Privacy Policy
This Privacy Policy applies to RAILSIDER LOGÍSTICA FERROVIARIA S.A. (hereinafter, "RAILSIDER"), acting as the owner and legal representative of this Site, in accordance with the Legal Notice. RAILSIDER, in compliance with the legal requirements imposed by the Regulation (EU) 2016/679 of the European Parliament and of the Council on Personal Data Protection, is responsible for personal data processing in both documentary and electronic format, and it undertakes to process said personal data in accordance with the regulatory requirements and considering the associated risks, which have previously been identified. Simply visiting this Site does not result in the processing of personal data, as no personal data that identifies the User is automatically recorded. Site services that give rise to personal data processing are the following:
- Contact us
- Job board
The User hereby guarantees the truthfulness, accuracy, and authenticity of all data provided thereby and agrees to keep the information provided up to date. The User assumes responsibility before RAILSIDER for any liabilities arising from the provision of false or inaccurate information (and/or information that does not meet the aforementioned requirements), as well as for any damages that may be caused to RAILSIDER or third parties stemming from the aforementioned circumstances.
To ensure proper management of personal data, all RAILSIDER personnel involved in data processing are familiar with the entity's data protection policies, thus ensuring the confidentiality, integrity, availability, and resilience of the personal data provided, as well as the ability to effectively and quickly restore personal data in the event of an incident.
- Your personal data's processing purpose and term
Each time that RAILSIDER requests personal data from the User, said User will be expressly informed at the time of data collection of the processing purpose for which the User is providing consent. The processing term for personal data will generally be indefinite — unless expressly indicated otherwise by RAILSIDER at the time of data collection or if the User exercises their right to erasure, at which time we will delete the User's personal data, except for any data that we are legally obliged to retain for a legally established period.
- Legal grounds for your personal data's processing
The legal grounds allowing us to process your personal data are based on express consent granted by the User for each of the Site's services which bring about personal data processing. RAILSIDER will always clearly and simply make known the processing purpose for which express consent is being granted; if express consent is denied, RAILSIDER will not be able to provide the requested service.
- Your personal data's recipient
Unless expressly required to do so by law, RAILSIDER will not transfer the User's personal data to third parties — except in the following three cases:
- Express legal obligation.
- Disclosure to companies belonging to the RAILSIDER group in order to undertake the processing purpose expressly consented to by the User. These group companies are the following:
| Organisation | TIN / Intra-Community ID |
| RAILSIDER ATLANTICO S.A. | A20602611 |
| RAILSIDER MEDITERRÁNEO S.A. | A81808966 |
| RAILSIDER FERROCARRIL S.L. | B20853974 |
| RAILSIDER TERMINALES FERROVIARIAS S.L. | B20893848 |
| RAILSIDER SERVICIOS EXTERNOS S.L. | B55353916 |
| RAILSIDER FRANCE | FR68324745769 |
| LOGIFER | FR53507902716 |
- Hiring of services which require third-party access to personal data, but always within the context of service provision, giving rise to a data processing agreement under the conditions set forth in Articles 28 and 29 of the aforementioned European Regulation. In these cases, RAILSIDER will govern your personal data's processing through a confidentiality agreement which will clearly reflect the commitments that both parties agree to in terms of the confidentiality and security of your personal data.
In the event that data processing is carried out by an entity located outside of Europe, we will only work with entities that have a comparable level of security in the opinion of the Spanish Data Protection Agency, provided this can be proven by the following means:
- The company providing the service is on the list of countries with a level of protection comparable to that of the European Union.
- The international transfer of personal data is expressly authorised by the Spanish Data Protection Agency.
- The company providing the service operates under binding corporate rules, standard data protection clauses adopted by a supervisory authority and approved by the European Commission, or codes of conduct or certification mechanisms with adequate safeguards.
If data is to be transferred outside the three cases described above, express consent will be requested in advance, informing the User of the data recipients (or the category of recipients if said recipients are not clearly defined).
- Rights related to your personal data's processing
The User —as the owner of the personal data processed by RAILSIDER and pursuant to Articles 15 to 22 of the aforementioned European Regulation— may exercise, at any time, the right to access their data, rectify their data, delete their data, restrict their data's processing, object to their data's processing, and/or request their data's portability. To do so, Users must contact RAILSIDER through any of the usual means of communication. More specifically, through the following channels:
Email: lopd@railsider.com
Post: RAILSIDER S.A., Carretera del Molino, 8 20303 Irún – Gipuzkoa.
Telephone: +34 943 639 744
In any event, in order to exercise these rights the User must unequivocally identify themselves beforehand, ensuring that they are the owner of the personal data over which they wish to exercise the right. RAILSIDER will tend to the request to exercise rights as soon as possible and without undue delay. Should the User have any questions about their rights and how to exercise them, RAILSIDER is available to provide further information and facilitate the exercise of said rights.
In the event that the User believes that their request to exercise their rights has not been adequately addressed, they may lodge a complaint with the competent supervisory authority. To do so, below is the contact information for the Spanish Data Protection Agency:
Spanish Data Protection Agency (AEPD)
C/ Jorge Juan, 6
28001 Madrid
Contact numbers: 901 100 099 – 912 663 517
- Data source
The source of the User's personal data processed by RAILSIDER will be the owner of the data and/or their legal representative, or any person or persons expressly authorised by the owner. The categories of data processed will always be: identifying data, financial data, commercial data, academic data, and/or professional data, and —generally speaking— any type of personal data that is not considered special category data.
RAILSIDER reserves the right to modify this Privacy Policy in order to adapt it to new laws or jurisprudence, as well as to new market practices. In this case, such modifications will be announced to the User prior to their entry into force and with sufficient notice for the User to be considered aware of the modifications
