Privacy and Cookies Policy


This Privacy Policy has been drawn up taking into account the prevailing Organic Data Protection Act, and also Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the movement of such data, hereinafter GDPR.

The purpose of this Privacy Policy is to inform the owners of the personal data about which information is being collected, specific considerations concerning the processing of their data, including, inter alia, the purposes of the processing, the contact details for exercising the rights to which they are entitled, and the time limits for storing the information and the security measures.

Data Controller

In terms of data protection, INGENER · INGENIERÍA DEL NERVIÓN S.A.U. (INGENER FURNACES), must be considered the Data Controller in relation to the files/processing identified in this policy, specifically in the Data Processing section.

The details of the owner of this website are as follows:

  • Data Controller: INGENER FURNACES
  • Postal address: Camino Sangróniz, 2 Edificio – 2, planta 1ª · 48150 Sondika (Bizkaia)
  • Email:

Data processing

The personal data requested, if any, consist only of those strictly necessary to identify and address any requests made by the owner of such data, hereinafter the data subject. Such information shall be processed fairly, lawfully and transparently in relation to the data subject. Personal data will be collected for specific explicit and legitimate purposes and will not be further processed in a manner incompatible with those purposes.

The data collected from each data subject shall be adequate, relevant and not excessive in relation to the relevant purposes for each case, and shall be updated whenever necessary.

Before the data owner’s data are collected, they will be informed about the general points regulated in this policy so they can give their express, accurate and unequivocal consent for the processing of their data, in accordance with the following considerations.

Purposes of processing

The explicit purposes for which each data processing is carried out are set out in the informative clauses included in each of the data collection channels (web forms, paper forms, telephone statements or posters and information sheets).

However, the data subject’s personal data will be processed solely to provide them with an effective reply and to meet the user’s requests, specified together with the option, service, form or data collection system used by the owner.


As a general rule, before processing personal data, INGENER FURNACES obtains express and unequivocal consent from the owner of such data, by adding informed consent clauses in the different data collection systems.

However, if the data subject’s consent is not required, the legitimate basis for the processing by INGENER FURNACES is the fact that there is a specific law or regulation that authorises or requires the processing of the data subject’s data.


As a general rule, INGENER FURNACES does not transfer or communicate data to third parties, except those legally required. However, if necessary, the data subject will be informed of such data transfers or communications through the informed consent clauses contained in the various channels for collecting personal data.


As a general rule, personal data are always collected directly from the data subject, although, in certain exceptions, data may be collected through third parties, entities or services other than the data subject. The data subject will be informed of this way in which personal data is collected through the informed consent clauses which appear in the various data collection channels and within a reasonable period of time, once the data has been obtained, and at the latest within one month.

Storage periods

The information gathered from the data subject will be kept as long as it is necessary to fulfil the purpose for which the personal data were collected, and thus, once the purpose has been fulfilled, the data will be cancelled. Once cancelled, the data will also be blocked, and will only be kept at the disposal of the Public Administrations, Judges and Courts, to deal with any possible liabilities arising from the processing, during the statute of limitations period, and once this period has expired, then the data will be permanently erased.

As a guideline, the mandatory legal data storage periods for different types of data are set out below:

Documents of a labour-related nature or which concerns the fulfilment of Social Security registration obligations 4 years Article 21 of Royal Legislative Decree 5/2000, of 4 August, approving the consolidated text of the Social Infringements and Sanctions Act
Accounting and tax documentation for commercial purposes 6 years Art. 30 Code of Commerce
Accounting and tax documentation for fiscal purposes 4 years Articles 66 to 70 General Tax Act
Building access control 1 mounth Guide on the use of video cameras for security and other purposes of the Spanish Data Protection Agency (AEPD)
Registration of working day 4 years Labour legislation
Video surveillance 1 mounth Guide on the use of video cameras for security and other purposes of the Spanish Data Protection Agency (AEPD)
Organic Law 4/1997, of 4 August, regulating the use of video cameras by security forces in public places
Organic Law 4/2015, of 30 March, on the protection of citizen security

Browsing data

You are recommended to consult the Cookies Policy published on our website for information about browsing data that may be processed through the website, in the event that data affected by the regulation is collected.

Data subjects’ rights

Under data protection regulations, data subjects or data holders, website users or users of the social network profiles of INGENER FURNACES are granted certain rights.

Specifically, data subjects have the following rights:

  • Right of access: the right to obtain information on whether your own data are being processed, the purpose of the processing being carried out, the categories of data concerned, the recipients or categories of recipients, the storage period and the origin of the data.
  • Right of rectification: the right to have inaccurate or incomplete personal data concerning you corrected.
  • Right of deletion: the right to have your data deleted in the following cases:
    • When the data are no longer necessary for the purpose for which they were collected.
    • When the owner of such data withdraws his/her consent.
    • Where the data subject objects to the processing.
    • When the data must be deleted to fulfil a legal obligation.
    • When the data have been obtained by virtue of an information society services as provided for under art. 8 section.
  • Right to object: the right to object to a particular processing based on the consent of the data subject..
  • Right of limitation: the right for the data processing to be limited in any of the following cases:
    • When the data subject contests the accuracy of the personal data, for a period enabling the controller to verify the accuracy of the personal data.
    • When the processing is unlawful and the data subject opposes the erasure of the personal data.
    • When the enterprise no longer needs the personal data for the purposes for which they were gathered, but the data subject needs them to establish, exercise or defend legal claims.
    • When the data subject has objected to processing pursuant pending the verification on whether the legitimate grounds of enterprises override those of the data subject.
  • Right to portability: the right to obtain data in a structured, commonly used and machine-readable format, and to convey them to another controller when:
    • The processing is based on consent.
    • The processing is carried out by automated means.
  • Right to lodge a complaint with a competent supervisory authority.

Data subjects may exercise the aforementioned rights by writing to INGENER FURNACES, at the following address: indicating the right you wish to exercise in the subject line.

INGENER FURNACES will deal with your request as soon as possible, taking into account the terms established in the data protection regulation.


The security measures adopted by INGENER SURFACES are those required, in accordance with article 32 of the GDPR. INGENER SURFACES, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, has implemented the appropriate technical and organisational measures to ensure a level of security appropriate to the existing risk.

INGENER SURFACES has invariably implemented sufficient mechanisms to:

  1. Guarantee the permanent confidentiality, integrity, availability and resilience of the processing systems and services.
  2. Restore the availability of and access to personal data quickly in the event of a physical or technical incident.
  3. Regularly verify, evaluate and evaluate, the effectiveness of the technical and organisational measures implemented to guarantee the security of the processing.
  4. Pseudonymise and encrypt personal data, if applicable.

Cookies Policy

What are Cookies?

A cookie is a file or device that is downloaded to a user’s terminal/PC equipment to store data that can be updated and retrieved by the entity responsible for installing it. In other words, it is a file that is downloaded to your computer when you access certain websites. Websites use cookies to store and retrieve information about a user’s or their computer’s browsing habits and, depending on the information they contain and the way they use their computer, may be used to identify the user.

Types of Cookies

There are different types of cookies depending on their properties, most of all; the following is a classification of the most common cookies, although there are others:

According to the period of time

  • Session cookies: cookies designed to collect and store data while the user uses a website. They are usually used to store information that is only useful to provide the service requested by the user once (for example, a list of products purchased) and disappear at the end of the session.
  • Persistent cookies: cookies that store the data in the terminal and can be accessed and processed for a period defined by the person responsible for the cookie, which can range from a few minutes to several years.

According to their purpose

  • Technical cookies: cookies that allow the user to browse through a website, platform or application and use the various options or services that are available, including those that the editor uses to allow website management and operation and enable its functions and services (such as controlling traffic and data communication, identifying the session, accessing restricted areas and for similar purposes of a technical nature).
  • Personalisation cookies: cookies that store information so the user can access the service with certain characteristics that can differentiate their experience from that of other users, such as the language, the number of results to show when the user performs a search, the appearance or content of the service depending on the type of browser used to access the service or the region that the user is accessing the service from, etc.
  • Analysis cookies: cookies that allow the person responsible for them to monitor and analyse the behaviour of the users of the websites they are linked to, including quantifying the impact of ads. The information collected through this type of cookie is used to measure the activity of websites, applications or platforms and make improvements based on the analysis of how the service is used by the user.
  • Behavioural advertising cookies: cookies that store information on user behaviour obtained by continuous monitoring of their browsing habits and which allows a specific profile to be generated and to show advertising based on that profile.

According to the entity that manages them

  • Own cookies: cookies that are sent to the user’s terminal equipment from a computer or domain managed by the editor and from which the service requested by the user is provided.
  • Third party cookies: cookies sent to the user’s terminal equipment from a computer or domain that is not managed by the editor, but by another entity that processes the data obtained through cookies.

What types of cookies does this website use?

This website uses cookies which help the user when using and browsing the website, to ensure access to certain services and to improve the functional configuration of the website.

Specifically, this website uses the following cookies:

Session These are necessary for correct use of the website, for the user sessions or for uninterrupted browsing recalling language or country options. They are used to identify the user if it is necessary to access a registration field. Without these cookies, many of the available services would not be functional. These cookies expire when the browser is closed or when a month has elapsed. PROPRIETARY
Technical These cookies process general, anonymous information that does not include personal data and only recalls the website the user has come from. Their main purpose is to improve the website’s functioning. PROPRIETARY
Advertising These cookies enable recall of your choices and the terms and conditions accepted by the user and also provide better, more customised, features. Where the case may be, they allow the most relevant and useful advertisements to be shown, matched to your interests, or can prevent the user being continuously shown the same advertisement, for example. Google AdWords Conversion
Social Some services may use connectors to different social networks. By using the social register, you authorise the social network to place cookies. These cookies add the social component to your browsing. Facebook
Analytical These cookies allow the properties and functions of this website to be analysed and measured, measuring them for purposes of improvement. The cookies installed are third-party cookies. For example, Google Analytics is the analytical tool that helps websites to understand how their visitors interact with their properties. It may use a set of cookies to gather information and inform of the statistics on the use of websites without personally identifying the Google visitors. ComScore provides customised solutions for measuring online audiences, e-commerce, advertising, searches, video and mobile browsing. It measures unique visits and users. Google Analytics

How do I manage cookie settings?

In this section, we provide an outline on how to check and adjust cookie settings for the most common browsers.

Practically all browsers allow the user to obtain general information about the cookies installed on a website, specifically to verify their existence, their duration or how to delete them. Please refer to the following links for further information:

  • Google Chrome
  • Mozilla Firefox
  • Internet Explorer
  • Safari

Users can change their browser settings—following the appropriate instructions—to enable, block or remove cookies installed on their computers. For your information, browser settings are usually adjusted in the “Settings” or “Tools” menu of each browser, and you can always use your browser’s help files to solve or resolve any doubts that may arise.

Bear in mind that if you disable all cookies, the content of the website as well as certain features and services provided by it may be affected.

Retention period

Retention of the data collected through cookies will depend on the purpose it is collected for, notwithstanding the corresponding legal requirements.