EN
ES CA EU

 Data Protection Clause for the provision of the vehicle inspection service.

Data Protection Clause for the provision of ITV services

Information on Data Protection
In compliance with the provisions of Article 13 of the General Data Protection Regulation (EU) 2016/679 (GDPR) and Organic Law 3/2018, of December 5, on the Protection of Personal Data and the guarantee of digital rights, we inform you of the following:

Data Controllers:
Your personal data will be processed by the entity of the TÜV Rheinland Group that provides the technical vehicle inspection service (hereinafter "ITV") and issues the corresponding invoice:

  • TÜV Rheinland Ibérica, S.A. (CIF A-78999612, Avda. de Burgos 114, Madrid), for services provided in Madrid, Murcia, and Castilla-La Mancha.
  • TÜV Rheinland Navarra, S.A. (CIF A-31236128, Polígono Industrial Mercairuña, Soto de Aizoain s/n, Pamplona, Navarra), in the Foral Community of Navarra.
  • TÜV Rheinland Certio, S.L.U. (CIF B-65081820, C/ Pau Vila, 22, 3rd Floor, Sant Cugat del Vallés, Barcelona), in Catalonia and the Balearic Islands.

Purposes and Legal Bases for Processing:

  • To manage your appointment request and the provision of the ITV inspection service (Art. 6.1.b GDPR: performance of the contract).
  • To process and manage online payments via bank card, which involves the communication of identifying and transaction data to financial entities and/or the corresponding payment gateway (Art. 6.1.b GDPR). TÜV Rheinland does not store complete card details under any circumstances.
  • To comply with the legal, tax, and accounting obligations derived from the service (Art. 6.1.c GDPR).
  • To send inspection reminders via electronic means and commercial communications regarding products and services similar to those contracted, based on legitimate interest (Art. 6.1.f GDPR and Art. 21.2 LSSI). You may object at any time by writing to dpr@es.tuv.com.
  • To carry out internal transfers within the TÜV Rheinland Group for administrative and management purposes, based on legitimate interest.

Data Recipients:

  • Competent public administrations in matters of traffic and industry, ENAC, Security Forces, Courts, and Tribunals, in compliance with legal obligations.
  • Financial entities and/or payment gateways for the management of online payments.
  • TÜV Rheinland Group companies for internal administrative purposes.

Retention Periods:
Data will be retained for the time necessary to provide the service and, subsequently, for the legally applicable periods (e.g., 6 years in commercial and tax matters).

Data Security:
Data processing is carried out using appropriate technical and organizational security measures, especially in online payment processes using encryption and in compliance with international security standards (PCI-DSS).

Rights of Data Subjects:
You may exercise your rights to access, rectify, erase, object, restrict, and port your data by proving your identity through a letter sent to the registered office of the responsible entity or via email to dpr@es.tuv.com, addressed to the Data Protection Officer (DPO).

Complaint to the Supervisory Authority:
If you believe that your rights have not been respected, you may file a complaint with the Spanish Data Protection Agency (www.aepd.es).

Additional Information:
For more details regarding the terms applicable to the provision of the service, you may consult our General Terms and Conditions of Purchase.