their personal data for direct marketing purposes.

- Respond to requests for information and suggestions from customers.

- To carry out website maintenance tasks in order to provide a secure environment for its users.

Legitimate interest of AURENS and/or third parties (art. 6.1.f) GDPR):

AURENS considers that the legitimate interest on which it bases the processing of personal data prevails over the fundamental rights and freedoms of data subjects, and we understand, on the other hand, that our customers can reasonably expect their personal information to be processed for these purposes, since the processing:

As there is a previous contractual relationship, through which AURENS lawfully obtained the contact details of its customers to use them for sending commercial communications concerning products or services similar to those initially contracted by the customer (art. 21.2 LSSI).
It is for sending satisfaction surveys in order to provide a better service.
It is part of the ordinary management of a group of companies, which involves sharing information with the companies of the Áltima Group.

In any case, interested parties may request further information in relation to legitimate interest or exercise their right of opposition by sending such a request to protecciondatos@aurens.es.

To attend to the requests of the interested or affected parties in the exercise of the rights established in the RGPD.

Legal obligation (art. 6.1.c) RGPD)

AURENS needs to process the personal data requested in order to comply with legal obligations.

5. HOW LONG DO WE KEEP THE DATA?

Data derived from the execution of a contract will be kept for as long as the contractual relationship that we have established is maintained, in order to manage it properly. Once this relationship has ended, we must keep the data duly blocked for an additional period during which there may be any legal liabilities arising from services provided or processing carried out.

Personal data provided for purposes other than the contractual relationship, such as queries, requests for quotations, etc., will be kept for the time necessary to process your request, plus an additional period for the purpose of meeting any legal liabilities arising from the same.

In the event that you have authorised us to send you commercial communications, we will keep the data until such time as you tell us that you wish to stop receiving offers, even if the contractual relationship with us has ended.

For compliance with legal obligations and the formulation, exercise and defence of claims, once the authorisations to use your data have been revoked by withdrawing your consent, or the contractual or business relationships you have established with us have ended, we will retain your data only to comply with legal obligations and to enable the formulation, exercise or defence of claims during the limitation period for actions arising from the contractual relationships.

We will process this data by applying the necessary technical and organisational measures to ensure that it is only used for these purposes.

We will destroy your data when the retention periods imposed by the regulations governing the activity of AURENS and the limitation periods for administrative or legal actions arising from the established relationships have elapsed.

6. RECIPIENTS OF PERSONAL DATA

(i) Group Entities: We may share your personal data with entities belonging to the Áltima Group, parent companies and/or subsidiaries, for the purposes set out in this Privacy Policy.

We also specifically inform you that the Entities of the Áltima Group share, with varying degrees of integration, common IT services and accounting, personnel management and payroll services, among others, in order to take advantage of existing synergies, optimise resources and offer a better service to customers.

(ii) Other Entities: Personal data may also be communicated to other companies related to funeral services, such as insurers or mutual insurance companies, collaborators and service providers, such as, but not limited to: cemeteries, undertakers, marble workers, press or any other physical or digital means of communication of obituaries, experts, lawyers, auditors, consultants, specialists in administrative procedures, financial institutions, and other suppliers and professionals, who will process the personal data as data processors in the name and on behalf of the data controller, in order to guarantee the services provided by said data controller in the execution of the contract or service, comply with the obligations derived from the applicable regulations, in legitimate interest and/or in accordance with the consent provided where applicable.

AURENS follows strict criteria for the selection of service providers in order to comply with its data protection obligations and undertakes to sign with them the corresponding data processing contract by means of which it will impose on them, among others, the following obligations: to apply appropriate technical and organisational measures; to process the personal data for the agreed purposes and only in accordance with the documented instructions of AURENS; and to delete or return the data to AURENS once the provision of the services has been completed.

(iii) Official Bodies and Authorities: The personal data will be provided to all those recipients to whom it is obliged to communicate said information in compliance with legal obligations, including, but not limited to: competent Public Bodies and Administrations, such as the Spanish Tax Administration Agency or the Regional Tax Authorities, the personal data protection control authorities, Health and Environmental Control Authorities, the Courts and Tribunals, the Public Prosecutor's Office and/or the State Security Forces and Corps. As well as Customs and the agency responsible for dealing with Customs when a deceased person is transferred to a non-EU country.

7. INTERNATIONAL DATA TRANSFERS OUTSIDE THE EEA

At AURENS we process your data within the European Economic Area and, as a general rule, we contract service providers located also within the European Economic Area (EEA) or in countries that have been declared with an adequate level of protection.

However, when a family requests the transfer of a deceased person to a country outside the EEA. In such a case, we will provide the details of the deceased and the family representative to the competent public authorities and bodies in accordance with the relevant official procedures and regulations in each country. In order to safeguard personal data, the security measures set out in the GDPR and the Data Protection Act (LOPDGDDD) are applied in addition to the data protection regulations of the destination country.

If, in addition to the above, we need to use service providers that carry out processing outside the EEA or in countries that have not been declared with an adequate level of protection, we will ensure that we guarantee the security and legitimacy of the data processing.

8. WHAT RIGHTS CAN YOU EXERCISE AND HOW?

The regulations recognise the following data protection rights, applicable to all data subjects:

LAW	CONTENTS
Access	You have the right to obtain confirmation from AURENS as to whether or not personal data relating to you are being You have the right to obtain confirmation from AURENS as to whether or not personal data concerning you is being processed, as well as the right to access the personal data held by AURENS.
Correction	You may modify your personal data if it is inaccurate or incomplete. incomplete.
Deletion	You may request that we delete personal data concerning you when, among other reasons, the data is no longer necessary for the purpose for which it was collected.
Oppose	You may request that we do not process the personal data where the personal data are are processed on the basis of public or legitimate interest. AURENS will stop processing the data, except for compelling legitimate reasons or for the exercise/defence of possible claims
Limitation of processing	You may request the restriction of the processing of your data in the following cases: (i) While the contestability of the accuracy of your data is being checked; (ii)Where the processing is unlawful, but the data subject objects to the erasure of your data; (iii) Where AURENS does not need to process your data, but the data subject needs it for the exercise or defence of claims; (iv) Where the data subject has objected to the processing of your data for the performance of a task carried out in the public interest or for the satisfaction of a legitimate interest, while verifying whether the legitimate grounds for processing outweigh your legitimate grounds for processing.
Portability	To receive in a structured, commonly used and machine-readable format the personal data provided, as well as to transmit them to another controller where the processing is based on consent or a contract and is carried out by automated means.
File a complaint complaint	In any case, as a data subject, you have the right to lodge a complaint with the Spanish Data Protection Agency. a complaint to the Spanish Data Protection Agency.

The user may exercise the aforementioned rights through the following postal address: C/ Saragossa, 6, 08830 - Sant Boi de Llobregat (Barcelona) to ATT. DEPARTMENT RESPONSIBLE FOR RGPD. Communication made by the user to the following e-mail address will also be valid: protecciondatos@aurens.es. In both cases, a photocopy of the DNI or equivalent document that accredits identity and is considered valid in law must be provided. In the event of acting through legal representation, the ID card of the representative and a document accrediting representation must also be provided.

9. ARE THE PERSONAL DATA SAFE?

AURENS assures the confidentiality of your personal data and guarantees its security, adopting the necessary measures to avoid its alteration, loss, treatment or unauthorised access.

10. CHANGES TO THE PRIVACY POLICY

We will review this Privacy Policy from time to time in order to keep you informed, for example, when new rules or criteria are published or new processing operations are carried out. In order to allow you to consider objecting to the processing of personal data or to unsubscribe from any service or functionality.

We will notify you through the usual communication channels whenever there are substantial or important changes to this privacy policy.

This Privacy Policy has been revised and published in 11:31.