Breadcrumb

Legal Texts

Privacy Policy
Cookies Policy
Security Policy
This LEGAL NOTICE regulates the use of all websites indicated in the section "CESCE WEBSITES" (hereinafter “the Websites”), property of COMPAÑÍA ESPAÑOLA DE SEGUROS DE CRÉDITO A LA EXPORTACIÓN, S.A. CÍA DE SEGUROS Y REASEGUROS (SME) (hereinafter Cesce) with registered office at calle Velázquez, no. 74 - 28001 Madrid, contact email: [email protected] and which was registered in the Commercial Registry of Madrid, under General Volume 597, Folio 1, Page M-12.777, Entry 157.

For its Insurance activity, Cesce is subject to the supervision of The Directorate General of Insurance and Pension Funds and registered in the Special Registry of Insurance Companies with No. C-516.

“The Websites” of Cesce offer information, access to content and news about company activities and, specifically, about products and services offered by Cesce.
Conditions of use of the Website

Use of “the Websites” gives one the status of a Portal user (hereinafter, the User) and implies acceptance of all the conditions included in this Legal Notice.

The User must read carefully read these provisions, to which use of the service is subject. Moreover, the User agrees to be subject to any other specific conditions, regulations and instructions notified by Cesce which, where appropriate, may replace, complete or amend these provisions and/or which regulate the use of “the Websites.” The User will bear all the expenses, costs and compensation that may be derived from proceedings against them due to breach of the provisions of this Legal Notice.

If you are not in agreement with the provisions of this Legal Notice, we ask that you do not use “the Websites.” Browsing on “the Websites” implies acceptance of the legal terms set out in this text.

The User must read carefully read these provisions, to which use of the service is subject. Moreover, the User agrees to be subject to any other specific conditions, regulations and instructions notified by Cesce which, where appropriate, may replace, complete or amend these provisions and/or which regulate the use of “the Websites.” The User will bear all the expenses, costs and compensation that may be derived from proceedings against them due to breach of the provisions of this Legal Notice.

If you are not in agreement with the provisions of this Legal Notice, we ask that you do not use “the Websites.” Browsing on “the Websites” implies acceptance of the legal terms set out in this text.

“The Websites” contain general information about the activities carried out and the services and products developed by Cesce. 
The User of “the Websites” undertakes to not use them or their contents contrary to the provisions of applicable current legislation.

The name and access password provided to the User to access certain services are personal and non-transferrable, for the exclusive use of the User and allow them to be properly identified, as well as access to the Portal or to certain services in it. The User undertakes to take the measures necessary to safeguard the confidentiality of their identification keys; they are solely responsible for appropriate use of them.

Website Contents

Cesce reserves the right to withdraw, suspend or amend access to “the Websites,” as well as an y of the content or services offered thereon and to the remaining elements of its “website,” without the need to give prior notice.

CESCE makes available to users a group of professionals responsible for updating and reviewing the veracity and integrity of the content of the information set out on “the Websites.” However, given the nature of the medium and the possible risk of service interruption, disruption of access or of the content of “the Websites” by third parties, CESCE excludes any liability that may arise from the content of its Websites.

Moreover, given the immense quantity of information and the fact that the data are obtained from third-party sources not controlled by Cesce, it accepts no liability for the opinions, assessments or comments, nor for possible errors, inaccuracies or omissions in the information contained in Cesce's Country Risk database and in the remaining services and, in particular, Cesce shall not be liable for any damage and/or harm, regardless of its nature, that the User may incur due to having trusted to the accuracy of the information contained on “the Websites.”

For these purposes, the User, by simply accessing and using “the Websites” declares that they have been warned and expressly accepts that the information contained on Cesce's Country Risk database and in the remaining content of “the Website” is an additional element among the various elements that the diligence of a reasonable trader recommends bearing in mind prior to taking business decisions, hence the User may decide freely whether or not to take it into consideration..

Data collection forms

Accessing and viewing certain information contained on “the Websites” may be conditional upon filling out the relevant form beforehand.

All the information the User provides through the forms on “the Websites” or through any other channels must be true and accurate, hence the User promises that all the data they provide is authentic and that they will keep the information fully up-to-date such that it reflects the real situation at all times; the User shall be solely liable for false or inaccurate statements they may make and for all the damage and harm that may be derived therefrom.

Cesce presents its data collection forms and "the Websites" according to the requirements introduced by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, on the protection of personal data (“GDPR”). The User can consult the “Privacy Policy” and the data protection policy both on those forms and on “the Websites.”

Access to and availability of the service

Access to “the Websites” does not imply the obligation on the part of the supplier to monitor the absence of viruses or any other harmful computer elements; it is the responsibility of the User to have appropriate tools to detect and remove them.

Access to “the Websites” requires services and supplies from third parties, including transport through telecommunications networks, for whose trustworthiness, quality, continuity and technical operation Cesce is not responsible. Therefore, the services provided through “the Websites” may be suspended, cancelled or inaccessible, prior to or simultaneous with the provision of the Portal’s service.

Cesce shall not be held liable for the damages and harm caused to the User due to faults or disconnections involving the suspension, cancellation or interruption of the Portal’s service while it is being provided or prior thereto.

Cesce’s websites

Cesce’s websites are:

  • cesce.es
  • cesce.com
  • cesceportugal.com
Applicable Law and Jurisdiction
This Legal Notice is governed in each and every detail by Spanish law. For any litigation derived from the existence, access to, use or content of “the Websites”, both the User and Cesce, expressly waiving their right to proceed in any other jurisdiction to which they may be entitled, will submit to the jurisdiction and exclusive competence of the Courts of Madrid (city).
If you are a User of the website

A. The data controller

Compañía Española de Seguros de Crédito a la Exportación, S.A., Compañía de Seguros y Reaseguros (SME), whose registered address is at calle Velázquez, 74, 28001, Madrid (Spain). Email address: [email protected].
Moreover, you are informed that Cesce has a Data Protection Officer and that you may contact him through the following email address: [email protected]
You guarantee the veracity of the personal data provided to Cesce. Moreover, Cesce may periodically ask you to review and update the personal data on you that it holds.

B. Purposes and legitimate basis

Below is a description of the various purposes for which your personal data is processed and the legitimate basis for the processing:

i. Legitimacy due to application of pre-contractual measures:
Cesce will process your personal data provided on the Website with the sole purpose of processing your application and/or resolving the query made through the form..

ii. Legitimacy due to compliance with a legal obligation:
To facilitate the data subject’s exercise of their rights according to articles 15 to 22 of the GDPR and to process the application received within one month according to the GDPR, Organic Law 3/2018, of 5 December, on Protection of Personal Data and guarantee of digital rights and any other applicable personal data protection legislation.

iii. Express consent:
  • To carry out commercial and/or advertising actions or communications, by any means, including by means of electronic communications or equivalent about products or services offered by Cesce or third-party companies.
  • To send the newsletter of Cesce's Corporate Responsibility Blog

C. Data recipients

Your data will not be transferred to third parties.
 

D. International transfers

We inform you that Cesce may use service suppliers located outside the European Economic Area. In those cases, the company requires that said recipients comply with the measures designed to protect the personal data set out in a binding contract, except where the European Commission has determined that the company where the recipient is located offers an adequate level of protection of personal data. The Customer may obtain a copy of the measures required by Cesce by contacting the Data Protection Officer (“DPO”) at the address set out at the end of clause A


E.Storage of personal data

Your personal data will be stored for as long as the pre-contractual relationship between you and Cesce lasts.
Notwithstanding the foregoing, your data will be stored, duly blocked, while liability may be derived therefrom, as well as to comply with other legal obligations bearing upon Cesce.
In this regard, Cesce guarantees that it will not process the data except where necessary to make, bring or defend claims or when required to provide them to the Public Authorities, Judges and Courts during the statute of limitation of your rights and obligations.

F. Data protection rights

We inform you that in accordance with current legislation you have the right to exercise your rights of access, rectification, cancellation and to object, as well of erasure, restriction of processing and the right to the portability of your data, for which you must prove your identity (by means of a copy of your National ID Card or equivalent) at the following address: Compañía Española de Seguros de Crédito a la Exportación, S.A., Compañía de Seguros y Reaseguros (SME), calle Velázquez, 74, 28001, Madrid (Spain), or the following email address: [email protected].

You can find more information about your rights from the Spanish Data Protection Agency, to which you have the right to submit a complaint if you believe that your rights have not been respected, located at calle Jorge Juan, 6, 28001, Madrid.
 
If you are an Applicant for CESCE products or services

A. The data controller

Compañía Española de Seguros de Crédito a la Exportación, S.A., Compañía de Seguros y Reaseguros (SME), whose registered address is at calle Velázquez, 74, 28001, Madrid (Spain). Email address: [email protected].

Moreover, you are informed that Cesce has a Data Protection Officer and that you may contact him through the following email address: [email protected]..

You guarantee the veracity of the personal data provided to Cesce. Moreover, Cesce may periodically ask you to review and update the personal data on you that it holds.


B. Purposes and legitimate basis

Below is a description of the various purposes for which your personal data is processed and the legitimate basis for the processing::

i. Legitimacy due to application of pre-contractual measures:
  • a. To manage and assess an application for insurance or to manage the credit risk, including taking automated individual decisions by assessing and evaluating your personal data to determine whether to accept and/or refuse your application, according to article 22.2.a of Regulation (EU) 2016/679 on General Data Protection..
  • b.To specify, based on the information you provide, your demands and needs or those of the Company you represent, and to offer the insurance or credit risk management product or service best suited to meeting them.
ii. Legitimacy due to compliance with a legal obligation:
  • a. To assess, select and price risks linked to taking out the insurance according to article 99.1 of Law 20/2015, of 14 July, on the regulation, supervision and solvency of insurance and reinsurance companies.
  • b.To report information to public authorities, regulators or government bodies where required by law, local regulations or according to regulatory obligations..
  • c. To facilitate the data subject’s exercise of their rights according to articles 15 to 22 of the GDPR and to process the application received within one month according to the GDPR, Organic Law 3/2018, of 5 December, on Protection of Personal Data and guarantee of digital rights and any other applicable personal data protection legislation.
iii. Legitimacy based on Cesce’s legitimate interests:
  • a. Preventing possible fraud derived from taking out insurance, for which purpose actions may be taken that are reasonably necessary to detect the existence of potentially-fraudulent information, or of inaccurate, incorrect or inconsistent data..
  • b. Communication of the details of the policyholder, insured, beneficiary or third party that has suffered a loss to reinsurance entities when necessary to enter into a reinsurance contract in the terms set out in article 77 of Law 50/1980, of 8 October, on Insurance Contracts or the execution of related transactions
  • c. Looking up information about capital solvency and creditworthiness when necessary to judge the financial solvency of the affected party according to applicable regulations.
  • d. Communication their personal data to other companies in the Cesce Group for internal administrative purposes, including the processing of customers’ or employees’ personal data.
  • e. Processing the contact details of natural persons who provide services at a legal person (to maintain a relationship with the latter) and those related to individual businesspersons (as long as they refer to them in those terms). Only data necessary to establish your residence for professional purposes will be processed.
iv. Express consent:
  • a. To carry out commercial and/or advertising actions or communications, by any means, including by means of electronic communications or equivalent about products or services offered by Cesce or third-party companies.

C. Data recipients

Cesce may communicate your personal data in the terms set out in the foregoing section B. Purposes and legitimate basis of the following entities:

i. Cesce Group Companies

ii. Competent bodies and public authorities, when Cesce is legally obliged to provide them.

iii. Capital solvency and creditworthiness files.

iv. Reinsurance companies

v. Moreover, Cesce enjoys the collaboration of some third-party suppliers with access to your personal data and which process the aforementioned data for and on behalf of Cesce as a consequence of their provision of services, such as financial institutions, collection agencies, lawyers or insurance distributors.


D. Origin of the data

Cesce obtains your personal data from the following sources:

i. The information you provide to us in processing your request or at fairs, institutional activities or other events.

ii. Open sources of information, such as official journals and gazettes, public records or decisions made by the Public Authorities.

iii. Law Enforcement Agencies, Registers of Bodies and Institutions for detecting and preventing fraud.

iii. Law Enforcement Agencies, Registers of Bodies and Institutions for detecting and preventing fraud.
 

E. International transfers

We inform you that Cesce may use service suppliers located outside the European Economic Area. In those cases, the company requires that said recipients comply with the measures designed to protect the personal data set out in a binding contract, except where the European Commission has determined that the company where the recipient is located offers an adequate level of protection of personal data. The Customer may obtain a copy of the measures required by Cesce by contacting the Data Protection Officer (“DPO”) at the address set out at the end of clause A.


F. Storage of personal data

Your personal data will be stored for as long as the pre-contractual relationship between you or the Company you represent and Cesce lasts.

Once it is finished, your personal data will be erased as soon as all the actions necessary to manage and complete any obligation that may remain between the parties have been carried out, and in that period all the necessary paperwork will be done, except where you have given us your consent to send you commercial communication once the contractual relationship has ended.
Notwithstanding the foregoing, your data will be stored, duly blocked, while liability may be derived from the execution of the contract, as well as to comply with other legal obligations bearing upon Cesce.

In this regard, Cesce guarantees that it will not process the data except where necessary to make, bring or defend claims or when required to provide them to the Public Authorities, Judges and Courts during the statute of limitation of your rights and obligations.


G. Data protection rights

We inform you that in accordance with current legislation you have the right to exercise your rights of access, rectification, cancellation and to object, as well of erasure, restriction of processing and the right to the portability of your data, for which you must prove your identity (by means of a copy of your National ID Card or equivalent) at the following address: Compañía Española de Seguros de Crédito a la Exportación, S.A., Compañía de Seguros y Reaseguros (SME), calle Velázquez, 74, 28001, Madrid (Spain), or the following email address: [email protected].

You can find more information about your rights from the Spanish Data Protection Agency, to which you have the right to submit a complaint if you believe that your rights have not been respected, located at calle Jorge Juan, 6, 28001, Madrid.
If you’re a Customer

A. The data controller

Compañía Española de Seguros de Crédito a la Exportación, S.A., Compañía de Seguros y Reaseguros (SME), whose registered address is at calle Velázquez, 74, 28001, Madrid (Spain). Email address: [email protected].

Moreover, you are informed that Cesce has a Data Protection Officer and that you may contact him through the following email address: [email protected].

You guarantee the veracity of the personal data provided to Cesce. Moreover, Cesce may periodically ask you to review and update the personal data on you that it holds.

B. Purposes and legitimate basis

Below is a description of the various purposes for which your personal data provided to Cesce is processed and the legitimate basis for the processing:

i. Legitimacy due to the execution of the contract signed with Cesce:
  • a. Entering into the insurance contract, as well as managing, maintaining and monitoring the contractual relations, including management of the queries and companies about customer service, as well as the collection of the premium receipts and the processing of amendments and extensions.
  • b. Verifying operations that are subject to insurance, as well as managing the credit risk and demanding repayment of it, whether they are insured or uninsured credits.
  • c. Making the checks and investigations necessary for the determination and, where appropriate, pay the indemnity to the insured, to the beneficiary or the injured party.
  • d. Making communications that may be necessary related to the products and services provided by or marketed by Cesce according to this contract, in order to inform you about their status and the tools Cesce makes available to you.
ii. Legitimacy due to compliance with a legal obligation:
  • a. To manage the resolution of complaints and disputes that may arise between policyholders, insurers, beneficiaries, injured third parties or rightful claimants of any of them with Cesce according to article 97 of Law 20/2015, of 14 July, on the regulation, supervision and solvency of insurance and reinsurance companies.
  • b. To report information to public authorities, regulators or government bodies where required by law, local regulations or according to regulatory obligations.
  • c. To keep the accounts required by the Commercial Code and other applicable provisions, as well as the account records of accounts, accidents, technical provisions, investments, reinsurance contracts and policies, supplements and cancellations issued, according to article 96 of Royal Decree 1060/2015, of 20 November, on the regulation, supervision and solvency of insurance and reinsurance companies.
  • d. To facilitate the data subject’s exercise of their rights according to articles 15 to 22 of the GDPR and to process the application received within one month according to the GDPR, Organic Law 3/2018, of 5 December, on Protection of Personal Data and guarantee of digital rights and any other applicable personal data protection legislation.
iii. Legitimacy based on Cesce’s legitimate interests:
  • a. Carrying commercial and/or advertising actions or communications, by any means, including by means of electronic communications or equivalent, related to products or services similar to those purchased by you or by the Company you represent with Cesce, according to article 21.2 of Law 34/2002, of 11 July, on services of the information society and e-commerce.
  • b. Conducting satisfaction surveys related to the product or service contracted by you or the Company you represent and the services provided by Cesce, in order to assess their satisfaction with it, for the purposes of improving processes and services linked with compliance with Cesce’s obligations according to this contract.
  • c. Preventing possible fraud derived from the contracting, for which purpose actions may be taken that are reasonably necessary to detect the existence of potentially-fraudulent information, or of inaccurate, incorrect or inconsistent data.
  • d. Communicating your data to other companies in the Cesce Group, when it is necessary for reasons of monitoring and internal administrative management.
  • e. Communication of the details of the policyholder, insured, beneficiary or third party that has suffered a loss to reinsurance entities when necessary to enter into a reinsurance contract in the terms set out in article 77 of Law 50/1980, of 8 October, on Insurance Contracts or the execution of related transactions
iv. Legitimacy based on express consent
  • a. To carry out commercial and/or advertising actions or communications, including once the contractual relationship has ended, by any means, including by means of electronic communications or equivalent about products or services other than those purchased from Cesce, whether offered by Cesce or other companies in the Cesce Group or by third parties that are complementary to insurance and credit risk management and
  • b. To transfer your personal data and any information that Cesce may hold to other companies in the Cesce Group or other third-party companies concerned in the provision of credit management service so that they may send you commercial information about their products or services.

C. Data recipients

Cesce may communicate the personal data in the terms set out in the foregoing section B. Purposes and legitimate basis of the following entities:

i. Cesce Group Companies for the following purposes:
  • a) To provide certain services within the framework of the contractual relationship between Cesce and you or the Company you represent.
  • b) For internal administrative purposes, including the processing of customers’ or employees’ personal data.
  • c) Comply with legal obligations.
ii. Competent Public Bodies, the Tax Agency, Judges and Courts, where Cesce is legally obliged to provide them.

iii. Capital solvency and creditworthiness files.

iv. Reinsurance Companies.

v. Moreover, Cesce enjoys the collaboration of some third-party suppliers with access to your personal data and which process the aforementioned data for and on behalf of Cesce as a consequence of their provision of services, such as financial institutions, collection agencies, lawyers or insurance distributors.
 

D. Origin of the data

Cesce obtains your personal data from the following sources:

i. The information you or the company your represent gives us when entering into the contract or during its execution or at fairs, institutional activities or other events.
ii. Open sources of information, such as official journals and gazettes, public records or decisions made by the Public Authorities.
 iii. Law Enforcement Agencies, Registers of Bodies and Institutions for detecting and preventing fraud.
.

In particular, the data we will process includes the following categories: identification details, company details, economic data and commercial information obtained from open sources and other legally-organised sources for assessing, underwriting and managing credit risk and claiming it. Third-party personal data, especially where protected, are not collected.

E. International transfers

We inform you that Cesce may use service suppliers located outside the European Economic Area. In those cases, the company requires that said recipients comply with the measures designed to protect the personal data set out in a binding contract, except where the European Commission has determined that the company where the recipient is located offers an adequate level of protection of personal data. The Customer may obtain a copy of the measures required by Cesce by contacting the Data Protection Officer (“DPO”) at the address set out at the end of clause A.

F. Storage of personal data

Your personal data will be stored for as long as the contractual relationship between you or the company you represent and Cesce lasts.

Once it is finished, your personal data will be erased as soon as all the actions necessary to manage and complete any obligation that may remain between the parties have been carried out, and in that period all the necessary paperwork will be done, except where you have given us your consent to send you commercial communication once the contractual relationship has ended.

Notwithstanding the foregoing, your data will be stored, duly blocked, while liability may be derived from the execution of the financing contract, as well as to comply with other legal obligations bearing upon Cesce.

In this regard, Cesce guarantees that it will not process the data except where necessary to make, bring or defend claims or when required to provide them to the Public Authorities, Judges and Courts during the statute of limitation of your rights and obligations.

G. Data protection rights

We inform you that in accordance with current legislation you have the right to exercise your rights of access, rectification, cancellation and to object, as well of erasure, restriction of processing and the right to the portability of your data, for which you must prove your identity (by means of a copy of your National ID Card or equivalent) at the following address: Compañía Española de Seguros de Crédito a la Exportación, S.A., Compañía de Seguros y Reaseguros (SME), calle Velázquez, 74, 28001, Madrid (Spain), or the following email address: [email protected].

You can find more information about your rights from the Spanish Data Protection Agency, to which you have the right to submit a complaint if you believe that your rights have not been respected, located at calle Jorge Juan, 6, 28001, Madrid.

If you’re a Customer

A. The data controller

Compañía Española de Seguros de Crédito a la Exportación, S.A., Compañía de Seguros y Reaseguros (SME), whose registered address is at calle Velázquez, 74, 28001, Madrid (Spain). Email address: [email protected].

Moreover, you are informed that Cesce has a Data Protection Officer and that you may contact him through the following email address: [email protected].

You guarantee the veracity of the personal data provided to Cesce. Moreover, Cesce may periodically ask you to review and update the personal data on you that it holds.

B. Purposes and legitimate basis

Below is a description of the various purposes for which your personal data provided to Cesce is processed and the legitimate basis for the processing:

i. Legitimacy due to the execution of the contract signed with Cesce:
  • a. Entering into the insurance contract, as well as managing, maintaining and monitoring the contractual relations, including management of the queries and companies about customer service, as well as the collection of the premium receipts and the processing of amendments and extensions.
  • b. Verifying operations that are subject to insurance, as well as managing the credit risk and demanding repayment of it, whether they are insured or uninsured credits.
  • c. Making the checks and investigations necessary for the determination and, where appropriate, pay the indemnity to the insured, to the beneficiary or the injured party.
  • d. Making communications that may be necessary related to the products and services provided by or marketed by Cesce according to this contract, in order to inform you about their status and the tools Cesce makes available to you.
ii. Legitimacy due to compliance with a legal obligation:
  • a. To manage the resolution of complaints and disputes that may arise between policyholders, insurers, beneficiaries, injured third parties or rightful claimants of any of them with Cesce according to article 97 of Law 20/2015, of 14 July, on the regulation, supervision and solvency of insurance and reinsurance companies.
  • b. To report information to public authorities, regulators or government bodies where required by law, local regulations or according to regulatory obligations.
  • c. To keep the accounts required by the Commercial Code and other applicable provisions, as well as the account records of accounts, accidents, technical provisions, investments, reinsurance contracts and policies, supplements and cancellations issued, according to article 96 of Royal Decree 1060/2015, of 20 November, on the regulation, supervision and solvency of insurance and reinsurance companies.
  • d. To facilitate the data subject’s exercise of their rights according to articles 15 to 22 of the GDPR and to process the application received within one month according to the GDPR, Organic Law 3/2018, of 5 December, on Protection of Personal Data and guarantee of digital rights and any other applicable personal data protection legislation.
iii. Legitimacy based on Cesce’s legitimate interests:
  • a. Carrying commercial and/or advertising actions or communications, by any means, including by means of electronic communications or equivalent, related to products or services similar to those purchased by you or by the Company you represent with Cesce, according to article 21.2 of Law 34/2002, of 11 July, on services of the information society and e-commerce.
  • b. Conducting satisfaction surveys related to the product or service contracted by you or the Company you represent and the services provided by Cesce, in order to assess their satisfaction with it, for the purposes of improving processes and services linked with compliance with Cesce’s obligations according to this contract.
  • c. Preventing possible fraud derived from the contracting, for which purpose actions may be taken that are reasonably necessary to detect the existence of potentially-fraudulent information, or of inaccurate, incorrect or inconsistent data.
  • d. Communicating your data to other companies in the Cesce Group, when it is necessary for reasons of monitoring and internal administrative management.
  • e. Communication of the details of the policyholder, insured, beneficiary or third party that has suffered a loss to reinsurance entities when necessary to enter into a reinsurance contract in the terms set out in article 77 of Law 50/1980, of 8 October, on Insurance Contracts or the execution of related transactions
iv. Legitimacy based on express consent
  • a. To carry out commercial and/or advertising actions or communications, including once the contractual relationship has ended, by any means, including by means of electronic communications or equivalent about products or services other than those purchased from Cesce, whether offered by Cesce or other companies in the Cesce Group or by third parties that are complementary to insurance and credit risk management and
  • b. To transfer your personal data and any information that Cesce may hold to other companies in the Cesce Group or other third-party companies concerned in the provision of credit management service so that they may send you commercial information about their products or services.

C. Data recipients

Cesce may communicate the personal data in the terms set out in the foregoing section B. Purposes and legitimate basis of the following entities:

i. Cesce Group Companies for the following purposes:
  • a) To provide certain services within the framework of the contractual relationship between Cesce and you or the Company you represent.
  • b) For internal administrative purposes, including the processing of customers’ or employees’ personal data.
  • c) Comply with legal obligations.
ii. Competent Public Bodies, the Tax Agency, Judges and Courts, where Cesce is legally obliged to provide them.

iii. Capital solvency and creditworthiness files.

iv. Reinsurance Companies.

v. Moreover, Cesce enjoys the collaboration of some third-party suppliers with access to your personal data and which process the aforementioned data for and on behalf of Cesce as a consequence of their provision of services, such as financial institutions, collection agencies, lawyers or insurance distributors.
 

D. Origin of the data

Cesce obtains your personal data from the following sources:

i. The information you or the company your represent gives us when entering into the contract or during its execution or at fairs, institutional activities or other events.
ii. Open sources of information, such as official journals and gazettes, public records or decisions made by the Public Authorities.
 iii. Law Enforcement Agencies, Registers of Bodies and Institutions for detecting and preventing fraud.
.

In particular, the data we will process includes the following categories: identification details, company details, economic data and commercial information obtained from open sources and other legally-organised sources for assessing, underwriting and managing credit risk and claiming it. Third-party personal data, especially where protected, are not collected.

E. International transfers

We inform you that Cesce may use service suppliers located outside the European Economic Area. In those cases, the company requires that said recipients comply with the measures designed to protect the personal data set out in a binding contract, except where the European Commission has determined that the company where the recipient is located offers an adequate level of protection of personal data. The Customer may obtain a copy of the measures required by Cesce by contacting the Data Protection Officer (“DPO”) at the address set out at the end of clause A.

F. Storage of personal data

Your personal data will be stored for as long as the contractual relationship between you or the company you represent and Cesce lasts.

Once it is finished, your personal data will be erased as soon as all the actions necessary to manage and complete any obligation that may remain between the parties have been carried out, and in that period all the necessary paperwork will be done, except where you have given us your consent to send you commercial communication once the contractual relationship has ended.

Notwithstanding the foregoing, your data will be stored, duly blocked, while liability may be derived from the execution of the financing contract, as well as to comply with other legal obligations bearing upon Cesce.

In this regard, Cesce guarantees that it will not process the data except where necessary to make, bring or defend claims or when required to provide them to the Public Authorities, Judges and Courts during the statute of limitation of your rights and obligations.

G. Data protection rights

We inform you that in accordance with current legislation you have the right to exercise your rights of access, rectification, cancellation and to object, as well of erasure, restriction of processing and the right to the portability of your data, for which you must prove your identity (by means of a copy of your National ID Card or equivalent) at the following address: Compañía Española de Seguros de Crédito a la Exportación, S.A., Compañía de Seguros y Reaseguros (SME), calle Velázquez, 74, 28001, Madrid (Spain), or the following email address: [email protected].

You can find more information about your rights from the Spanish Data Protection Agency, to which you have the right to submit a complaint if you believe that your rights have not been respected, located at calle Jorge Juan, 6, 28001, Madrid.

If your are a Third Party Intervener in contracts between Cesce and its Customers

A. The data controller

Compañía Española de Seguros de Crédito a la Exportación, S.A., Compañía de Seguros y Reaseguros (SME), whose registered address is at calle Velázquez, 74, 28001, Madrid (Spain). Email address: [email protected].

Moreover, you are informed that Cesce has a Data Protection Officer and that you may contact him through the following email address: [email protected].

B. Purposes and legitimate basis

Below is a description of the various purposes for which your personal data provided to Cesce is processed and the legitimate basis for the processing:

i. Legitimacy due to compliance with a legal obligation:
  • a. To manage the resolution of complaints and disputes that may arise between policyholders, insurers, beneficiaries, injured third parties or rightful claimants of any of them with Cesce according to article 97 of Law 20/2015, of 14 July, on the regulation, supervision and solvency of insurance and reinsurance companies.
  • b. To report information to public authorities, regulators or government bodies where required by law, local regulations or according to regulatory obligations.
  • c. To facilitate the data subject’s exercise of their rights according to articles 15 to 22 of the GDPR and to process the application received within one month according to the GDPR, Organic Law 3/2018, of 5 December, on Protection of Personal Data and guarantee of digital rights and any other applicable personal data protection legislation.

ii. Legitimacy based on Cesce’s legitimate interests:
  • a. To commercially verify the commercial operation, manage the credit risk and demand repayment of the credits in the framework of the contract signed by Cesce and its customer.
  • b. To assess and, where appropriate, underwrite the credit risk.
  • c. To prevent potential fraud derived from the insurance contract with our Customer, due to which it is necessary to take actions reasonably necessary to detect the existence of potentially-fraudulent information, or of inaccurate, incorrect or inconsistent data, which includes commercial verification of the invoice provided by our Customer setting out the services provided to you for the purposes of issue a liquidity security.
  • d. Process the loss reported by our customers, in which case Cesce may seek an out-of-court settlement or bring suit to recover the unpaid credit.
  • e. Processing the contact details of natural persons who provide services at a legal person (to maintain a relationship with the latter) and those related to individual businesspersons (as long as they refer to them in those terms). Only data necessary to establish your residence for professional purposes will be processed.

C. Data recipients

Cesce communicates your personal data to:

i. Cesce Group Companies for the following purposes:
  • a) To provide certain services within the framework of the contractual relationship between Cesce and the Customer.
  • b) To manage the credit risk and to demand payment of it by companies in the Cesce Group whose corporate purpose is to insure these risks or to provide auxiliary or complementary insurance services.
  • c) Comply with legal obligations.
ii. Competent Public Bodies, the Tax Agency, Judges and Courts, where Cesce is legally obliged to provide them.

iii. Capital solvency and creditworthiness files.

iv. Moreover, Cesce enjoys the collaboration of some third-party suppliers with access to your personal data and which process the aforementioned data for and on behalf of Cesce as a consequence of their provision of services, such as financial institutions, collection agencies, lawyers or insurance distributors.
 

D. Origin of the data

Cesce obtains your personal data from the following sources:

  • i. The information our Customer provides to Cesce when it takes out and maintains the insurance contract or another commercial risk management contract.
  • ii. Open sources of information, such as official journals and gazettes, public records or decisions made by the Public Authorities

In particular, the data we will process include the following categories: identification details, company details, economic data and information obtained from open sources and other legally-organised sources for assessing, underwriting and managing credit risk and claiming it.

E. International transfers

We inform you that Cesce may use service suppliers located outside the European Economic Area. In those cases, the company requires that said recipients comply with the measures designed to protect the personal data set out in a binding contract, except where the European Commission has determined that the company where the recipient is located offers an adequate level of protection of personal data. The Customer may obtain a copy of the measures required by Cesce by contacting the Data Protection Officer (“DPO”) at the address set out at the end of clause A.

F. Storage of personal data

Your personal data will be stored until all the actions necessary to manage the risk have been carried out, as well as wherever necessary for Cesce to comply with contractual or legal obligations.

G. Data protection rights

We inform you that in accordance with current legislation you have the right to exercise your rights of access, rectification, cancellation and to object, as well of erasure, restriction of processing and the right to the portability of your data, for which you must prove your identity (by means of a copy of your National ID Card or equivalent) at the following address: Compañía Española de Seguros de Crédito a la Exportación, S.A., Compañía de Seguros y Reaseguros (SME), calle Velázquez, 74, 28001, Madrid (Spain), or the following email address: [email protected].

You can find more information about your rights from the Spanish Data Protection Agency, to which you have the right to submit a complaint if you believe that your rights have not been respected, located at calle Jorge Juan, 6, 28001, Madrid.

If your are a Third Party Intervener in contracts between Cesce and its Customers

A. The data controller

Compañía Española de Seguros de Crédito a la Exportación, S.A., Compañía de Seguros y Reaseguros (SME), whose registered address is at calle Velázquez, 74, 28001, Madrid (Spain). Email address: [email protected].

Moreover, you are informed that Cesce has a Data Protection Officer and that you may contact him through the following email address: [email protected].

B. Purposes and legitimate basis

Below is a description of the various purposes for which your personal data provided to Cesce is processed and the legitimate basis for the processing:

i. Legitimacy due to compliance with a legal obligation:
  • a. To manage the resolution of complaints and disputes that may arise between policyholders, insurers, beneficiaries, injured third parties or rightful claimants of any of them with Cesce according to article 97 of Law 20/2015, of 14 July, on the regulation, supervision and solvency of insurance and reinsurance companies.
  • b. To report information to public authorities, regulators or government bodies where required by law, local regulations or according to regulatory obligations.
  • c. To facilitate the data subject’s exercise of their rights according to articles 15 to 22 of the GDPR and to process the application received within one month according to the GDPR, Organic Law 3/2018, of 5 December, on Protection of Personal Data and guarantee of digital rights and any other applicable personal data protection legislation.

ii. Legitimacy based on Cesce’s legitimate interests:
  • a. To commercially verify the commercial operation, manage the credit risk and demand repayment of the credits in the framework of the contract signed by Cesce and its customer.
  • b. To assess and, where appropriate, underwrite the credit risk.
  • c. To prevent potential fraud derived from the insurance contract with our Customer, due to which it is necessary to take actions reasonably necessary to detect the existence of potentially-fraudulent information, or of inaccurate, incorrect or inconsistent data, which includes commercial verification of the invoice provided by our Customer setting out the services provided to you for the purposes of issue a liquidity security.
  • d. Process the loss reported by our customers, in which case Cesce may seek an out-of-court settlement or bring suit to recover the unpaid credit.
  • e. Processing the contact details of natural persons who provide services at a legal person (to maintain a relationship with the latter) and those related to individual businesspersons (as long as they refer to them in those terms). Only data necessary to establish your residence for professional purposes will be processed.

C. Data recipients

Cesce communicates your personal data to:

i. Cesce Group Companies for the following purposes:
  • a) To provide certain services within the framework of the contractual relationship between Cesce and the Customer.
  • b) To manage the credit risk and to demand payment of it by companies in the Cesce Group whose corporate purpose is to insure these risks or to provide auxiliary or complementary insurance services.
  • c) Comply with legal obligations.
ii. Competent Public Bodies, the Tax Agency, Judges and Courts, where Cesce is legally obliged to provide them.

iii. Capital solvency and creditworthiness files.

iv. Moreover, Cesce enjoys the collaboration of some third-party suppliers with access to your personal data and which process the aforementioned data for and on behalf of Cesce as a consequence of their provision of services, such as financial institutions, collection agencies, lawyers or insurance distributors.
 

D. Origin of the data

Cesce obtains your personal data from the following sources:

  • i. The information our Customer provides to Cesce when it takes out and maintains the insurance contract or another commercial risk management contract.
  • ii. Open sources of information, such as official journals and gazettes, public records or decisions made by the Public Authorities

In particular, the data we will process include the following categories: identification details, company details, economic data and information obtained from open sources and other legally-organised sources for assessing, underwriting and managing credit risk and claiming it.

E. International transfers

We inform you that Cesce may use service suppliers located outside the European Economic Area. In those cases, the company requires that said recipients comply with the measures designed to protect the personal data set out in a binding contract, except where the European Commission has determined that the company where the recipient is located offers an adequate level of protection of personal data. The Customer may obtain a copy of the measures required by Cesce by contacting the Data Protection Officer (“DPO”) at the address set out at the end of clause A.

F. Storage of personal data

Your personal data will be stored until all the actions necessary to manage the risk have been carried out, as well as wherever necessary for Cesce to comply with contractual or legal obligations.

G. Data protection rights

We inform you that in accordance with current legislation you have the right to exercise your rights of access, rectification, cancellation and to object, as well of erasure, restriction of processing and the right to the portability of your data, for which you must prove your identity (by means of a copy of your National ID Card or equivalent) at the following address: Compañía Española de Seguros de Crédito a la Exportación, S.A., Compañía de Seguros y Reaseguros (SME), calle Velázquez, 74, 28001, Madrid (Spain), or the following email address: [email protected].

You can find more information about your rights from the Spanish Data Protection Agency, to which you have the right to submit a complaint if you believe that your rights have not been respected, located at calle Jorge Juan, 6, 28001, Madrid.

"The website https://www.cesce.es (hereinafter, the “Website”), is property of COMPAÑÍA ESPAÑOLA DE SEGUROS DE CRÉDITO A LA EXPORTACIÓN, S.A. CÍA DE SEGUROS Y REASEGUROS (SME) (hereinafter, the “Owner”). In compliance with the duty of disclosure stipulated in section 2 of article 22 of Law 34/2002, of 11 July, on Information Society Services and Electronic Commerce, the purpose of this cookies policy is to inform users about the cookies used on the Website in a clear and precise way."

What are cookies and what are they for?

Cookies are small files that are downloaded into your computer when you access certain websites. They serve, among other purposes, to store and recover information about a user’s browsing habits or about their machine and to improve their browsing experience.
What cookies does Cesce use?
  • Google Analytics: It makes it possible to know Websites visited, browsing time, the website leading to the website and searches made, to be able to prepare statistical reports about how users find the website, how they use it and whether it works properly.
  • Hotjar: It makes it possible to know the device and resolution, operating system, browser, IP (encrypted), URL, pages visited, country, data, time of access, duration of the visit and language, in order to obtain heat maps to see the most-clicked areas of the website or where the mouse pointer is placed most often.
  • Google Tag Manager: It allows configuration, testing, launch of third-party vendor tags to a digital property whose purpose is managing site code without the need for IT.
  • Google Doubleclick:  Google DoubleClick uses cookies to improve advertising. They are usually used for targeting advertising according to the content that is relevant to each user, improving campaign performance reviews and avoiding displaying adverts that users have already seen..
  • Adwords: Allows for the management of searches, display and video in order to offer the user ads according to their interests.
  • Teads: Allows for the management of video campaigns in the main publishing groups, seeking to offer ads according to their interests..
  • Facebook: It is a social network that uses analytical and technical cookies to share content on its social network. You can read this service’s cookies policy at https://www.facebook.com/help/cookies/?ref=sitefooter
  • Linkedin: It is a social network that uses cookies that make it possible to manage advertising campaigns on Linkedin.
  • Youtube: Some of our pages contain embedded YouTube videos. See YouTube’s cookies policy.
What cookies does CESCE use?
  • Google Analytics: It makes it possible to know Websites visited, browsing time, the website leading to the website and searches made, to be able to prepare statistical reports about how users find the website, how they use it and whether it works properly.
  • Hotjar: It makes it possible to know the device and resolution, operating system, browser, IP (encrypted), URL, pages visited, country, data, time of access, duration of the visit and language, in order to obtain heat maps to see the most-clicked areas of the website or where the mouse pointer is placed most often.
  • Google Tag Manager: It allows configuration, testing, launch of third-party vendor tags to a digital property whose purpose is managing site code without the need for IT.
  • Google Doubleclick:  Google DoubleClick uses cookies to improve advertising. They are usually used for targeting advertising according to the content that is relevant to each user, improving campaign performance reviews and avoiding displaying adverts that users have already seen..
  • Adwords: Allows for the management of searches, display and video in order to offer the user ads according to their interests.
  • Teads: Allows for the management of video campaigns in the main publishing groups, seeking to offer ads according to their interests..
  • Facebook: It is a social network that uses analytical and technical cookies to share content on its social network. You can read this service’s cookies policy at https://www.facebook.com/help/cookies/?ref=sitefooter
  • Linkedin: It is a social network that uses cookies that make it possible to manage advertising campaigns on Linkedin.
  • Youtube: Some of our pages contain embedded YouTube videos. See YouTube’s cookies policy.
How can I disable Cookies?

You have the possibility to revoke at any time the consent given for the use of cookies by configuring the control panel, as well as to restrict, block or delete cookies by configuring the options of your Internet browser. All modern browsers allow you to change your cookie settings. These settings are usually found in the 'Options' or 'Preferences' menu of your browser.

Below we show you how to do it:Internet Explorer

  • Tools -> Internet Options -> Privacy -> Settings..
  • For more information, you can consult Microsoft support or click Help on your browser.

Firefox

  • Tools -> Options -> Privacy -> History -> Personalised Settings..
  • For more information, you can consult Mozilla support or click Help on your browser.

Chrome

  • Chrome: Settings -> Show advanced options -> Privacy -> Content settings.
  • For more information, you can consult Google support or click Help on your browser.

Safari

  • Preferences -> Security.
  • For more information, you can consult Apple support or click Help on your browser.

Bear in mind that these browsers are subject updates or modifications, we cannot guarantee that the foregoing information exactly fits your browser version. Likewise, if you use browsers other than the above, you must follow the instructions of your own Internet browser to change the cookie-related preferences.

We also offer other ways to disable cookies at the following links:

Cesce may amend this Cookies Policy to take account of legislative or regulatory requirements or to make said Policy compliant with the instructions given by the Spanish Data Protection Agency. Users are therefore advised to periodically visit this pay to see the changes that have been made to them.

How can I disable Cookies?

You have the possibility to revoke at any time the consent given for the use of cookies by configuring the control panel, as well as to restrict, block or delete cookies by configuring the options of your Internet browser. All modern browsers allow you to change your cookie settings. These settings are usually found in the 'Options' or 'Preferences' menu of your browser.

Below we show you how to do it:Internet Explorer

  • Tools -> Internet Options -> Privacy -> Settings..
  • For more information, you can consult Microsoft support or click Help on your browser.

Firefox

  • Tools -> Options -> Privacy -> History -> Personalised Settings..
  • For more information, you can consult Mozilla support or click Help on your browser.

Chrome

  • Chrome: Settings -> Show advanced options -> Privacy -> Content settings.
  • For more information, you can consult Google support or click Help on your browser.

Safari

  • Preferences -> Security.
  • For more information, you can consult Apple support or click Help on your browser.

Bear in mind that these browsers are subject updates or modifications, we cannot guarantee that the foregoing information exactly fits your browser version. Likewise, if you use browsers other than the above, you must follow the instructions of your own Internet browser to change the cookie-related preferences.

We also offer other ways to disable cookies at the following links:

Cesce may amend this Cookies Policy to take account of legislative or regulatory requirements or to make said Policy compliant with the instructions given by the Spanish Data Protection Agency. Users are therefore advised to periodically visit this pay to see the changes that have been made to them.

How can I disable Cookies?

You have the possibility to revoke at any time the consent given for the use of cookies by configuring the control panel, as well as to restrict, block or delete cookies by configuring the options of your Internet browser. All modern browsers allow you to change your cookie settings. These settings are usually found in the 'Options' or 'Preferences' menu of your browser.

Below we show you how to do it:Internet Explorer

  • Tools -> Internet Options -> Privacy -> Settings..
  • For more information, you can consult Microsoft support or click Help on your browser.

Firefox

  • Tools -> Options -> Privacy -> History -> Personalised Settings..
  • For more information, you can consult Mozilla support or click Help on your browser.

Chrome

  • Chrome: Settings -> Show advanced options -> Privacy -> Content settings.
  • For more information, you can consult Google support or click Help on your browser.

Safari

  • Preferences -> Security.
  • For more information, you can consult Apple support or click Help on your browser.

Bear in mind that these browsers are subject updates or modifications, we cannot guarantee that the foregoing information exactly fits your browser version. Likewise, if you use browsers other than the above, you must follow the instructions of your own Internet browser to change the cookie-related preferences.

We also offer other ways to disable cookies at the following links:

Cesce may amend this Cookies Policy to take account of legislative or regulatory requirements or to make said Policy compliant with the instructions given by the Spanish Data Protection Agency. Users are therefore advised to periodically visit this pay to see the changes that have been made to them.