Breadcrumb

Legal Texts

Privacy Policy
Cookies Policy
Security Policy
This LEGAL NOTICE regulates the use of all websites indicated in the section "CESCE WEBSITES" (hereinafter “the Websites”), property of COMPAÑÍA ESPAÑOLA DE SEGUROS DE CRÉDITO A LA EXPORTACIÓN, S.A. CÍA DE SEGUROS Y REASEGUROS (SME) (hereinafter Cesce) with registered office at calle Velázquez, no. 74 - 28001 Madrid, TIN A28264034, contact email: cesce@cesce.es and which was registered in the Commercial Registry of Madrid, under General Volume 597, Folio 1, Page M-12.777, Entry 157.

For its Insurance activity, Cesce is subject to the supervision of The Directorate General of Insurance and Pension Funds and registered in the Special Registry of Insurance Companies with No. C-516.

“The Websites” of Cesce offer information, access to content and news about company activities and, specifically, about products and services offered by Cesce.
Conditions of use of the Website

Use of “the Websites” gives one the status of a Portal user (hereinafter, the User) and implies acceptance of all the conditions included in this Legal Notice.

The User must read carefully read these provisions, to which use of the service is subject. Moreover, the User agrees to be subject to any other specific conditions, regulations and instructions notified by Cesce which, where appropriate, may replace, complete or amend these provisions and/or which regulate the use of “the Websites.” The User will bear all the expenses, costs and compensation that may be derived from proceedings against them due to breach of the provisions of this Legal Notice.

If you are not in agreement with the provisions of this Legal Notice, we ask that you do not use “the Websites.” Browsing on “the Websites” implies acceptance of the legal terms set out in this text.

The User must read carefully read these provisions, to which use of the service is subject. Moreover, the User agrees to be subject to any other specific conditions, regulations and instructions notified by Cesce which, where appropriate, may replace, complete or amend these provisions and/or which regulate the use of “the Websites.” The User will bear all the expenses, costs and compensation that may be derived from proceedings against them due to breach of the provisions of this Legal Notice.

If you are not in agreement with the provisions of this Legal Notice, we ask that you do not use “the Websites.” Browsing on “the Websites” implies acceptance of the legal terms set out in this text.

“The Websites” contain general information about the activities carried out and the services and products developed by Cesce. 
The User of “the Websites” undertakes to not use them or their contents contrary to the provisions of applicable current legislation.

The name and access password provided to the User to access certain services are personal and non-transferrable, for the exclusive use of the User and allow them to be properly identified, as well as access to the Portal or to certain services in it. The User undertakes to take the measures necessary to safeguard the confidentiality of their identification keys; they are solely responsible for appropriate use of them.

Website Contents

Cesce reserves the right to withdraw, suspend or amend access to “the Websites,” as well as an y of the content or services offered thereon and to the remaining elements of its “website,” without the need to give prior notice.

Cesce makes available to users a group of professionals responsible for updating and reviewing the veracity and integrity of the content of the information set out on “the Websites.” However, given the nature of the medium and the possible risk of service interruption, disruption of access or of the content of “the Websites” by third parties, CESCE excludes any liability that may arise from the content of its Websites.

Moreover, given the immense quantity of information and the fact that the data are obtained from third-party sources not controlled by Cesce, it accepts no liability for the opinions, assessments or comments, nor for possible errors, inaccuracies or omissions in the information contained in Cesce's Country Risk database and in the remaining services and, in particular, Cesce shall not be liable for any damage and/or harm, regardless of its nature, that the User may incur due to having trusted to the accuracy of the information contained on “the Websites.”

For these purposes, the User, by simply accessing and using “the Websites” declares that they have been warned and expressly accepts that the information contained on Cesce's Country Risk database and in the remaining content of “the Website” is an additional element among the various elements that the diligence of a reasonable trader recommends bearing in mind prior to taking business decisions, hence the User may decide freely whether or not to take it into consideration..

Data collection forms

Accessing and viewing certain information contained on “the Websites” may be conditional upon filling out the relevant form beforehand.

All the information the User provides through the forms on “the Websites” or through any other channels must be true and accurate, hence the User promises that all the data they provide is authentic and that they will keep the information fully up-to-date such that it reflects the real situation at all times; the User shall be solely liable for false or inaccurate statements they may make and for all the damage and harm that may be derived therefrom.

Cesce presents its data collection forms and "the Websites" according to the requirements introduced by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, on the protection of personal data (“GDPR”) as well as Organic Law 3/2018, of December 5, on Personal Data Protection and the guarantee of digital rights. The User can consult the “Privacy Policy” and the data protection policy both on those forms and on “the Websites.”

Access to and availability of the service

Access to “the Websites” does not imply the obligation on the part of the supplier to monitor the absence of viruses or any other harmful computer elements; it is the responsibility of the User to have appropriate tools to detect and remove them.

Access to “the Websites” requires services and supplies from third parties, including transport through telecommunications networks, for whose trustworthiness, quality, continuity and technical operation Cesce is not responsible. Therefore, the services provided through “the Websites” may be suspended, cancelled or inaccessible, prior to or simultaneous with the provision of the Portal’s service.

Cesce shall not be held liable for the damages and harm caused to the User due to faults or disconnections involving the suspension, cancellation or interruption of the Portal’s service while it is being provided or prior thereto.

Cesce’s websites

Cesce’s websites are:

  • cesce.es
  • cesce.com
  • cesceportugal.com
Applicable Law and Jurisdiction
This Legal Notice is governed in each and every detail by Spanish law. For any litigation derived from the existence, access to, use or content of “the Websites”, both the User and Cesce, expressly waiving their right to proceed in any other jurisdiction to which they may be entitled, will submit to the jurisdiction and exclusive competence of the Courts of Madrid (city).
If you are a User of the website

A. The data controller

Compañía Española de Seguros de Crédito a la Exportación, S.A., Compañía de Seguros y Reaseguros (SME), whose registered address is at calle Velázquez, 74, 28001, Madrid (Spain). Email address: cesce@cesce.es.
Moreover, you are informed that Cesce has a Data Protection Officer and that you may contact him through the following email address: dpd@grupocesce.es
You guarantee the veracity of the personal data provided to Cesce. Moreover, Cesce may periodically ask you to review and update the personal data on you that it holds.

B. Purposes and legitimate basis

Below is a description of the various purposes for which your personal data is processed and the legitimate basis for the processing:

i. Legitimacy due to application of pre-contractual measures:
Cesce will process your personal data provided on the Website with the sole purpose of processing your application and/or resolving the query made through the form..

ii. Legitimacy due to compliance with a legal obligation:
To facilitate the data subject’s exercise of their rights according to articles 15 to 22 of the GDPR and to process the application received within one month according to the GDPR, Organic Law 3/2018, of 5 December, on Protection of Personal Data and guarantee of digital rights and any other applicable personal data protection legislation.

iii. Express consent:
  • To carry out commercial and/or advertising actions or communications, by any means, including by means of electronic communications or equivalent about products or services offered by Cesce or third-party companies.
  • To send the newsletter of Cesce's Corporate Responsibility Blog

C. Data recipients

Your data will not be transferred to third parties.
 

D. International transfers

We inform you that Cesce may use service suppliers located outside the European Economic Area. In those cases, the company requires that said recipients comply with the measures designed to protect the personal data set out in a binding contract, except where the European Commission has determined that the company where the recipient is located offers an adequate level of protection of personal data. The Customer may obtain a copy of the measures required by Cesce by contacting the Data Protection Officer (“DPO”) at the address set out at the end of clause A


E.Storage of personal data

Your personal data will be stored for as long as the pre-contractual relationship between you and Cesce lasts.
Notwithstanding the foregoing, your data will be stored, duly blocked, while liability may be derived therefrom, as well as to comply with other legal obligations bearing upon Cesce.
In this regard, Cesce guarantees that it will not process the data except where necessary to make, bring or defend claims or when required to provide them to the Public Authorities, Judges and Courts during the statute of limitation of your rights and obligations.

F. Data protection rights

We inform you that in accordance with current legislation you have the right to exercise your rights of access, rectification, cancellation and to object, as well of erasure, restriction of processing and the right to the portability of your data, for which you must prove your identity (by means of a copy of your National ID Card or equivalent) at the following address: Compañía Española de Seguros de Crédito a la Exportación, S.A., Compañía de Seguros y Reaseguros (SME), calle Velázquez, 74, 28001, Madrid (Spain), or the following email address: dpd@grupocesce.es.

You can find more information about your rights from the Spanish Data Protection Agency, to which you have the right to submit a complaint if you believe that your rights have not been respected, located at calle Jorge Juan, 6, 28001, Madrid.
 
If you are an Applicant for Cesce products or services

A. The data controller

Compañía Española de Seguros de Crédito a la Exportación, S.A., Compañía de Seguros y Reaseguros (SME), whose registered address is at calle Velázquez, 74, 28001, Madrid (Spain). Email address: cesce@cesce.es.

Moreover, you are informed that Cesce has a Data Protection Officer and that you may contact him through the following email address: dpd@grupocesce.es..

You guarantee the veracity of the personal data provided to Cesce. Moreover, Cesce may periodically ask you to review and update the personal data on you that it holds.


B. Purposes and legitimate basis

Below is a description of the various purposes for which your personal data is processed and the legitimate basis for the processing::

i. Legitimacy due to application of pre-contractual measures:
  • a. To manage and assess an application for insurance or to manage the credit risk, including taking automated individual decisions by assessing and evaluating your personal data to determine whether to accept and/or refuse your application, according to article 22.2.a of Regulation (EU) 2016/679 on General Data Protection..
  • b.To specify, based on the information you provide, your demands and needs or those of the Company you represent, and to offer the insurance or credit risk management product or service best suited to meeting them.
ii. Legitimacy due to compliance with a legal obligation:
  • a. To assess, select and price risks linked to taking out the insurance according to article 99.1 of Law 20/2015, of 14 July, on the regulation, supervision and solvency of insurance and reinsurance companies.
  • b.To report information to public authorities, regulators or government bodies where required by law, local regulations or according to regulatory obligations..
  • c. To facilitate the data subject’s exercise of their rights according to articles 15 to 22 of the GDPR and to process the application received within one month according to the GDPR, Organic Law 3/2018, of 5 December, on Protection of Personal Data and guarantee of digital rights and any other applicable personal data protection legislation.
iii. Legitimacy based on Cesce’s legitimate interests:
  • a. Preventing possible fraud derived from taking out insurance, for which purpose actions may be taken that are reasonably necessary to detect the existence of potentially-fraudulent information, or of inaccurate, incorrect or inconsistent data..
  • b. Communication of the details of the policyholder, insured, beneficiary or third party that has suffered a loss to reinsurance entities when necessary to enter into a reinsurance contract in the terms set out in article 77 of Law 50/1980, of 8 October, on Insurance Contracts or the execution of related transactions
  • c. Looking up information about capital solvency and creditworthiness when necessary to judge the financial solvency of the affected party according to applicable regulations.
  • d. Communication their personal data to other companies in the Cesce Group for internal administrative purposes, including the processing of customers’ or employees’ personal data.
  • e. Processing the contact details of natural persons who provide services at a legal person (to maintain a relationship with the latter) and those related to individual businesspersons (as long as they refer to them in those terms). Only data necessary to establish your residence for professional purposes will be processed.
iv. Express consent:
  • a. To carry out commercial and/or advertising actions or communications, by any means, including by means of electronic communications or equivalent about products or services offered by Cesce or third-party companies.

C. Data recipients

Cesce may communicate your personal data in the terms set out in the foregoing section B. Purposes and legitimate basis of the following entities:

i. Cesce Group Companies

ii. Competent bodies and public authorities, when Cesce is legally obliged to provide them.

iii. Capital solvency and creditworthiness files.

iv. Reinsurance companies

v. Moreover, Cesce enjoys the collaboration of some third-party suppliers with access to your personal data and which process the aforementioned data for and on behalf of Cesce as a consequence of their provision of services, such as financial institutions, collection agencies, lawyers or insurance distributors.


D. Origin of the data

Cesce obtains your personal data from the following sources:

i. The information you provide to us in processing your request or at fairs, institutional activities or other events.

ii. Open sources of information, such as official journals and gazettes, public records or decisions made by the Public Authorities.

iii. Law Enforcement Agencies, Registers of Bodies and Institutions for detecting and preventing fraud.

iii. Law Enforcement Agencies, Registers of Bodies and Institutions for detecting and preventing fraud.
 

E. International transfers

We inform you that Cesce may use service suppliers located outside the European Economic Area. In those cases, the company requires that said recipients comply with the measures designed to protect the personal data set out in a binding contract, except where the European Commission has determined that the company where the recipient is located offers an adequate level of protection of personal data. The Customer may obtain a copy of the measures required by Cesce by contacting the Data Protection Officer (“DPO”) at the address set out at the end of clause A.


F. Storage of personal data

Your personal data will be stored for as long as the pre-contractual relationship between you or the Company you represent and Cesce lasts.

Once it is finished, your personal data will be erased as soon as all the actions necessary to manage and complete any obligation that may remain between the parties have been carried out, and in that period all the necessary paperwork will be done, except where you have given us your consent to send you commercial communication once the contractual relationship has ended.
Notwithstanding the foregoing, your data will be stored, duly blocked, while liability may be derived from the execution of the contract, as well as to comply with other legal obligations bearing upon Cesce.

In this regard, Cesce guarantees that it will not process the data except where necessary to make, bring or defend claims or when required to provide them to the Public Authorities, Judges and Courts during the statute of limitation of your rights and obligations.


G. Data protection rights

We inform you that in accordance with current legislation you have the right to exercise your rights of access, rectification, cancellation and to object, as well of erasure, restriction of processing and the right to the portability of your data, for which you must prove your identity (by means of a copy of your National ID Card or equivalent) at the following address: Compañía Española de Seguros de Crédito a la Exportación, S.A., Compañía de Seguros y Reaseguros (SME), calle Velázquez, 74, 28001, Madrid (Spain), or the following email address: dpd@grupocesce.es.

You can find more information about your rights from the Spanish Data Protection Agency, to which you have the right to submit a complaint if you believe that your rights have not been respected, located at calle Jorge Juan, 6, 28001, Madrid.
If you’re a Customer

A. Who is the data controller in relation to your personal data?

Compañía Española de Seguros de Crédito a la Exportación, S.A., Compañía de Seguros y Reaseguros (SME) (hereinafter, Cesce), with its registered address at Calle Velázquez, 74, 28001, Madrid (Spain). Email address: cesce@cesce.es.

Additionally, Cesce has a Data Protection Officer (DPO) you can contact at the following email address: dpd@grupocesce.es.

Our customers must guarantee the accuracy of all data provided to Cesce, in addition to ensuring said data complies with the personal data protection regulations when communicating personal data to Cesce, both their own data and that of third parties -companies and business owners- they do business with that is covered by the insurance. We may periodically ask you to review and update the data provided. 

B. For what purpose do we process your data and under what lawful basis?

The various purposes and lawful bases of the processing are indicated below:

i.    Execution of the contract signed with Cesce:
  • To formalise the insurance contract, in addition to managing, maintaining and controlling the contractual relationship. Processing operations include the verification of the operations insured, the consultation of credit information systems on behalf and in the interest of insured parties for analysis and monitoring of the credit risk and also credit management and collection claims, for both insured credit amounts and uninsured credit amounts. They also include the management of queries and complaints received by the customer service department, in addition to the collection of premiums and expense invoices, and the processing of coverage requests and all modifications to the Policy.
  • To perform the necessary verifications and investigations to determine, and, if applicable, pay compensation to the policyholder, insured party or beneficiary, as applicable.
  • To conduct the necessary communications concerning the products and services provided or marketed by Cesce in the framework of this contract, with the aim of informing you on their situation and the tools that Cesce places at your disposal.

ii. Compliance with a legal obligation:
  • To prevent possible fraud in the framework of the insurance or the trade operations to be insured and detect the existence of irregular operations, potentially fraudulent information or inaccurate, incorrect, inconsistent data according to the applicable legislation. To this end, the processing operations include the verification of the documentation and data in relation to the transaction and parties involved and linked thereto. Additionally, we may send you preventive and informative communications to inform you of fraud operations of third parties.
  • To consult lists of sanctions and PEPs (Politically Exposed Persons) and perform other regulatory compliance verifications.
  • To manage the resolution of complaints and conflicts that may arise between policyholders, insured parties or beneficiaries or between any of them and Cesce according to the applicable legislation.
  • To comply with commercial, company, tax and any other type of obligation imposed by the supervisory bodies and competent authorities, including the notification of information to said bodies and authorities when required to do so by the authorities or for compliance with a legal obligation.
  • To keep the accounting ledgers required by the Code of Commerce and other provisions that may apply, as well as records of accounts, accidents, technical provisions, investments, reinsurance contracts and policies, supplements and cancellations issued, in accordance with the applicable legislation.
  • To assist the interested party in exercising their rights and process the request received within the established time frame, in accordance with that set out in the applicable legislation on the subject of data protection.

iii. Legitimate interest of Cesce:
  • To carry out sales and/or advertising actions or communications through any means, including through electronic or equivalent communications, in relation to products or services similar to those contracted by you or the Company you represent with Cesce, in accordance with the applicable legislation.
  • To find out your degree of satisfaction with the service received or product contracted, in order to be able to assess the quality thereof and improve Cesce's processes and services. This includes, amongst others, the conducting of surveys, invitations to participate in focus groups, Country Risk conferences and the recording of telephone calls. 
  • To process the professional contact details of natural persons who work for legal entities in order to maintain a relationship with said entity, and in relation to individual business owners, provided they refer to them as such
For processing based on legitimate interest, Cesce has weighed up the different interests and concluded that its interest prevails over the rights and liberties of the interested party. For more information on said process or to exercise your right of opposition to said processing, please contact the Data Protection Officer at dpd@grupocesce.es.

iv. Express consent
  • To conduct sales and/or advertising actions or communications, including after the termination of the contractual relationship, through any means, including electronic means, in relation to products or services other than those contracted with Cesce, whether offered by Cesce or other entities in the Cesce Group or by third parties that are supplementary to the insurance and the management of the credit risk.

C. Who do we share the information with?

Cesce may communicate the personal data under the terms described in section B. For what purpose do we process your data and under what lawful basis?, above.
  • Cesce Group companies.
  • Regulatory and supervisory bodies, such as the competent judicial and administrative authorities and other bodies, including the State's Security Forces, mediation institutions, arbitrators and arbitration courts, when Cesce is required to do so or has a duty to communicate such data.
  • Credit information systems.
  • Reinsurance and financial entities.
  • Advisors and auditors.
  • Additionally, Cesce benefits from the collaboration of third party service providers, such as collections agencies, lawyers and insurance distributors, who may have access to your personal data and process this on behalf of Cesce as a result of the provision of services. 
Said communications will be carried out when necessary to comply with a legal obligation, when of legitimate interest to Cesce or to manage the contractual relationship and the credit risk in the framework of the insurance contract.

D. What information do we process and where does it come from? 

The data we will process includes the following categories:
  • Legal entities: If you are the point of contact or representative of a legal entity customer, your identification and contact details, such as your full name, position, telephone number, email, postal address and signature will be processed. Additionally, other personal data, such as your date and country of birth, details of the communication exchanges with you, information on the faculties granted to you and on the entity you are linked to may also be processed.
  • Individual business owners and freelancers: In addition to the aforementioned identification details, contact details and other personal data, we will also process the bank details required for the setting up of direct debits and managing payments. Additionally, we may also process sales and financial information both in relation to the insurance relationship with Cesce and to the commercial relationship with your own customers covered by the insurance, as well as other contractual, economic and financial, tax and solvency information. 
Cesce obtains your personal data from the following sources:
  • The information you provide to us at fairs, during institutional activities and other events, that provided when formalising the contract and the execution of the Policy for the assessment and taking on of the risks, establishing of premiums, processing of incidents with your customers -companies or business owners- and during collections management. 
  • Publicly available information sources, such as newspapers or official gazettes, public records, Public Administration decisions and infomediary companies such as Informa D&B.
  • State Security Bodies and Forces, Records of Organisations and Institutions for the detection and prevention of fraud and lists of international sanctions or politically exposed people. 

E. International data transfer

Cesce may use service providers located outside of the European Economic Area. In these cases, Cesce requires said recipients (data processors) to comply with the appropriate measures and obligations to protect the personal data they have access to for the provision of the services, which are established in a binding contract.

Likewise, in such cases, except in the circumstances in which the European Commission should have determined that the recipient's country provides an adequate level of personal data protection, standard contractual clauses approved by said Commission are used to legitimate the international transfer of data.

For more information in this respect, please contact our Data Protection Officer at dpd@grupocesce.es.

F. Retention of personal data

Your personal data will be kept throughout the duration of the contractual relationship with Cesce, as well as for the necessary period of time to comply with Cesce's legal and contractual obligations. The data processed based on Cesce's legitimate interest will be kept for as long as necessary to comply with the purposes for which it was collected and, in any case, for as long as the legitimate interest continues to exist, until you exercise your right of opposition.

Once said periods have elapsed, the data will be kept in blocked mode, preventing its processing, except for provision to Judges and Courts, the Tax Authorities or the competent Public Administration bodies, in particular the data protection authorities, due to the requirement of possible liability arising from said processing and only for the corresponding statute of limitations period.

G. Data protection rights

In accordance with current legislation, you have the following rights in relation to the processing of your personal data.
  • Right of access: you can request confirmation as to whether or not Cesce is processing your personal data and, if applicable, access said data.
  • Right of rectification: you can request the rectification or modification of your personal data when this is inaccurate or incomplete.
  • Right of opposition: you can oppose the processing of your personal data for reasons related to your particular situation when the lawful basis for the processing is Cesce's legitimate interest. In this case, we will process your request, unless Cesce's legitimate interest continues to be considered valid, or if Cesce can show evidence of overriding legitimate reasons to continue the processing, in particular to establish, exercise or defend against legal action.
  • Right of erasure or the right to be forgotten: we will process your request unless Cesce has an obligation to retain the data by law or if the data is needed to establish, exercise or defend itself against legal action or where other legitimate interests prevail.
  • Right to limit the processing of data: you can exercise this right when the inaccuracy, legality or need to process the data is doubtful, in which case we can keep the data in blocked mode for the exercising of or defence against legal action.
  • Right to the portability of your data: you can request to receive the personal data you provided in electronic format or for this to be transferred to another entity.
  • Right to withdraw, at any time, the consent you gave us previously to authorise the processing of your data for a specific purpose.
In order to correctly process your requests to exercise your rights, Cesce may request additional information that may be necessary to this end and in order to verify your identity, if there is reasonable doubt in this respect, in addition to asking you to identify, if applicable, the company your personal data is linked to.

You can exercise your rights through the following channels:
  • By post: Compañía Española de Seguros de Crédito a la Exportación, S.A., Compañía de Seguros y Reaseguros (SME), Calle Velázquez, 74, 28001, Madrid (Spain). FAO Data Protection Officer 
  • Email: dpd@grupocesce.es, indicating "Data Protection" in the subject line.
You can contact the Spanish Data Protection Agency (www.aepd.es), located in Calle Jorge Juan, 6, 28001, Madrid, to which you have the right to submit a claim, particularly if you consider that your rights have been violated. 
If you are a Third Party Participant in Cesce Policies with its Customers

A. Who is the data controller in relation to your personal data? 

Compañía Española de Seguros de Crédito a la Exportación, S.A., Compañía de Seguros y Reaseguros (SME) (hereinafter, Cesce), with its registered address at Calle Velázquez, 74, 28001, Madrid (Spain). Email address: cesce@cesce.es.

Additionally, Cesce has a Data Protection Officer (DPO) you can contact at the following email address: dpd@grupocesce.es.

Our customers must guarantee the truthfulness of all the data provided to Cesce, and are responsible for complying with the data protection regulations in providing Cesce with the data of third party participants -companies and business owners- with which they are interested in having coverage for their commercial operations subject to credit. 

B. For what purpose do we process your data and under what lawful basis?

The various purposes and lawful bases of the processing are indicated below:

i.    Compliance with a legal obligation:
  • To prevent possible fraud in the framework of the insurance or the trade operations to be insured and detect the existence of irregular operations, potentially fraudulent information or inaccurate, incorrect, inconsistent data according to the applicable legislation. To this end, the processing operations include the verification of the documentation and data in relation to the transaction and parties involved and linked thereto. 
  • To consult lists of sanctions and PEPs (Politically Exposed Persons) and perform other regulatory compliance verifications.
  • To manage the resolution of complaints and conflicts that may arise between policyholders, insured parties or beneficiaries or between any of them and Cesce according to the applicable legislation.
  • To comply with commercial, company, tax and any other type of obligation imposed by the supervisory bodies and competent authorities, including the notification of information to said bodies and authorities when required to do so by the authorities or for compliance with a legal obligation.
  • To keep the accounting ledgers required by the Code of Commerce and other provisions that may apply, as well as records of accounts, accidents, technical provisions, investments, reinsurance contracts and policies, supplements and cancellations issued, in accordance with the applicable legislation.
  • To assist you in exercising your rights and process the request received within the established timeframe, in accordance with that set out in the applicable legislation on the subject of data protection.
  • To inform you on the data processing we carry out.
ii. Legitimate interest of Cesce:
  • To assess the viability of granting coverage of commercial operations with postponed payment carried out by our insured parties with their customers -companies and individual business owners-, including the consultation of credit information systems on behalf of the insured parties for the analysis and monitoring of the credit risk. In this respect, the legitimate interest sought by Cesce and our insured customers is to guarantee the economic security of the operations and contribute to generating confidence in the market, so that the service providers insured by Cesce can operate with their customers -companies and business owners- with insurance backing. 
  • To commercially verify the sales transaction, manage the credit risk and claim the collection of the credit in the framework of the contract signed between Cesce and the insured party, proceeding to process the incident communicated by our customers, for which reason Cesce, itself or through lawyers or collaborating agencies, may file extrajudicial and/or judicial claims for unpaid credit.
  • To assess and, if applicable, underwrite the credit risk, determining the premium and tariffing of the risk.
For processing based on legitimate interest, Cesce has weighed up the different interests and concluded that its interest prevails over the rights and liberties of the interested party. For more information on said process or to exercise your right of opposition to said processing, please contact the Data Protection Officer at dpd@grupocesce.es.

C. Who do we share the information with?

Cesce may communicate the personal data under the terms described in section B. For what purpose do we process your data and under what lawful basis?, above, to:
  • Cesce Group companies.
  • Regulatory and supervisory bodies, such as the competent judicial and administrative authorities and other bodies, including the State's Security Forces, mediation institutions, arbitrators and arbitration courts, when Cesce is required to do so or has a duty to communicate such data.
  • Credit information systems.
  • Reinsurance and financial entities.
  • Advisors and auditors.
  • Additionally, Cesce benefits from the collaboration of third party service providers, such as collections agencies, lawyers and insurance distributors, who may have access to your personal data and process this on behalf of Cesce as a result of the provision of services. 
Said communications will be carried out when necessary to comply with a legal obligation, when in Cesce's legitimate interest or to manage the credit risk in the framework of the insurance contract signed with our customer.

D. What information do we process and where does it come from? 

The data we will process includes the following categories:
  • Legal entities: If you are the point of contact or representative of a legal entity client of our insured parties, your identification and contact details, such as your full name and position and corporate telephone number, email and postal address. Likewise, your personal data, such as details of the communication maintained with you and details of your representation of the entity you are linked to, may also be processed.
  • Individual business owners and freelancers.  If you are a freelancer customer of one of our insured parties, in addition to the identification and contact details mentioned above, we will also process the commercial and financial information in relation to the commercial relationship with our insured parties, details of payment behaviour and other contractual, economic, financial and solvency information -including that obtained from credit information systems we access, on behalf of and in the interests of our insured parties, to assess and follow the credit risk of the operations with postponed payment that our insured parties want to carry out with you with insurance backing.
Cesce obtains your personal data from the following sources:
  • The information our insured parties provide to Cesce during contracting and during the execution of the insurance contract and for the management of credit risk.
  • Open information sources, such as newspapers or official gazettes, public records, Public Administration decisions and infomediary companies such as Informa D&B.
  • State Security Bodies and Forces, Records of Organisations and Institutions for the detection and prevention of fraud and lists of international sanctions or politically exposed persons.
  • Credit information systems.

E. International data transfer

Cesce may use service providers located outside of the European Economic Area. In these cases, Cesce requires said recipients (data processors) to comply with the appropriate measures and obligations to protect the personal data they have access to for the provision of the services, which are established in a binding contract.

Likewise, in such cases, except in the circumstances in which the European Commission should have determined that the recipient's country provides an adequate level of personal data protection, standard contractual clauses approved by said Commission are used to legitimate the international transfer of data.

For more information in this respect, please contact our Data Protection Officer at dpd@grupocesce.es.

F. Retention of personal data

Your personal data will be kept until all the necessary action to manage the credit risk has been taken, and for as long as may be necessary for the fulfilment of Cesce's legal obligations or for as long as may be necessary for the fulfilment of obligations in the framework of the insurance contract maintained with our customer. The data processed based on Cesce's legitimate interest will be kept for as long as necessary to comply with the purposes for which they were collected and, in any case, while the legitimate interest continues to exist, without detriment to the exercising of your right of opposition.

Once said periods have elapsed, the data will be kept in blocked mode, preventing its processing, except for provision to Judges and Courts, the Tax Authorities or the competent Public Administration bodies, in particular the data protection authorities due to the requirement of possible liability arising from said processing and only for the corresponding statute of limitations period.

G. Data protection rights

In accordance with current legislation, you have the following rights in relation to the processing of your personal data.
  • Right of access: you can request confirmation as to whether or not Cesce is processing your personal data and, if applicable, access said data.
  • Right of rectification: you can request the rectification or modification of your personal data when this is inaccurate or incomplete. 
  • Right of opposition: you can oppose the processing of your personal data for reasons related to your particular situation when the lawful basis for the processing is Cesce's legitimate interest. In such case, bear in mind that we cannot grant your request if Cesce's legitimate interest continues to be considered valid; or if Cesce has overriding legitimate reasons to continue the processing, in particular to establish, exercise or defend against legal action, or due to the existence of risks and coverage already taken on by Cesce in the framework of the credit insurance with our insured parties or the existence of payment incidents or other incidents communicated by our insured parties.
  • Right of erasure or the right to be forgotten: we will grant your request unless Cesce has an obligation to retain the data by law or if the data is needed to establish, exercise or defend itself against legal action or where other legitimate interest prevails. 
  • Right to limit the processing of data: you can exercise this right when the inaccuracy, legality or need to process the data is doubtful, in which case we can keep the data in blocked mode for the exercising of or defence against legal action.
  • Right to the portability of your data: you can request to receive the personal data you provided in electronic format or for this to be transferred to another entity.
  • Right to withdraw, at any time and without retroactive effect, the consent you gave us previously to authorise the processing of your data for a specific purpose.
In order to correctly process your requests to exercise your rights, Cesce may request additional information that may be necessary to verify your identity, if there is reasonable doubt in this respect, in addition to asking you to identify, if applicable, the company your personal data is linked to.

You can exercise your rights through the following channels:
  • By post: Compañía Española de Seguros de Crédito a la Exportación, S.A., Compañía de Seguros y Reaseguros (SME), Calle Velázquez, 74, 28001, Madrid (Spain). FAO Data Protection Officer 
  • Email: dpd@grupocesce.es, indicating "Data Protection" in the subject line.
You can contact the Spanish Data Protection Agency (www.aepd.es), located in Calle Jorge Juan, 6, 28001, Madrid, to which you have the right to submit a claim, particularly if you consider that your rights have been violated.
If you are looking for work

In accordance with that set out in the regulations on data protection, you are hereby informed that COMPAÑÍA ESPAÑOLA DE SEGUROS DE CRÉDITO A LA EXPORTACIÓN, S.A. CÍA DE SEGUROS Y REASEGUROS (SME) (hereinafter, "Cesce"), with its registered address in Calle Velázquez, no. 74 - 28001 Madrid, will process the personal data you have provided, any data you may provide during any personal interview and any that Cesce may collect from employment portals or social networks of a professional nature, for the sole purpose of managing your possible participation in the various selection processes Cesce may carry out.

The data requested during the selection process will be that strictly necessary for the management and processing thereof, for which reason failure to provide it will imply that we are not able to consider you as a candidate. 

The processing of your data is based on your consent which you have provided, through a clear affirmative action, in sending us your CV and/or voluntarily participating in any of our selection processes. 

Additionally, we inform you that in application of the rules established in article 106 of Law 40/2015, of 1 October, on the Legal System for the Public Sector and that established in the Law on General State Budgets valid for each financial year, it may be necessary to publish the list of those accepted for the processes and the scores obtained, in compliance with our legal obligations. 

You guarantee the veracity of the personal data provided to Cesce. Furthermore, Cesce may periodically request the review and update of the personal data held on you. 

If you send us your CV spontaneously, we will keep your data for a maximum period of 12 months from receipt. Notwithstanding, if you are accepted into any selection process under way with Cesce, your data will be kept for 18 months once said process has finished. Nonetheless, your personal data will remain in blocked mode for the statute of limitations period that Cesce must comply with.

In the event that the candidate is hired, the data will be kept in accordance with that set out in the Employee Data Protection clause.

You may withdraw your consent at any time. You can also exercise your rights of access, rectification, erasure, restricted processing and opposition, as well as the right to the portability of your data and not being subject to automated decisions, through a request addressed to COMPAÑÍA ESPAÑOLA DE SEGUROS DE CRÉDITO A LA EXPORTACIÓN, S.A. CÍA DE SEGUROS Y REASEGUROS (SME), Calle Velázquez, no. 74 - 28001 Madrid, or via email to dpd@grupocesce.es. 

You can contact our Data Protection Officer at the address dpd@grupocesce.es.
Likewise, you can submit a complaint, particularly if you consider that your rights have been violated, addressed to the Spanish Data Protection Agency, located in Calle Jorge Juan, 6, 28001, Madrid.

Transparency

In accordance with that set out in the data protection regulations, you are hereby informed that COMPAÑÍA ESPAÑOLA DE SEGUROS DE CRÉDITO A LA EXPORTACIÓN, S.A. CÍA DE SEGUROS Y REASEGUROS (SME) (hereinafter “Cesce”) with address in Calle Velázquez, no. 74 - 28001 Madrid, will process the personal data you provide us with, for the purpose of managing and processing your request to access the public information, under Law 19/2013, of 9 December, on Transparency, Access to Public Information and Good Governance, the lawful basis for said processing being compliance with Cesce's legal obligation.

Cesce will keep your data for the necessary period to process your request and, once this is resolved, for the statute of limitations period of any responsibility that may arise therefrom. Your data will not be subject to transfer to any third country or international organisation, nor will it be communicated to third parties, except to comply with legal obligations.

You can request access to, rectification, erasure or restricted processing of your personal data by contacting dpd@grupocesce.es in writing, indicating “TRANSPARENCY” in the email.
Likewise, if you consider that your personal data has not been processed in accordance with the data protection regulations, you can contact the Data Protection Officer at dpd@grupocesce.es, in addition to obtaining more information on your rights by contacting the Spanish Data Protection Agency, to which you can submit a claim in the event that you consider that your rights have not been respected, located in Calle Jorge Juan, 6, 28001, Madrid.

"The website https://www.cesce.es (hereinafter, the “Website”), is property of COMPAÑÍA ESPAÑOLA DE SEGUROS DE CRÉDITO A LA EXPORTACIÓN, S.A. CÍA DE SEGUROS Y REASEGUROS (SME) (hereinafter, the “Owner”). In compliance with the duty of disclosure stipulated in section 2 of article 22 of Law 34/2002, of 11 July, on Information Society Services and Electronic Commerce, the purpose of this cookies policy is to inform users about the cookies used on the Website in a clear and precise way."

What are cookies and what are they for?

Cookies are small files that are downloaded into your computer when you access certain websites. They serve, among other purposes, to store and recover information about a user’s browsing habits or about their machine and to improve their browsing experience.
What cookies does Cesce use?
  • Google Analytics: It makes it possible to know Websites visited, browsing time, the website leading to the website and searches made, to be able to prepare statistical reports about how users find the website, how they use it and whether it works properly.
  • Hotjar: It makes it possible to know the device and resolution, operating system, browser, IP (encrypted), URL, pages visited, country, data, time of access, duration of the visit and language, in order to obtain heat maps to see the most-clicked areas of the website or where the mouse pointer is placed most often.
  • Google Tag Manager: It allows configuration, testing, launch of third-party vendor tags to a digital property whose purpose is managing site code without the need for IT.
  • Google Doubleclick:  Google DoubleClick uses cookies to improve advertising. They are usually used for targeting advertising according to the content that is relevant to each user, improving campaign performance reviews and avoiding displaying adverts that users have already seen..
  • Adwords: Allows for the management of searches, display and video in order to offer the user ads according to their interests.
  • Teads: Allows for the management of video campaigns in the main publishing groups, seeking to offer ads according to their interests..
  • Facebook: It is a social network that uses analytical and technical cookies to share content on its social network. You can read this service’s cookies policy at https://www.facebook.com/help/cookies/?ref=sitefooter
  • Linkedin: It is a social network that uses cookies that make it possible to manage advertising campaigns on Linkedin.
  • Youtube: Some of our pages contain embedded YouTube videos. See YouTube’s cookies policy.
What cookies does CESCE use?
  • Google Analytics: It makes it possible to know Websites visited, browsing time, the website leading to the website and searches made, to be able to prepare statistical reports about how users find the website, how they use it and whether it works properly.
  • Hotjar: It makes it possible to know the device and resolution, operating system, browser, IP (encrypted), URL, pages visited, country, data, time of access, duration of the visit and language, in order to obtain heat maps to see the most-clicked areas of the website or where the mouse pointer is placed most often.
  • Google Tag Manager: It allows configuration, testing, launch of third-party vendor tags to a digital property whose purpose is managing site code without the need for IT.
  • Google Doubleclick:  Google DoubleClick uses cookies to improve advertising. They are usually used for targeting advertising according to the content that is relevant to each user, improving campaign performance reviews and avoiding displaying adverts that users have already seen..
  • Adwords: Allows for the management of searches, display and video in order to offer the user ads according to their interests.
  • Teads: Allows for the management of video campaigns in the main publishing groups, seeking to offer ads according to their interests..
  • Facebook: It is a social network that uses analytical and technical cookies to share content on its social network. You can read this service’s cookies policy at https://www.facebook.com/help/cookies/?ref=sitefooter
  • Linkedin: It is a social network that uses cookies that make it possible to manage advertising campaigns on Linkedin.
  • Youtube: Some of our pages contain embedded YouTube videos. See YouTube’s cookies policy.
How can I disable Cookies?

You have the possibility to revoke at any time the consent given for the use of cookies by configuring the control panel, as well as to restrict, block or delete cookies by configuring the options of your Internet browser. All modern browsers allow you to change your cookie settings. These settings are usually found in the 'Options' or 'Preferences' menu of your browser.

Below we show you how to do it:Internet Explorer

  • Tools -> Internet Options -> Privacy -> Settings..
  • For more information, you can consult Microsoft support or click Help on your browser.

Firefox

  • Tools -> Options -> Privacy -> History -> Personalised Settings..
  • For more information, you can consult Mozilla support or click Help on your browser.

Chrome

  • Chrome: Settings -> Show advanced options -> Privacy -> Content settings.
  • For more information, you can consult Google support or click Help on your browser.

Safari

  • Preferences -> Security.
  • For more information, you can consult Apple support or click Help on your browser.

Bear in mind that these browsers are subject updates or modifications, we cannot guarantee that the foregoing information exactly fits your browser version. Likewise, if you use browsers other than the above, you must follow the instructions of your own Internet browser to change the cookie-related preferences.

We also offer other ways to disable cookies at the following links:

Cesce may amend this Cookies Policy to take account of legislative or regulatory requirements or to make said Policy compliant with the instructions given by the Spanish Data Protection Agency. Users are therefore advised to periodically visit this pay to see the changes that have been made to them.

How can I disable Cookies?

You have the possibility to revoke at any time the consent given for the use of cookies by configuring the control panel, as well as to restrict, block or delete cookies by configuring the options of your Internet browser. All modern browsers allow you to change your cookie settings. These settings are usually found in the 'Options' or 'Preferences' menu of your browser.

Below we show you how to do it:Internet Explorer

  • Tools -> Internet Options -> Privacy -> Settings..
  • For more information, you can consult Microsoft support or click Help on your browser.

Firefox

  • Tools -> Options -> Privacy -> History -> Personalised Settings..
  • For more information, you can consult Mozilla support or click Help on your browser.

Chrome

  • Chrome: Settings -> Show advanced options -> Privacy -> Content settings.
  • For more information, you can consult Google support or click Help on your browser.

Safari

  • Preferences -> Security.
  • For more information, you can consult Apple support or click Help on your browser.

Bear in mind that these browsers are subject updates or modifications, we cannot guarantee that the foregoing information exactly fits your browser version. Likewise, if you use browsers other than the above, you must follow the instructions of your own Internet browser to change the cookie-related preferences.

We also offer other ways to disable cookies at the following links:

Cesce may amend this Cookies Policy to take account of legislative or regulatory requirements or to make said Policy compliant with the instructions given by the Spanish Data Protection Agency. Users are therefore advised to periodically visit this pay to see the changes that have been made to them.

How can I disable Cookies?

You have the possibility to revoke at any time the consent given for the use of cookies by configuring the control panel, as well as to restrict, block or delete cookies by configuring the options of your Internet browser. All modern browsers allow you to change your cookie settings. These settings are usually found in the 'Options' or 'Preferences' menu of your browser.

Below we show you how to do it:Internet Explorer

  • Tools -> Internet Options -> Privacy -> Settings..
  • For more information, you can consult Microsoft support or click Help on your browser.

Firefox

  • Tools -> Options -> Privacy -> History -> Personalised Settings..
  • For more information, you can consult Mozilla support or click Help on your browser.

Chrome

  • Chrome: Settings -> Show advanced options -> Privacy -> Content settings.
  • For more information, you can consult Google support or click Help on your browser.

Safari

  • Preferences -> Security.
  • For more information, you can consult Apple support or click Help on your browser.

Bear in mind that these browsers are subject updates or modifications, we cannot guarantee that the foregoing information exactly fits your browser version. Likewise, if you use browsers other than the above, you must follow the instructions of your own Internet browser to change the cookie-related preferences.

We also offer other ways to disable cookies at the following links:

Cesce may amend this Cookies Policy to take account of legislative or regulatory requirements or to make said Policy compliant with the instructions given by the Spanish Data Protection Agency. Users are therefore advised to periodically visit this pay to see the changes that have been made to them.