Privacy Policy

Privacy Policy

  1. Introduction

At the FUNDACIÓN CENTRO DE INVESTIGACIÓN COOPERATIVA EN ENERGÍAS ALTERNATIVAS  – CIC ENERGIGUNE FUNDAZIOA. (hereinafter CIC energiGUNE) we are committed to the protection of the privacy and correct use of the personal data that we process and that you provide to us, both online in this website and, where appropriate, any of its sub-domains and/or microsites, as well as off-line.

Please read this policy carefully and make sure you understand and agree with it before providing us with your personal data. If you do not agree with the policy, do not use this website or its services nor provide us with your data. By accessing this site, using any of its services, or providing us with your data, either online or off-line, we’ll understand it as a clear affirmative action that you give your consent (when necessary) to process your data for the purposes indicated hereafter.    

  1. Who is responsible for processing your data?


Postal address: C/ Albert Einstein 48 (01510) MIÑANO MAYOR ARABA Telephone: 945 297 108


  1. How did we obtain your data?

Obtained from the individual concerned:

If you are a current or potential customer, or simply a user of our website, or you have provided your curriculum to us, you have provided the data, either off-line or on-line, by requesting our services or contacting us for information, or, for example, if you provided the data to us by accessing our facilities as a visitor.

When you provide us with your personal data, you guarantee that you are enabled to provide this information and that the information is correct, truthful, accurate and up-to-date, that it is not confidential, that it does not violate any contractual restrictions or rights of third parties, and that you agree not to impersonate other users by using their registration data to the different services and/or contents of the website.

You have a responsibility to keep your data and your profile correct and up-to-date, such that CIC energiGUNE declines all responsibility if this is not the case.

Obtained automatically when you visit our website:

If you have provided us with the data through this website, or any of its sub-domains and/or microsites, we collect information, for example, when you complete any form with personal data, or when you communicate with us directly by email.

Data is sent from your browser to our server when you visit our website, to optimise our services and improve your user experience, for example, when you access the page or when you initiate a session with our services through third-party services such as social networks or Google. This data can be collected and stored automatically by us or by third parties on our behalf. This data may include:

  • the IP address of the user
  • the date and time of the visit
  • the URL of the site from which the user is operating
  • the pages visited on our website
  • information about the browser used (type and version of the browser, operating system, etc.).

We can process and register such uses, sessions, and related information, either independently or with the help of third-party services, including through the use of “cookies” and other tracking technologies such as flash cookies and web analytics.

Communication of data of the person concerned by a third party:

In the event that it is not the person concerned but a third party that provides us with the information, your data could have been communicated to us.

In these cases, the categories of data that we process can be: Identifying and contact data.

We do not process specially protected data.

Communication of third-party data by the person concerned:

With regard to the data of other people, you must respect their privacy and take special care when communicating or publishing their personal data. Only the owner may authorise the processing of his personal data. If you supply us with third-party data, it is your responsibility to have their prior and express consent to use and communicate it to us, and it is your responsibility to inform them of the processing of their data by us. The publication of third-party data without their consent may violate both the legislation on data protection, as well as the right to honour the privacy or image of such third parties. If you provide us with the personal data of third parties, you expressly guarantee, by the acceptance of this privacy policy, that you have the authorisation of the interested party for such provision, absolving us from any liability in the event of any claim by the interested party, responsibility assumed only and exclusively by whomever provided us the data on his behalf.

  1. Why do we process your data?

The data you provide us, as well as any other generated during the development of the contractual, precontractual, or commercial relationship, or any other that we maintain with you, can be processed by us for various purposes, for example:

If you are a current or potential customer: to maintain contact and communication with you and to manage the contractual and/or commercial relationship, including after-sales service and warranty.

If you are simply a user of our website, or the sender or recipient of an e-mail to handle requests that you make to us online, as well as to maintain contact and communication with you.

In both cases, to send you information about our activities and services (including advertising and/or commercial material pursuant to Art. 21 LSSICE 34/2002). The marketing and/or commercial communications that we send you by electronic means shall include, in the body of the communication, the option to stop receiving them. If you choose this option, we will not send you this type of communications in the future.

In the case of providing us with your curricular data or sending us your CV, to contact you and manage the selection processes that we offer.

In the case of access as a visitor to our facilities, to manage the access and control of visits.

  1. How long will we keep your data?

The personal data you provide us will be kept, in the case of current or potential customers and vendors, as long as the contractual or commercial relationship exists, and, once these are concluded, as long as the person concerned does not request its deletion, and, even when so requested, during the time required, with limited processing only, to comply with legal/contractual obligations to which we are subjected and/or during the legal periods foreseen for the prescription of any liability on our part and/or the exercise or defence of claims arising from the relationship with the person concerned.

If you are simply a user of the website, we will retain the data as long as you do not request us to delete them, and even when so requested, we will be able to keep them, limiting their treatment, only to comply with legal obligations and/or for the exercise or defence of claims.

If you are a possible candidate who has sent us your resume, we will keep them until you request their deletion, to be able to contact you for selection processes.

  1. What is the legitimacy for processing your data?

The legal basis which legitimises our treatment of your data can be diverse:

On the one hand, it can be the legal relationship that unites us if you are a current customer/supplier, or the offer, budget, application, or pre-contractual relationship of any kind between the parties if you are a potential customer/supplier.

It can also be your consent if you requested through our website in the case of being a simple user of the same or if you have sent us your CV. Such consent is unequivocally granted by providing us with your data online or off-line, considering said provision as a clearly affirmative act that expresses such consent. You will be able to withdraw such consent at any time by sending us an e-mail in this regard to, but such withdrawal does not condition treatment of your data for the rest of the purposes described.

The provision of the requested data is mandatory to be indispensable for the purposes outlined above; if you do not provide them, we will not be able to carry them out.

When you provide us with your data, you do so because you wish to maintain a relationship with us, either as a current or potential customer/supplier (by any manner: by phone, in person, online … you have provided your data to ask for information or for us to contact you), or as a user of our website …

Therefore, you can reasonably expect us to use them for this purpose in accordance with Assumption 47 of the RGPD (European General Regulation for the Protection of Personal Data 2016/679 of 27-4-2016) that provides a legal basis for our legitimate interest as an organisation to treat your data to:

  • Increase the link with our current customers to gain their loyalty or to attract the attention of potential customers who may be considering contracting our services at some moment, and, in any case, improving these services, broadcasting them, to adapt them as closely as possible to the changing needs of our current or potential customers or market; for this reason we want to maintain contact with you and inform you of our activities and/or services (including advertising and/or commercial communications pursuant to Art. 21 LSSICE 34/2002);
  • Conducting opinion and/or satisfaction surveys

In any case, we consider that the indicated treatment of your data is proportionate and signifies a minimal impact on your privacy, but your interests, rights, or freedoms will always prevail over our legitimate interest, such that, if you don’t want us to process your data for these purposes, please send us an e-mail in this regard to and we will comply, being able to keep them blocked for the preparation, exercise, or defence of claims. The withdrawal of your consent for processing your data for these purposes does not condition the treatment of your data for the other purposes described in the Privacy Policy.

  1. To what recipients will we be able to communicate your data?

We advise that the data you provide us may be communicated to third parties to comply with purposes directly related to the legitimate functions of assignor and assignee, such as:

To banks for the management of charges and payments.

To the entities or bodies to which there is a legal obligation to communicate data (Tax Administration…)

  1. International Data Transfers

We inform you that in the case that we use US suppliers, that may have access to personal data for the purpose of providing us with auxiliary services for our activity (accommodations, housing, software as a service, remote backup copies, support services or computer maintenance, managers of e-mail, sending of e-mails and e-mail marketing, file transfer, etc …) which companies may be different and vary over time but, in any case, we will choose companies adhering to the Privacy Shield Agreement between the USA and the EU, or belonging to countries that have been declared as countries with an adequate level of protection, which means that they undertake to comply with requirements equivalent to the Europeans regarding data protection. In any case, by accepting this data protection policy, you expressly and unequivocally authorise the communication of the data to these companies, knowing that this implies an international transfer of data to a country not belonging to the European Economic Area and giving your explicit consent to such transfer.

  1. Social networks

Our website has connectors to social networks. When you choose to interact with us through a social network, we cannot be responsible for the privacy configuration chosen by the user, such that the social network can report on your IP address or the page you are visiting on our website and establish a cookie to enable them to work properly, or, for example, your name will appear in the “likes” that you give or in the comments you make on our page on a social network. If you do not want your personal data associated with those “likes” or comments to be displayed, you must configure your privacy settings to prevent this, using pseudonyms for your data, for example using a “NIC” (Network Interface Card) or alias that does not disclose your name and surname.

If you start the session in one of these social networks during your visit to our website, the social network can add this information to your profile and that information will be transferred to the social network. If you don’t wish that data transfer, leave the session in the social network before entering our websites or mobile applications, because it is not in our power to influence this collection and transfer of data through the social connectors.

If the user decides to publish and/or share texts, photos, videos, or other information and/or content through our official page on a social network, he will be solely responsible that the content complies with the corresponding legal provisions. We remind you that, with regard to the data of other people, you must respect their privacy and take special care when communicating or publishing their personal data. Only the owner may authorise the processing of his personal data. The user will only be able to publish on this page, or our official page on social networks, personal data, photographs and information, or other contents whose ownership and property belonging to him or for which he has the consent of third parties. If you provide us or publish, third-party data, it is your responsibility to have their prior and express consent to use it, communicate it to us, and publish it, and it is your responsibility to inform them of the treatment of their data by us or its publication by you. The publication of third-party data without their consent may violate both the legislation on data protection, as well as the right to honour the privacy or image of such third parties.

In any case, we will be able to eliminate both from this web page as well as from our pages on social networks, any content published by the user when we detect that the user has violated the law, and as indicated in this Privacy Policy.

The social networks are not hosted directly in our services. Your interactions with them are governed by their policies and not by ours. Read the privacy policies of those social networks for detailed information on the collection and transfer of personal data, your rights, and regarding the configuration of your privacy.

  1. What are your rights when you provide us with your data?

Right of access: You can ask us what personal data we are processing and even ask us for a copy of them.

Right of rectification: You can ask us to correct inaccurate personal data or to complete those that are incomplete, including by presenting an additional statement.

Right of withdrawal (right of cancellation): You can ask us to delete your personal data when they are no longer necessary for the purposes for which they were collected, you withdraw consent, there has been an unlawful treatment of them, or for compliance with a legal obligation.

The right to limitation of treatment: You can ask us to limit the treatment of your data, in which case, we will only retain them for the exercise or defence of claims.

Right to the portability of the data: You can ask us to send you (or to a third party that you indicate) your personal data in a structured format, of common use and mechanically readable.

Right of opposition: You can oppose the treatment of your data if such treatment is based on the legitimate interest of the person responsible for the file or it is for advertising purposes.

To exercise all these rights, you can contact us by sending a signed written request, attaching, in any case, a copy of your DNI (tax ID), to the postal and/or e-mail address indicated in paragraph 2 of this Privacy Policy. In the event of a change in your data, you should advise it at the same address, such that the company declines all responsibility for failure to do so.

Once received any of the previous requests, we will respond to you within the legal deadlines.

You can make any claim to the Spanish Data Protection Agency. If you want more information about the rights you can exercise and to request models of the forms for the exercise of your rights you can visit the web page of the Spanish Data Protection Agency,

Scroll to top