Jose Gisbert

PRIVACY POLICY

The Data Controller is JOSE GISBERT SL, Partida Barraquetes 1A, 03450, Banyeres de Mariola (ALICANTE).

 

Privacy principles

At JOSE GISBERT SL we are committed to working with you continuously to guarantee privacy in the treatment of your personal data, and to offer you at all times the most complete and clear information that we can. We encourage you to read this section carefully before providing us with your personal data.

 

If you are under fourteen years of age, please do not provide us with your personal information without parental consent.

 

In this section we inform you about how we treat the data of people who have a relationship with our organization. Starting with our principles:

  • We do not ask for personal information, unless it is necessary to provide you with the services we provide to you.
  • We never share personal information with anyone, except to comply with the law, or with your authorization.
  • We will never use your personal information for purposes other than those stated in this privacy policy.
  • Your data will always be treated with a level of protection appropriate to the legislation on data protection, and we will not subject them to any decisions that may affect them.

This privacy policy has been drafted taking into account the requirements of the current data protection laws:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons (GDPR).
  • Organic Law 3/2018 of December 5, 2018, on the Protection of Personal Data and guarantee of digital rights (LOPD).
  • Royal Decree 1720/2007, of December 21 (RLOPD).

This privacy policy is dated December 6, 2018.

 

On the occasion of the modification of treatment criteria, in order to facilitate its understanding or to adapt it to the current legislation, it is possible that we modify the present privacy policy. We will update the date of the same, so that you can check its validity.

 

TREATMENT WE PERFORM

 

TREATMENT OF EMPLOYEES

 

Legal Basis: GDPR: 6.1.b) Processing necessary for the performance of a contract to which the data subject is a party or for the implementation at the request of the data subject of pre-contractual measures.
RGPD: 6.1.c) Processing necessary for compliance with a legal obligation applicable to the data controller.
Royal Legislative Decree 2/2015, of October 23, approving the revised text of the Workers’ Statute Law.

 

Purposes of Treatment: Management of hired personnel.

  • Personal file. Schedule control. Training. Pension plans. Occupational risk prevention.
  • Issuance of the employee’s payroll.
  • Activity management.

Group: Employees

 

Data Categories: Full name, DNI/CIF/identifying document, personnel registration number, Social Security/Mutuality number, address, signature and telephone number.
Special categories of data: health data (sick leave, occupational accidents and degree of disability, without including diagnoses), union membership, for the sole purpose of payment of union dues (if applicable), union representative (if applicable), own and third party proof of attendance.

Personal characteristics data: Sex, marital status, nationality, age, date and place of birth and family data. Family circumstances data: Date of registration and discharge, licenses, permits and authorizations.

Academic and professional data: Degrees, training and professional experience. Details of employment and administrative career. Incompatibilities.

Attendance control data: date/time of arrival and departure, reason for absence.

Economic-financial data: Payroll economic data, credits, loans, guarantees, tax deductions, reduction of credits corresponding to the previous job (if applicable), judicial withholdings (if applicable), other withholdings (if applicable). Bank details.

 

Recipient Categories: Entity entrusted with the management of occupational risks.

  • General Treasury of the Social Security
  • Organizations
  • Entities
  • State Administration Agency
  • Main contractors to whom we provide services such as

International wire transfers: No international transfer of data is foreseen.

Period for suppression: They will be kept for the time necessary to fulfill the purpose for which they were collected and to determine the possible responsibilities that may arise from that purpose and from the processing of the data.

 

The economic data of this processing activity will be kept in accordance with the provisions of Law 58/2003, of December 17, 2003, General Tax Law.

 

Security Measures: Adapted to the requirements of Regulation (EU) 2016/679, General Data Protection Regulation.

 

TREATMENT OF CONTACTS

 

Legal Basis: Consent of the person concerned

Purposes of Treatment: Respond to your request, send you information and follow up on your request.

Group: Contact persons, customers, suppliers

Data Categories: Full name, phone number, email address

Recipient Categories: No transfer of data to third parties is envisaged.

International Transfers: No international transfer of data is foreseen.

Period of suppression: Contact data will be kept for an indefinite period of time, or until the interested party requests its deletion.

Security Measures: Adapted to the requirements of Regulation (EU) 2016/679, General Data Protection Regulation.

 

PROCESSING OF CANDIDATES IN SELECTION PROCESSES (HR)

 

 

Legal Basis: RGPD: 6.1.b) Processing necessary for the performance of a contract to which the data subject is a party or for the implementation of pre-contractual measures at his or her request.

Purposes of Treatment: Selección de personal y provisión de puestos de trabajo.

Group: Candidatos presentados a procedimientos de provisión de puestos de trabajo. Data Categories: Full name, DNI/CIF/identification document, personnel registration number, address, signature and telephone number.

Special data categories: health data (disabilities).

Datos de características personales: Sexo, estado civil, nacionalidad, edad, fecha y lugar de nacimiento y datos familiares.

Academic and professional data: Qualifications, training and professional experience. Detailed employment data.

Recipient Categories: No transfer of data to third parties is foreseen.

International Transfers: No international transfer of data is foreseen.

Period of suppression: They will be kept for the time necessary to fulfill the purpose for which they were collected and to determine the possible liabilities that may arise from such purpose and from the processing of the data.

Security Measures: Adapted to the requirements of Regulation (EU) 2016/679, General Data Protection Regulation.

 

VENDOR PROCESSING

 

Legal Basis: RGPD: 6.1.b) Processing necessary for the performance of a contract to which the data subject is a party or for the implementation of pre-contractual measures at his or her request.

RGPD: 6.1.c) Processing necessary for compliance with a legal obligation applicable to the data controller.
Royal Legislative Decree 2/2015, of October 23, approving the revised text of the Workers’ Statute Law.
Law 58/2003, of December 17, 2003, General Tax Law.

RGPD: 6.1.c) Processing necessary for compliance with a legal obligation applicable to the controller.

Royal Legislative Decree 2/2015, of October 23, which approves the revised text of the Workers’ Statute Law.
Law 58/2003, of December 17, 2003, General Tax Law.

Purposes of Treatment: Acquisition of products and/or services that we need for the development of our activity.

  • Control of subcontractors if

Collectivo: Providers.

  • Workers of our

Data Categories: Full name, ID card, address, signature and phone number.

  • Employment Detail Data: Job Title. Security training
  • Economic-financial and insurance data: Banking data

 

Recipient Categories:  Financial Institutions (Payment of invoices)

  • State Administration Agency

International Transfers: No international transfer of data is foreseen. Time period of suppression: They will be kept for the time necessary to fulfill the purpose for which they were collected and to determine the possible liabilities that may arise from that purpose and the processing of the data, in accordance with Law 58/2003, of December 17, General Tax Law.

 

Security Measures: Adapted to the requirements of Regulation (EU) 2016/679, General Data Protection Regulation.

 

CUSTOMER PROCESSING.

 

Legal Basis: RGPD: 6.1.a) The data subject consented to the processing of his or her personal data for one or more specific purposes.

RGPD: 6.1.b) Processing necessary for the performance of a contract to which the data subject is a party or for the party or for the implementation of pre-contractual measures at his or her request.

RGPD: 6.1.c) Processing necessary for compliance with a legal obligation applicable to the controller.

Royal Legislative Decree 2/2015, of October 23, which approves the revised text of the Workers’ Statute Law.

Law 58/2003, of December 17, 2003, General Tax Law.

Purposes of Treatment: Supply of our products / services

Group: Customers

Data Categories: Full name, ID card, address, signature and phone number.

  • Economic-financial and insurance data: Banking data

Recipient Categories: Financial entities.

  • State Administration Agency

International Transfers: No international transfer of data is foreseen.

Time period of suppression: They will be kept for the time necessary to fulfill the purpose for which they were collected and to determine the possible liabilities that may arise from that purpose and the processing of the data, in accordance with Law 58/2003, of December 17, General Tax Law.

Security Measures: Adapted to the requirements of Regulation (EU) 2016/679, General Data Protection Regulation.

 

YOUR RIGHTS

You have the right to request a copy of your personal data to us, to rectify inaccurate data or complete them if they are incomplete, or delete them if they are no longer necessary for the purposes for which they were collected.

You also have the right to limit the processing of your personal data and to obtain your personal data in a structured and readable format.

You may object to the processing of your personal data in certain circumstances (in particular, when we do not have to process it in order to comply with a contractual or other legal requirement, or when the purpose of the processing is direct marketing).

 

Where you have given us your consent, you may withdraw your consent at any time. We will then stop processing your data or, as the case may be, we will stop processing your data for that particular purpose. If you decide to withdraw your consent, this will not affect any processing that has taken place while your consent was in force.

 

These rights may be limited; for example, if we need to disclose information about another person in order to fulfill your request, or if you ask us to delete certain records that we are required to keep by law or for a legitimate interest, such as to defend against claims. Or even in those cases where the right to freedom of expression and information must prevail.

You can contact us by any of the means indicated in the Data Controller section of this privacy policy, providing a copy of a document proving your identity (usually the ID card).

Another of your rights is not to be subject to a decision based solely on automated processing, including profiling that produces legal effects or involves you.

In the event of any violation of your rights, for example, if we have not complied with your request, you have the right to lodge a complaint with the supervisory authority in charge of data protection. This may be the one in your country (if you live outside Spain) or the Spanish Data Protection Agency (if you live in Spain).

 

Additional information

 

Processing of your data outside the European Economic Area.

 

For the indicated treatments, we may use the services of the following providers outside the European Economic Area, but covered by the Privacy Shield agreement, approved by the data protection authorities of the European Union.

 

Amazon: Read more: https://www.privacyshield.gov/participant?id=a2zt0000000TOWQAA4

 

Apple iOS: Read more: https://www.privacyshield.gov/participant?id=a2zt0000000GnZjAAK

 

Dropbox: Read more: https://www.privacyshield.gov/participant?id=a2zt0000000GnCLAA0

Facebook/Instagram (FB Messenger): Read more: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC

 

Google (Drive /Mail…): Read more: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI

 

Linkedin: Read more: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0

 

Mailchimp: Read more: https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG

 

Microsoft   (Drive,  Skype…):  Read more: https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK

 

Twitter: Micro-blogging social network. Read more: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active

 

Whatsapp: Mobile instant messaging. Read more: https://www.privacyshield.gov/participant?id=a2zt0000000TSnwAAG

 

Links to third party websites

 

Our website may, on some occasions, contain links to other websites. It is your responsibility to ensure that you read the data protection policy and legal conditions that apply to each site.

 

Third party data

 

If you provide us with data of third parties, you assume the responsibility to inform them in advance in accordance with the provisions of Article 14 of the GDPR.