The aim of this document is to inform Documentation Sacyr website users about the processing of personal data that is carried out while browsing through its pages.

1. Ownership of the Website

Sacyr, S.A. holds the ownership of the Website, with registered office at C/ Condesa de Venadito 7, 28027 Madrid. You may contact our Data Protection Delegate here: dpo@sacyr.com.

2. Data collected and purposes of the processing

By just accessing the Service, Sacyr collects the IP address and other data related to the connection and its origin. The IP address is a code that identifies the user's Internet connection at a specific time. Only the user's Internet access provider is able to identify the subscriber who was assigned an IP address at a specific time. Due to the very nature of the server that supports the Service, the IP address of the user is automatically registered along the date and time of access.

Sacyr shall process the data collected in the Ethics Channel section that users provide throught the form created for that proposal to manage and investigate the query or complaint made. The personal data of said users that we shall process are: name, surnames, e-mail and telephone number, between others and optionally those marked as optional when the user wants freely fulfil.

Finally, in the case of suppliers, through the Providers Access section, users may use our tool to quickly and easily solve all the procedures related to Sacyr, since this portal is the solution that Sacyr facilitates to manage telematic invoices, costs savings and comply with current legislation. Providers Access are only available for Sacyr providers, so the company shall process the personal data of suppliers in order to carry out activities related to access management.

3. Legal basis of processing

User consent expressed through the sending of a consultation or complaint through the form established for this end, together with the need for processing for the maintenance or fulfillment of a legal base, the consent and the public interest, are the bases that legitimize this processing.

Sacyr shall process the data of the suppliers' representatives including Providers Access based on the performance of the contract that we hold with the supplier.

In the event of express consent from the users, Sacyr shall send commercial communications by email or other means of electronic communication.

4. Recipients of data and international transfers.

Your personal data may be transferred to Administrations, Authorities and Public Organizations, including Courts and Tribunals, when required by applicable regulations.

Similarly, Sacyr has collaborators who provide services, such as IT and web maintenance companies, legal services and administrative agencies that, in connection with the provision of their services, access Sacyr's personal data.

Sacyr carries out a selection and control of these third parties with which it has signed data protection agreements, through which they undertake to follow a series of obligations in terms of data protection. Other than the above assumptions, Sacyr does not communicate your personal data to any additional third party. In the event that any of our service providers or computer systems are located outside the EU, Sacyr shall adopt all measures that are applicable in accordance with the regulations designed to ensure the proper management of the data.

5. Storage of personal data

Personal data shall be kept for the period of time during which any legal liability may arise (that is, up to the prescription of liability that may arise from the regulations applicable to each pack of data. ).

6. Rights of users regarding data protection.

Users can exercise their rights of access, rectification, deletion, opposition, limitation of processing and portability, as well as revoke the consent given, regarding the processing for which Sacyr, S.A. is responsible by writing to the person responsible, accrediting their identity, to the following address: Condesa de Venadito 7, 28027, Madrid or by sendong an email to protecciondedatos@sacyr.com, identifying yourself properly as a user of this website, and specifying your request. Should users want more information or consider that their right to data protection has been breached, they may contact the Spanish Agency for Data Protection (www.aepd.es) or the Sacyr Data Protection Delegate .

7. Security measures

Sacyr has adopted all the necessary security measures to ensure the integrity, security and storage of personal data stored in their systems, in accordance with the provisions of current legislation on data protection, recognizing and appreciating the importance of the responsible use of the information herein. 8. Additional Information Should the users have any questions about the information contained in our Privacy Policy, please send an email to: dpo@sacyr.com.