PRIVACY POLICY

PRIVACY POLICY:

RESPONSIBLE FOR THE TREATMENT The Responsible for the Treatment is CREACIONES JOVIAR, S.L., c / Huelva 4, 03440, Ibi (ALICANTE).

Privacy principles

From CREACIONES JOVIAR, S.L. We commit ourselves with you to work continuously to guarantee privacy in the processing of your personal data, and to offer you at all times the most complete and clear information we can. We encourage you to read this section carefully before providing your personal information. If you are under fourteen years of age, please do not provide us with your information without the consent of your parents. In this section we inform you of how we treat the data of the people who are related to our organization. Starting with our principles: – We do not request personal information, unless it is necessary to provide you with the services you require. – We never share personal information with anyone, except to comply with the law, or we have your express authorization. – We will never use your personal data for purposes other than those expressed in this privacy policy. – Your data will always be treated with a level of protection appropriate to the legislation on data protection, and we will not submit them to automated decisions.

We have drafted this privacy policy taking into account the requirements of the current data protection legislation: – Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons (GDPR). – Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights (LOPD). – Royal Decree 1720/2007, of December 21 (RLOPD).

This privacy policy is written on December 6, 2018. Due to the modification of the treatment criteria, in order to facilitate its understanding or adapt it to the current legislation, we may modify this privacy policy. We will update the date of it, so you can check its validity.

Treatments we do

TREATMENT OF EMPLOYEES

We have drafted this privacy policy taking into account the requirements of the current data protection legislation: – Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons (GDPR). – Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights (LOPD). – Royal Decree 1720/2007, of December 21 (RLOPD).

This privacy policy is written on December 6, 2018. Due to the modification of the treatment criteria, in order to facilitate its understanding or adapt it to the current legislation, we may modify this privacy policy. We will update the date of it, so you can check its validity.

Treatments we do

TREATMENT OF EMPLOYEES

Legal Basis: GDPR: 6.1.b) Necessary treatment for the execution of a contract in which the interested party is a party or for the application at the request of the latter of pre-contractual measures. GDPR: 6.1.c) Treatment necessary for the fulfillment of a legal obligation applicable to the person responsible for the treatment. Royal Legislative Decree 2/2015, of October 23, which approves the consolidated text of the Law of the Workers’ Statute.

Treatment Purposes:

– Management of hired staff. – Personal file. Time control Training. Pension plans. Prevention of occupational hazards. – Issuance of staff payroll. – Management of union activity.

– Entity entrusted with the management of occupational hazards. – General Treasury of the Social Security. – Trade union organizations. – Financial entities. – State Tax Administration Agency. – Main contractors to whom we provide services as subcontractors.

International Transfers:

No international transfers of data are planned.

Term of Suppression:

They will be kept for the time necessary to fulfill the purpose for which they were collected and to determine the possible responsibilities that may arise from said purpose and the processing of the data. The economic data of this treatment activity will be kept under the provisions of Law 58/2003, of December 17, General Tax.

Security Measures:

Adapted to the requirements of Regulation (EU) 2016/679, General Data Protection Regulation.

TREATMENT OF CONTACTS

Legal Base: Consent of the interested party

Purposes of Treatment: Respond to your request, send information and track the request.

Collective: Contact persons, customers, suppliers

Data Categories: Name and surname, telephone number, email address

Recipient Categories: No transfer of data to third parties is contemplated.

International Transfers: No international transfers of data are planned.

Term of Suppression: Contact information will be kept for an indefinite period, or until the interested party requests its deletion.

Security Measures: Adapted to the requirements of Regulation (EU) 2016/679, General Data Protection Regulation.

TREATMENT OF CANDIDATES SELECTION PROCESSES (HR)

Legal Basis: GDPR: 6.1.b) Necessary treatment for the execution of a contract in which the interested party is a party or for the application at the request of this pre-contractual measures.

Treatment Purposes:

Personnel selection and provision of jobs.

Collective: Candidates submitted to procedures for the provision of jobs.

Data Categories: Name and surname, DNI / CIF / Identification document, personnel registration number, address, signature and telephone number. Special categories of data: health data (disabilities). Personal characteristics data: Sex, marital status, nationality, age, date and place of birth and family data. Academic and professional data: Degrees, training and professional experience. Job detail data.

Recipient Categories: No transfer of data to third parties is planned.

International Transfers: No international transfers of data are planned.

Term of Suppression: They will be retained for the time necessary to fulfill the purpose for which they were collected and to determine the possible responsibilities that may arise from such purpose and the processing of the data.

Security Measures: Adapted to the requirements of Regulation (EU) 2016/679, General Data Protection Regulation.

TREATMENT OF SUPPLIERS

Legal Basis: GDPR: 6.1.b) Necessary treatment for the execution of a contract in which the interested party is a party or for the application at the request of the latter of pre-contractual measures. GDPR: 6.1.c) Treatment necessary for the fulfillment of a legal obligation applicable to the person responsible for the treatment. Royal Legislative Decree 2/2015, of October 23, which approves the consolidated text of the Law of the Workers’ Statute. Law 58/2003, of December 17, General Tax.

Purposes of Treatment: – Acquisition of products and / or services that we need for the development of our activity. – Control of subcontractors if applicable.

Collective: – Suppliers. – Workers of our suppliers.

Data Categories: – Name and surname, DNI / NIF / Identification document, address, signature and telephone. – Employment detail data: job position. Training in occupational safety. – Financial and insurance economic data: Bank details Recipient Categories: – Financial institutions. (Bill payment) – State Tax Administration Agency.

International Transfers: No international transfers of data are planned.

Term of Suppression: They will be kept for the time necessary to fulfill the purpose for which they were collected and to determine the possible responsibilities that may arise from such purpose and the processing of the data, in accordance with the Law 58/2003, of December 17, General Tax.

Security Measures: Adapted to the requirements of Regulation (EU) 2016/679, General Data Protection Regulation.

TREATMENT OF CUSTOMERS.

Legal Basis: GDPR: 6.1.a) The interested party gave his consent for the processing of his personal data for one or more specific purposes. GDPR: 6.1.b) Necessary treatment for the execution of a contract in which the interested party is a party or for the application at the request of the latter of pre-contractual measures. GDPR: 6.1.c) Treatment necessary for the fulfillment of a legal obligation applicable to the person responsible for the treatment. Royal Legislative Decree 2/2015, of October 23, which approves the consolidated text of the Law of the Workers’ Statute. Law 58/2003, of December 17, General Tax.

Treatment Purposes: Supply of our products / services

Collective: Customers Data Categories: – Name and surname, DNI / NIF / Identification document, address, signature and telephone. – Financial and insurance economic data: Bank details Recipient Categories: – Financial institutions. – State Tax Administration Agency.

International Transfers: No international transfers of data are planned.

Term of Suppression: They will be kept for the time necessary to fulfill the purpose for which they were collected and to determine the possible responsibilities that may arise from said purpose and the processing of the data, in accordance with the Law 58/2003, of December 17, General Tax,

Security Measures: Adapted to the requirements of Regulation (EU) 2016/679, General Data Protection Regulation.

TREATMENT OF VIDEOVIGILANCE

Legal Basis: GDPR: 6.1.c) the treatment is necessary for the satisfaction of legitimate interests pursued by the person responsible for the treatment or by a third party. Organic Law 2/1986, of March 13, on Security Forces and Bodies.

Purposes of Treatment: Ensure the safety of people, goods and facilities and labor control.

Collective: Workers, customers and suppliers, users.

Data Categories: Image and sound. Categories of Recipients: The recordings may be communicated to the Security Forces and Bodies, in the event of their request, or in the event that they record the commission of crimes. International Transfers: No international transfers of data are planned.

Term of Suppression: Not more than one month. Security Measures: Adapted to the requirements of Regulation (EU) 2016/679, General Data Protection Regulation.

YOUR RIGHTS

You have the right to request a copy of your personal data, to rectify inaccurate data or complete them if they are incomplete, or if necessary delete them, when they are no longer necessary for the purposes for which they were collected.

You also have the right to limit the processing of your personal data and to obtain your personal data in a structured and readable format.

You can object to the processing of your personal data in some circumstances (in particular, when we do not have to process them to comply with a contractual or other legal requirement, or when the object of the processing is direct marketing).

When you have given us your consent, you can withdraw it at any time. At that time we will stop processing your data or, where appropriate, we will stop doing so for that specific purpose. If you decide to withdraw your consent, this will not affect any treatment that has taken place while your consent was in effect.

These rights may be limited; For example, if to fulfill your request we had to reveal data about another person, or if you ask us to delete some records that we are obliged to keep for a legal obligation or for a legitimate interest, such as the exercise of defense against claims. Or even in those cases where the right to freedom of expression and information should prevail.

You can contact us by any of the means indicated in the section Responsible for the Treatment of this privacy policy, providing a copy of a document that proves your identity (usually the DNI).

Another of your rights is not to be subject to a decision based solely on automated processing, including the development of profiles that produce legal effects or affect you.

In the event of any violation of your rights, such as, for example, that we have not responded to your request, you have the right to file a claim with the Data Protection Authority. This may be that of your country (if you live outside Spain) or the Spanish Agency for Data Protection (if you live in Spain).

Additional information

Treatment of your data outside the European Economic Area.

For the indicated treatments we can use service from the following suppliers outside the European Economic Area, but under the Privacy Shield agreement, approved by the data protection authorities of the European Union.

Amazon : More information: https://www.privacyshield.gov/participant?id=a2zt0000000TOWQAA4

Dropbox : More information: https://www.privacyshield.gov/participant?id=a2zt0000000GnCLAA0

Facebook / Instagram (FB Messenger): More information: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC Google (Drive / Mail …): More information: https: // www.privacyshield.gov/participant?id=a2zt000000001L5AAI

Linkedin : More information: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0

Microsoft (Drive, Skype …): More information: https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK

Twitter : Micromensajes social network More information: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active

Whatsapp : Mobile instant messaging More information: https://www.privacyshield.gov/participant?id=a2zt0000000TSnwAAG

Links to third party websites. Our website may sometimes contain links to other websites. It is your responsibility to make sure you read the data protection policy and legal conditions that apply to each site.

Third party data . If you provide us with third-party data, you assume the responsibility of informing them in advance as established in article 14 of the GDPR.