BK Energies

YouTube Jki-linkedin-light

Privacy Policy

Identity: BlakachEnergy S.L.
Tax ID: B56244072
Mailing address for service of process: Plazadel Fresno 3, 5D, Oviedo (33007), Asturias, Spain

Email: info@bkenergies.com
DPD Contact: info@bkenergies.com

For what purpose do we process your personal data?

We process personal data for the following purposes:

  • Handling of inquiries and requests: managing responses to inquiries, complaints, or issues, as well as requests for technical or corporate information, resources, and/or activity-related information, submitted via email, phone, contact form, and/or instant messaging.

  • Contacting the data subject via the contact information provided (email, mailing address, and/or phone number) in order to address inquiries arising from the relationship between the parties.

  • Marketing and sales management of the products and services offered by the Data Controller. Contacting the data subject to request the necessary information in order to manage the design and proposal of products and/or services.

  • Internal use, the performance of transactions, and administrative, financial, and accounting management arising from the business relationship and/or the provision of services.

  • Profile analysis: To the extent that you have unambiguously consented, “in order to offer you products and services tailored to your interests and to improve your user experience, we will create a ‘profile’ based on the information you provide. No automated decisions will be made based on this profile.”

  • Consult the advertising opt-out systems that may affect your operations, and exclude from processing the data of data subjects who have expressed their objection or refusal to such processing by consulting the advertising opt-out systems published by the competent supervisory authority.

  • Related management activities, including prior communication thereof, that may arise from the execution of any corporate restructuring transaction or the contribution or transfer of a business or a branch of business, provided that such processing is necessary for the successful completion of the transaction and ensures, where applicable, the continuity of service provision.

  • The dissemination of our best practices regarding the services we have provided to you and/or the publication and/or communication of visual material that may include the image of the account holder and/or their staff in corporate media and/or other public media, to the extent that you have unequivocally consented to such use.

  • Management of the organization’s contracting and service delivery, as well as compliance with contractual and regulatory requirements related to the organization and/or the requested operation.

  • Sending commercial communications regarding products or services similar to those contracted by the customer with whom there is a prior contractual relationship, in accordance with Article 21 of the LSSICE.

  • Quality control of our products and services, quality management of processes and activities, as well as the evaluation of stakeholder satisfaction, perception, and performance metrics.

  • Provision of supporting documentation for campaigns, activities, promotions, contests, projects, and grants in which the organization participates

  • Regulatory Compliance Management (applicable regulations, as well as mandatory internal policies): Investigation, monitoring, and auditing of controls established to prevent crimes, including access controls to facilities, video surveillance, information systems, and document printing for all personal data under the organization’s responsibility—and therefore for all of the entity’s information systems—as well as controls the entity may establish for investigating accidents and/or incidents that may occur, as well as regulatory violations, crimes, or unlawful conduct.

  • Assessment of financial solvency and creditworthiness to confirm the financial viability of the requested transaction, as well as, where applicable, the communication and administration related to the collection of the amounts agreed upon for the provision of the service.

  • For statistical and historical purposes to help us improve our business strategy for our products and services, with your data being anonymized beforehand.

  • The management and auditing of the organization's management systems and regulatory compliance for processes and facilities.

  • To contact you and send you personal communications, invitations to events, greetings on special occasions, quality and satisfaction surveys, as well as to periodically inform you of updates, news, and corporate information, and to provide you with offers for products and services that may interest you via telephone, mail, or email, provided you have given your consent and/or requested such communications.

  • If you have provided us with your resume to apply for a position at our company, we will process your data for the purpose of managing the job application process. Additionally, if you have given your consent, we will process your data for the purposes described in the additional consent forms.

How long do we keep your data?

  • The data provided will be retained for as long as the legal basis for processing remains valid, unless the data subject requests its deletion following the formal termination of the relationship with the data subject in writing, except where retention is necessary for the establishment, exercise, or defense of legal claims by the data controller, or to protect the rights of another natural or legal person, and/or for reasons of legal obligation.

  • In any case, upon termination of the relationship, the data subject’s personal data will be properly blocked, in accordance with current data protection regulations.

  • Accounting and tax documentation – for tax purposes: Accounting books and other mandatory records required under applicable tax regulations (personal income tax, VAT, corporate income tax, etc.), as well as supporting documentation substantiating the entries recorded in the books (including computer programs and files and any other supporting documents with tax implications), must be retained for at least the statute of limitations period for tax offenses – General Tax Law and Penal Code: Statute of limitations for violations is 10 years.

  • Accounting and tax records – for commercial purposes: books, correspondence, documentation, and supporting records related to your business – Commercial Code – 6 years.

  • Credit files: data regarding debts that are certain, due, and payable but not yet claimed - LOPD – 5 years

  • The data processed for the purpose of sending marketing communications will be retained until you withdraw your consent.

  • Therefore, the data will be retained for as long as the business relationship remains in effect, in accordance with the retention periods established by the applicable regulations noted above, as well as the legal or contractual time limits for the exercise or statute of limitations of any liability claim for breach of contract by the data subject or the Organization (the Civil Code establishes a five-year period for bringing a civil liability claim, which begins on the date on which performance of the obligation may be demanded).

What is the legal basis for processing your data?

The processing of your data is based on:

  • To fulfill the request you have submitted to us. The requested information is necessary for us to properly process your request.

  • The legal basis for processing your data is to fulfill the request you have submitted to us. The data requested is necessary for us to properly fulfill your request.

  • The performance of a contract, request, offer, order, and/or commercial agreement, for which the data provided may be disclosed to third parties that supply us, as applicable, with specific products and/or services necessary for the management of the contracted services, in order to properly address, as applicable, the warranties and liabilities associated with the products and services they provide.

  • Comply with legal obligations: administrative, commercial, tax, fiscal, accounting, civil, and financial regulations; consumer and user protection laws; as well as regulations specific to the contracted transaction and those applicable to the industry.

  • To satisfy a legitimate interest of the data controller: data processing as part of a business relationship and/or contract, which is necessary for its maintenance or fulfillment; fraud prevention; cases of legitimate interest in which the data controller could be an aggrieved party and it is necessary to process and disclose the data of the non-compliant party to third parties in order to manage regulatory compliance and defend the interests of the data controller; as well as the legitimate interest in direct marketing authorized by the LSSICE (sending commercial electronic communications regarding products or services similar to those contracted by the customer with whom a prior contractual relationship exists), as well as cases of legitimate interest in specific processing activities provided for in the LOPDGDD.

  • The consent of the data subject, which has been provided to us unequivocally through formal means and/or by checking the boxes provided for that purpose in the data protection clauses included in the underlying document governing the business relationship, depending on the contact channel.

To whom may your data be disclosed?

  • Organizations or individuals directly contracted by the data controller or with whom the data controller has a collaboration agreement for the provision of services related to the purposes of processing (including, but not limited to): legal, tax, and accounting advisory services; debt collection and credit insurance agencies; management, accounting, and/or regulatory compliance auditors; IT maintenance providers; suppliers; courier/transportation companies; video surveillance/alarm companies; and other professionals or companies necessary for the performance of specific services.

  • Public administration agencies or bodies with jurisdiction over the matters covered by the purposes of the processing, in order to fulfill their obligations when required to do so under the laws in effect at any given time, as well as for the management of service delivery.

  • Third parties who have been expressly authorized by the data subject.

  • Financial Institutions: transfer and/or processing of payment instruments.

  • Law enforcement agencies and the judiciary, to the extent necessary.

  • Partners or sponsors of events, projects, and grants in which the organization participates, for the purpose of providing technical or financial justification for such initiatives.

  • Media used to promote or publicize the organization's activities (public and/or private, such as websites, social media, newspapers, etc.).

Under what conditions is your data shared?

Data is disclosed to third parties only if they can demonstrate that they have a Personal Data Protection System in place that complies with current laws.

User Responsibility

You:

  • You warrant that you are at least eighteen (18) years of age and that the information you provide to the data controller is true, accurate, complete, and up-to-date. For these purposes, you are responsible for the accuracy of all information you provide and will keep the information up-to-date so that it reflects your current situation.

  • You warrant that you have informed any third parties to whom you disclose their data—if you do so—of the matters set forth in this document. You also warrant that you have obtained their consent to disclose their data to the data controller for the purposes indicated.

  • You will be liable for any false or inaccurate information you provide through the website and for any direct or indirect damages that this may cause to the Data Controller or to third parties.

What are your rights?

You have the right to obtain confirmation as to whether or not we are processing personal data concerning you.

Data subjects have the right to access their personal data, as well as to request the correction of inaccurate data or, where appropriate, to request its erasure when, among other reasons, the data is no longer necessary for the purposes for which it was collected.

Under certain circumstances, data subjects may request that the processing of their data be restricted; in such cases, we will retain their data solely for the purpose of asserting or defending legal claims.

Under certain circumstances and for reasons related to their specific situation, data subjects may object to the processing of their data, in which case the Data Controller will cease processing the data, unless there are compelling legitimate grounds for doing so, or for the establishment, exercise, or defense of legal claims.

Under the right to data portability, data subjects have the right to receive the personal data concerning them in a structured, commonly used, and machine-readable format and to transmit that data to another controller.

If you have given your consent for a specific purpose, you have the right to withdraw that consent at any time, without this affecting the lawfulness of the processing based on the consent given prior to its withdrawal.

Where can you go to exercise your rights?

If you wish to exercise your rights, please contact the data controller via the designated channel for exercising rights (info@bkenergies.com) so that we can process your request in an orderly manner.

What information is required to exercise your rights? To exercise your rights, we need to verify your identity and the specific request you are making, so we ask you to provide the following information:

  • Documented information (in writing or via email) regarding the request, specifying the details of the request.

  • Proof of identity as the data subject whose rights are being exercised (first and last names of the data subject and a photocopy of the data subject’s ID card and/or that of the person representing them, as well as a document proving such representation).

  • Address for notification purposes, date, and signature of the applicant (if submitting a written request), or full name (if submitting via email), or validation of the request in the private area of the communication channel using a personal authentication password.

  • If the data controller has reasonable doubts regarding the identity of the individual making the request, it may request that the necessary additional information be provided to confirm the data subject’s identity.

What is the general procedure for exercising your rights? Once we have received the required information, we will respond to your request in accordance with the Data Controller’s general procedure for exercising rights:

  • The data controller shall provide the data subject with information regarding its actions in response to a request made pursuant to Articles 15 through 22 (Rights of the data subject), and in any event within one month of receiving the request.

  • This deadline may be extended by an additional two months if necessary, taking into account the complexity and number of applications.

  • The data controller shall notify the data subject of any such extension within one month of receiving the request, stating the reasons for the delay.

  • When the data subject submits the request electronically, the information will be provided electronically whenever possible, unless the data subject requests that it be provided in another manner.

  • If the data controller does not act on the data subject’s request, it shall inform the data subject without delay—and no later than one month after receiving the request—of the reasons for its inaction and of the possibility of filing a complaint with a supervisory authority and pursuing legal action.

  • The information provided will be free of charge, except for a reasonable fee to cover administrative costs.

  • The data controller may refuse to act on the request, but bears the burden of proving that the request is manifestly unfounded or excessive.

What avenues for filing a complaint are available?

If you believe that your rights have not been properly addressed, you have the right to file a complaint with the competent data protection authority (www.agpd.es).

How did we obtain your information?

Your data has been collected through one of the following channels:

  • Through the data subject or their legal representative.

  • Through third parties with whom the data controller has a business relationship or a service agreement.

  • Through public agencies related to the purpose of the contracted service.

  • Through third parties at the request of the contracting party.

What types of data do we process?

Identification and contact information (first name, last name, phone number, or email address, etc.); business information; economic, financial, and/or payment terms data; other types of data: first name, last name, and Tax ID number of the legal representative; contact information for individuals within the organization who are involved in or associated with the service covered by the contract or request.

The data structure in question may contain specially protected data, the processing of which is necessary for the proper provision of the products/services contracted by the data subject, and which will be processed by the organization in its capacity as a data processor. Generally, such data is de-identified and/or anonymized.

How is your personal data stored securely?

Blakach Energy S.L. takes all necessary measures to keep your personal data private and secure. Only authorized personnel at Blakach Energy S.L., as well as authorized personnel from third-party contractors or partners engaged to provide certain services (who are legally and contractually obligated to keep all information secure), have access to your personal data. All Blakach Energy S.L. personnel who have access to your personal data are required to commit to complying with data protection regulations, as well as the Privacy Policy and any instructions, communications, codes, or similar documents that are developed and provided for their information. Additionally, all third parties who have access to your personal data are required to sign the relevant confidentiality agreements or data processor contracts.

Blakach Energy S.L. follows strict criteria for selecting service providers in order to comply with its data protection obligations and undertakes to enter into the corresponding data processing agreement with them, through which it will impose, among others, the following obligations: to implement appropriate technical and organizational measures; process personal data for the agreed-upon purposes and solely in accordance with Blakach Energy S.L.’s documented instructions; and delete or return the data to the user once the provision of services has ended. These agreements do not affect your rights under data protection law. For more information about these agreements, please do not hesitate to contact us.

Changes to the Privacy Policy

Blakach Energy S.L. reserves the right to make, at any time, any modifications, changes, deletions, or cancellations to the content and its presentation as it deems appropriate; therefore, we recommend that you review our privacy policy whenever you deem it necessary. If you do not agree with any of the changes, you may exercise your rights in accordance with the procedure described by sending an email to info@bkenergies.com.

Confidentiality and information regarding third parties whose personal data you provide to us

By accepting and/or validating the process that serves as the basis for formalizing your relationship with Blakach Energy S.L., you expressly consent to the processing of your data in accordance with the provisions of the clause and additional information regarding data protection, and you agree to inform and obtain the consent of any third parties whose personal data you provide to us for such processing.

Furthermore, the user agrees to inform, on behalf of and at the request of Blakach Energy S.L., the data subjects whose information is transferred to Blakach Energy S.L.—within one month of the data being provided to Blakach Energy S.L.—in an explicit, precise, and unambiguous manner regarding the processing of such data.