<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-K634RCTH" height="0" width="0" style="display:none;visibility:hidden">
Skip to content
0
English

Privacy Policy

Ambit Building Solutions Together, S.A. (hereinafter Ambit BST) upholds data security and privacy as core values. Accordingly, we are committed to ensuring the User’s right to privacy when processing their data and understand that this commitment begins with transparency.

This Privacy Policy contains information about the processing of personal data of users of Ambit Building Solutions Together S.A. (www.ambit-iberia.com):

  • Who is responsible for processing your personal data?
  • What personal data do we process?
  • For what purposes do we process your data?
  • Why are we allowed to process your data?
  • How long is your data retained?
  • Do we share your data with third parties?
  • What rights do you have?
  • What security measures are applied?

If you want to access the privacy information of other data processing activities carried out by Ambit BST, please refer to:

  • The Animal Data Source privacy policy
  • The Join Ambit privacy policy
  • The Ambit Professional Academy privacy policy

1. ¿1. Who is responsible for your personal data?

The data controller is Ambit:

  • Data Controller: Ambit Building Solutions Together S.A. (Ambit BST)
  • Address: Calle Rosselló I Porcel nº21, 8th Floor, 08016, Barcelona
  • Phone: +34 932 768 990
  • DPO Contact: dpo@ambit-bst.com

2. What data processing activities do we carry out?

In this section, we explain the purpose of the processing, what data we process, and the legal basis that allows us to process it:

2.1. Management of contact and information requests

  • Purpose: When you contact us through any of our forms or request information, we need certain data to respond and handle your request.
  • Data processed: Full name, Email, Subject, Message.
  • Legal basis: Consent, Execution or preparation of a contract
  • Data retention period: Data will be kept for as long as necessary for the purpose.

2.2. Sending commercial communications

  • Purpose: We may use your personal data to send commercial communications about products and services of interest. Communications will be sent based on your consent or, if you are a client, based on legitimate interest.
  • Data processed: Full name, Email
  • Legal basis: Consent, Legitimate interest
  • Data retention period: Data will be kept for as long as necessary for the purpose.

2.3. Use of cookies

  • Purpose: We use cookies for statistical purposes, website optimization, and marketing based on consent. Necessary cookies are also used for proper website functioning.
  • Data processed: Browsing data
  • Legal basis: Legitimate interest, Consent
  • Data retention period: Each cookie has a specific duration. See the cookies policy for details.

2.4. Ethical channel management

  • Purpose: To process, investigate, and propose resolutions for reports submitted through the ethical channel.
  • Data processed: Full name, Email, Subject, Message
  • Legal basis: Public interest: prevention of regulatory breaches, especially criminal offenses
    Legal obligation: compliance with Directive (EU) 2019/1937
  • Data retention period: Data will be kept in the ethical channel system for a maximum of 3 months. Once a decision is made to proceed or not with the report, the data will be deleted from the system. Anonymized data may be retained to demonstrate the existence of the ethical channel. If an investigation begins, the data will be removed from the ethical channel and retained in the corresponding system.

2.5. Join Ambit

Purpose: If you want to join Ambit, you can submit your CV and apply for job positions via the Join Ambit portal.

  • Data processed: Identification data, Employment, academic, and professional details, LinkedIn profile
  • Legal basis: Consent, Preparation or execution of a contract
  • Data retention period: Data will be retained for 24 months from receipt unless the candidate requests a longer retention period.

2.6. Ambit Professional Academy

  • Purpose: Management of users on the company's e-learning platform (Ambit Professional Academy).
  • Data processed: Identification data, Employment, academic, and professional details
  • Legal basis: Execution of a contract
  • Data retention period: Data will be kept for as long as necessary for the purpose.

2.7. GxPharmaCloud

Ambit BST's obligations regarding data it may access as a cloud services and Infrastructure as a Service (IaaS) provider are defined in agreements with its clients and are not governed by this privacy policy.

If you are a GxPharmaCloud client and wish to request the Data Processing Agreement (DPA), email: dpo@ambit-bst.com

3. How long is your data retained?

The retention period depends on the purpose of the processing.
 Your data will be retained for the time strictly necessary to fulfill the purposes of processing. Data will be retained as long as there is a legal obligation for the controller or until you request its deletion, restriction, or objection.

For cookies, the retention period is defined in the cookies policy.

4. Do we share your data with third parties?

Ambit outsources certain external providers for auxiliary services.

We use the following service providers acting as data processors:

  • Google Ads: Google Ireland Limited, IE6388047V, 3rd Floor, Gordon House, Barrow Street, Dublin 4, Ireland. DPO contact.
  • CRM: HubSpot Ireland Limited, IE 984947F, 2nd Floor, 30 North Wall Quay, Dublin 1, Ireland. DPO contact.
  • Cookie Consent Manager: Cybot A/S, DK34624607, Havnegade 39, 1058 Copenhagen, Denmark, Phone: +45 50 333 777, E-mail: mail@cookiebot.com
  • Recruitment Platform: Teamtailor AB, Östgötagatan 16, 116 21, Stockholm, Sweden. Contact: https://career.teamtailor.com/data-privacy
  • E-learning Platform: EVOLMIND S.L., B99151615, Calle Bari 31, Office 020, 50197, Zaragoza, Spain.
  • Webinar Software: GoToMeeting (GoTo Technologies Ireland Unlimited Company), The Reflector, 10 Hanover Quay, Dublin 2, D02R573, Ireland, dpa@goto.com
International data transfers outside the European Economic Area carried out by Ambit BST's processors are performed with appropriate safeguards and security measures to ensure a level of protection in accordance with the European Union.

5. What rights do you have?

You can contact the data controller to exercise your rights. If applicable, you can also write to Ambit at dpo@ambit-bst.com.
Your data protection rights include:

  • Right of access: Request information about your personal data being processed.
  • Right to rectification: Inform us of any changes to your personal data.
  • Right to erasure and to be forgotten: Request deletion of your personal data, subject to prior blocking.
  • Right to restriction of processing: Request the limitation of processing.
  • Right to object: Withdraw your consent and object to further processing.
  • Right to data portability: Request portability where applicable.
  • Right to withdraw consent.
  • Any other rights recognized by applicable regulations.

You may also file a complaint with the relevant data protection authority. In Spain, this is the Agencia Española de Protección de Datos (https://www.aepd.es/).

 

6. What security measures are applied?

To safeguard the security of your personal data, we have adopted all necessary technical and organizational measures to ensure the security of the personal data provided and to prevent alteration, loss, or unauthorized access or processing.

Ambit BST is also certified under ISO 27001 for Information Security Management.

 

7. Modifications to the privacy policy

This Privacy Policy may be modified to reflect changes in data processing or legal requirements.

 

 

Last updated: 29/07/2022