Privacy Policy
1. Personal Data Protection Policy
In compliance with current regulations on data protection, Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016 (GDPR), on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), the Organic Law on the Protection of Personal Data and Digital Rights Guarantee (LOPDGDD, 3/2018), we inform you that the Personal Data Protection Policy, in what concerns to the processing of personal data, is described below.
2.1 Controller
The controller is the legal entity who determines the means and the purposes of the processing of personal data. Or, what is the same, the controller is the one who decides how and the purpose of processing personal data.
- Corporate name: INPROSEC AUTO, S.L.
- Entered in the Mercantile Registry of Pontevedra
- NIF: B27851443
- Domicilio: C/ Garcia Barbon 112 5º B 36201 – (Vigo) – Pontevedra
- E-mail address: dataprotection@inprosec.com
2.2 What kind of personal data do we process and how do we protect them?
“Personal data” are any information relating to an identified or identifiable natural person.
To achieve the purposes of this Privacy Policy, the controller collects and processes the personal data according to each type of processing, which will depend on the different services you will request, or on the contractual relation that joins you with our company.
Our organisation undertakes to process your personal data in full confidentiality, and to apply all the relevant security measures, either physical, technical, or organizational, to protect your personal data.
You guarantee and respond, in any case, of the veracity, accuracy, validity, and authenticity of the personal data that you provided us, and you are also committed to keep them properly updated.
2.3. “Employees” data processing
1. What kind of personal data do we process?
- Identifying data: name, ID card number, address, phone number, e-mail address, social security number, picture.
- Personal data: gender, civil status, nationality, age, date and place of birth, and family data.
- Financial data: bank account.
- Social circumstances data: licenses and permits.
- Academic and professional data: occupation, position, professional experience, academic titles.
- Other: in some cases, we may process other data such as disability degree in order to complying with tax requirements, geolocation in case of use of mobile devices.
2. What is the purpose to process your personal data?
The purpose of the processing is the management of the employment relationship, the management of payroll, administrative and payment management, the compliance with tax and employment obligations of the company, access control, training management and professional development, and occupational risk prevention. Also, your image, personal and telephone number can be treated for specific purposes, for which your express consent will be requested and may be withdrawn at any time. It is also planned to process some personal data in order to guarantee the security of corporate information on mobile devices and employees CV reviews in order to probe the skill solvency of the company.
Our organisation undertakes to process your personal data in full confidentiality, and to apply all the relevant security measures, either physical, technical, or organizational, to protect your personal data.
We will store the provided data as long as the employment relationship is in force. If, once the relationship is over, you decide to erase your personal data, these will be stored in our databases until the legal deadlines defined by the accounting, tax and labor regulations have expired, and they will be deleted when those legal deadlines -or any other applied to it- have expired. In cases where consent is required, you may withdraw it at any time.
3. Which are the legal grounds for the data processing?
The legal basis to process your personal data are the performance of an employment contract between us, and the fulfilment of our legal tax, accounting, and administrative obligations.
The legitimate interest of INPROSEC to preserve the security of ist data and of its clients, which are managed by the employees through devices owned by the company and whose destiny is purely professional.
In some cases, we also request your express consent for other purposes as to use your personal image in social networking sites posts, or in the company´s web site with the aim of publising events or acts related to the company´s activity or the use of your personal telephone number.
We also request your consent in the case of profile 2 (COPE) and 3 (BYOD) in cases where the worker uses mobile devices for professional purposes, since in these cases it is possible to combine a personal and professional use, but subject to the use of the MDM, which requires the user to authorize this mixed use and its control. In any case, giving consent is not compulsory and you can refuse without implying any consequence, notwithstanding that you can only use profile 1 (corporate), for strictly professional use.
4. Who will be the recipient of the communication of your data?
We will not make any cession of your data, except those that are necessary to public bodies such as Tax Agency (data and tax witholdings), Social Security (membership fees and employment data) and Mutuals due to legal obligation, or to financial entities in charge of the payroll payment.
In particular and only if applicable, your personal identification data and contact information could be delivered to the travel agencies in charge of the management of the trips, for the processing of visas, hotel reservations and airline tickets. Some of these transfers could be to third countries.
Likewise, a review of your curriculum vitae or resume, as well as the data of your registration in Social Security as an employee could be delivered to companies and client institutions, as part of the technical documentation included in the offers of projects submitted, for the purpose of being able to prove the technical solvency of the company, and its compliance with labor legislation and prevention of occupational risks. Some of these transfers could be international, to companies located in other countries.
In addition, employees’ personal data can be shared among Inprosec group companies (such as Inprosec Auto and Inprosec Mexico) when required for the execution of projects.
Your photograph as a worker of the company could be used within a publication or Web page with the purpose of disclosing a specific event or performance related to the activities of the company.
In addition, your data will be communicated to the following processor:+
- Microsoft Office 365: cloud service located in Europe
- In the case of use of mobile devices, an international transfer of data to the United States takes place based on the Privacy Shield, protected by the company Zoho Corporation. In addition, this company makes an export of data to its subsidiary in India.
With regard to international data transfers: further international transfers will not be made.
2.4. “Employment candidates” data processing
1. What kind of personal data do we process?
- Identifying data: name, ID card number, address, phone number, e-mail address, social security number.
- Personal data: gender, civil status, nationality, age, date and place of birth, and family data.
- Academic and professional data: occupation, position, professional experience, academic titles.
2. What is the purpose to process your personal data?
The personal data provided will be used for the management of personnel selection processes. Likewise, your personal data could be stored in order to participate in future recruiting processes.
Our organization is committed to process your personal data with total confidentiality and to apply the appropriate security measures, either physical, technical or organizational, to protect them.
The personal data provided will be kept as long long as the selection process is being held, and thereinafter, for the following personnel selection processes if you give your express consent, and during the time that you do not exercise your right to object, which you can request at any time.
3. Which are the legal grounds for the data processing?
The legal basis to process your personal data is your express consent.
4. Who will be the recipient of the communication of your data?
Your data may be shared with INPROSEC AUTO S.L. (B27851443) which is a company integrated within the same business group, for what your express consent is required.
Your personal data will not be transferred to any other entity.
International data transfers have not been foreseen.
In addition, your data will be communicated to the following processor:
- Microsoft Office 365: cloud service located in Europe.
2.5. “Customers” data processing
1. What kind of personal data do we process?
- Identifying data: name, ID card number, address, phone number, e-mail address.
- Financial data: bank account, credit card data.
- Academic and professional data: occupation, position, professional experience, academic titles.
- Data related to transactions: products and services provided.
2. What is the purpose to process your personal data?
We process your personal data to manage your data, as client of the company, and to maintain our business relationship, the accounting, administrative or billing management, as well as tax obligations.
Our organization is committed to process your personal data with total confidentiality and to apply the appropriate security measures, physical, technical and organizational, to protect them.
The personal data provided will be kept as long as the business relationship is maintained. If you decide to erase your personal data, these can be stored in our databases during the legal deadlines to comply with tax and accounting obligations and will be eliminated once those legal deadlines -or any other applied to it- have expired.
3. Which are the legal grounds for the data processing?
The legal basis to process your personal data is the performance of the contract that unites us in a costumer relationship, and the compliance with our legal tax, accounting, and administrative obligations.
Moreover, we are pleased to inform you that, in accordance with Article 21.2 of Law 34/2002, of services of the information society and the electronic commerce, your consent is not necessary when there is a prior contractual relationship, provided that their data have been obtained in a lawful manner and are used for sending commercial communications referring to products or services of our company that are similar to those that were initially contracted with you, as a client.
4. Who will be the recipient of the communication of your data?
Your personal data will not be transferred to any entity, except those that are necessary due to legal obligation, as well as those necessary to carry out our commercial activities such as the transfer to financial entities to manage payments.
International data transfers have not been foreseen.
Your data will be communicated to the following processor:
• Microsoft Office 365: cloud service located in Europe.
2.6 “Suppliers” data processing
1. What kind of personal data do we process?
- Identifying data: name, ID card number, address, phone number, e-mail address.
- Financial data: bank account, credit card data.
- Academic and professional data: occupation, position, professional experience, academic titles.
- Data related to transactions: products and services provided.
- Geolocation data in case of mobile devices owned by the company.
2. What is the purpose to process your personal data?
We process your personal data to manage your data, as a supplier of the company, and to maintain our business relationship, the accounting, administrative or billing management, as well as tax obligations.
Your photography as a participant in events organized by the company or subcontracted part thereof, could be used within a publication or web page with the purpose of disclosing a specific event or performance related to the activities of the company, as long as the authorization is given prior to and expressly.
Also, we may treat some personal data in order to ensure the security of corporate information on mobile devices or computer equipment that Inprosec makes available for the provision of its services (if applicable).
It is also foreseen the processing of supplier data with other different purposes, for which the express consent of the interested party will be requested.
Our organization is committed to process your personal data with total confidentiality and to apply the appropriate security measures, physical, technical and organizational, to protect them.
Our organization is committed to process your personal data with total confidentiality and to apply the appropriate security measures, physical, technical and organizational, to protect them.
3. Which are the legal grounds for the data processing?
The legal basis to process your personal data is the performance of the contract that unites us in a supplier relationship, and the compliance with our legal tax, accounting, and administrative obligations.
For the publication of your photosyour express consent is requested.
The legitimate interest of the company to preserve the security of its data and corporate information and for sharing your identifying data with travel agencies.
Moreover, we are pleased to inform you that, in accordance with Article 21.2 of Law 34/2002, of services of the information society and the electronic commerce, your consent is not necessary when there is a prior contractual relationship, provided that their data have been obtained in a lawful manner and are used for sending commercial communications referring to products or services of our company that are similar to those that were initially contracted with you, as a supplier.
4. Who will be the recipient of the communication of your data?
Your personal data will not be transferred to any entity, except those that are necessary due to legal obligation, as well as those necessary to carry out our commercial activities such as the transfer to financial entities to manage payments.
In particular and only if applicable, your personal identification data and contact information could be delivered to the travel agencies in charge of the management of the trips, for the processing of visas, hotel reservations and airline tickets. Some of these transfers could be to third countries.
Likewise, a review of your curriculum vitae or resume, as well as the data of your registration in Social Security as a supplier or sub hired party for a project could be delivered to companies and client institutions, as part of the technical documentation included in the offers of projects submitted, for the purpose of to be able to prove the technical solvency of the company, and its compliance with legislation. Some of these transfers could be international, to companies located in other countries.
In addition, supplier personal data can be shared among Inprosec group companies (such as Inprosec Auto and Inprosec Mexico) when required for the execution of client projects.
Your photograph could be used within a publication or Web page with the purpose of disclosing a specific event or performance related to the activities of the company, if authorised.
In addition, your data will be communicated to the following processor:
- Microsoft Office 365: cloud service located in Europe
- In the case of use of mobile devices, an international transfer of data to the United States takes place based on the Privacy Shield, protected by the company Zoho Corporation. In addition, this company makes an export of data to its subsidiary in India.
With regard to international data transfers: further international transfers will not be made.
2.7. “Contacts and Potential Clients” data processing
1. What kind of personal data do we process?
- Identifying data: name, ID card number, address, phone number, e-mail address.
2. What is the purpose of processing your personal data?
The purpose of the processing is the. management of business contacts data and potential customers.
The purpose of advertising and commercial prospection has also been foreseen, for which we also have to request your express consent.
Our organization is committed to process your personal data with total confidentiality and to apply the appropriate security measures, either physical, technical or organizational, to protect them.We will store the provided data.
The personal data provided will be kept as long as the contact relationship is maintained, and you do not exercise your right to opposition, which you can request at any time.
3. Which are the legal grounds of the data processing?
The legal basis to process your personal data is the legitimate interest of the company to maintain commercial relationships and your express consent for any other purpose beyond it.
4. Who will be the recipient of the communication of your data?
Your personal data will not be transferred to any other entity, except those that are necessary due to legal obligation, as well as those necessary to carry out our commercial activities.
International data transfers have not been foreseen.
Your data will be communicated to the following processor:
- Microsoft Office 365: cloud service located in Europe.
3. What are your rights when you provide us with your personal data?
In accordance with the applicable regulation on Personal Data Protection, you have the following rights in relation to your personal data processing.
For the data subject, the exercise of these rights will be free of change, except in cases where your make manifestly unfounded or excessive requests, especially repetitive ones. We will deal with your query to exercise your rights as soon as possible within a period of 1 month.
These rights are the following:
- Right of information: You have the right to be informed about the use and processing of your personal data in a concise, transparent, intelligible and easily accessible manner, with a clear and plain language.
- Right of access information: You have the right to enquire us, at any time, to confirm if we are processing your personal data, and where that is the case, to access to your personal data and other information about the processing, and also to obtain a copy of that data. The copy of your personal data will be free of charge, but the request for additional copies may be charged a reasonable fee, based on administrative costs. For our part, we can ask you to prove your identity or require you more information that is necessary to manage your request.
- Right to rectification: You have the right to obtain from the controller without undue delay the rectification of inaccurate personal data, non updated or incomplete concerning you. Also, you can request to have incomplete personal data completed, even by providing a supplementary statement.
- Right to erasure: You have the right to request the removal of your personal data when, among other reasons, the data is no longer necessary for the purposes it was collected for. However, this right is not absolute: our organization may continue to keep them -duly blocked- in the cases foreseen by the applicable regulation.
- Right to restriction of processing: You have the right to request us to restrict the processing of your personal data, which means that we can continue to store them, but not continue processing them if any of the following conditions is fulfilled:
- That you impugn the accuracy of the data, during a period that allows the controller to verify the accuracy of those;
- The processing of your data is unlawful, and you request the restriction of its use instead of removing them.
- Our entity no longer needs the data for the purposes of the processing, but you need them to formulate, exercise, or defend your complaints.
- You have opposed to the processing, while verifying if our legitimate grounds prevail over yours.
- Right to data portability: You have the right to have your data transmitted to another data controller in a structured, commonly used and machine-readable format. This right applies when the processing of your personal data is based on your consent or on the execution of a contract, and that processing is carried out by automated means.
- Right of object: This right allows you to oppose the processing of your personal data, including the development of profiles. We only will not attend your right in the case that we accredit legitimate reasons for the processing, formulation, exercise or defend of claims.
- Right not to be subject of automated decision-making, including profiling: This right allows you not to be the subject of decisions based only on automated processing, including the development of profiles, which produce legal effects or affect you in any similar way. Unless those decisions are necessary for the fulfilment or execution of a contract authorized by a legal regulation or are based on consent.
- Right to withdraw your consent: In those cases, in which we have obtained your consent for processing your personal data in relation to certain activities (for example, in order to send you commercial communications), you may withdraw it at any time. In this way, we will stop performing that specific activity that you had previously consented, unless there is another reason that justifies the continuity of the processing of your data for these purposes, in which case, we will notify you this situation.
- Right to lodge a complaint with a supervisory authority: You have the right to file a claim with the Spanish Agency for Data Protection, Jorge Juan Road number 6, 28001 Madrid, phone number: 901 100 099 – 912 663 517 (www.agpd.es) , or in the this web address: https://sedeagpd.gob.es/sede-electronica-web/vistas/formQuejasSugerencias/seleccionarQuejaSugerencia.jsf
You can exercise the aforementioned rights by sending us a communication in writing to the address indicated above or to the electronic address above-mentioned, attaching a document accrediting your identity and providing us with the necessary details to process your request.
The interested party can obtain additional information about their rights on the website of Spanish Agency for Data protection, www.agpd.es.
4. Terms of Access and Use of this Web Site
The access to this Website is the sole responsibility of the user, and it involves accepting and knowing the legal warnings, the conditions and the terms of use contained therein. The user guarantees the authenticity and veracity of all the data communicated both in the completion of registration forms and at any subsequent time, being responsible for updating the information provided, in a way that reflects your real situation. The user will be responsible for the inaccuracy or lack of veracity of the information provided.
USER undertakes to make appropriate use of the content and the services (such as chat services, discussion forums or newsgroups) that our company offers through its portal, and –with an enunciatively but not limited nature-, not to use them for:
- illegal, contrary to good faith or public order activities;
- Disseminated, racist, xenophobic, illegal-pornographic, advocating terrorism or attacking human rights, content or publicity;
- cause damage to the physical and logical systems of the company that created the website, or of its suppliers or third parties, introduce or spread computer viruses or any other physical or logical systems that are likely to cause the damage previously mentioned;
- try to access or even use the email accounts of other users and modify or manipulate their messages
Our company reserves the right to delete all comments and contributions that violate respect for the human dignity, that are discriminatory, xenophobic, racist, pornographic, that attempt against youth or childhood, against the order or public safety or which, in his opinion, would not be suitable for publication.
In any case, the company will not be responsible for the opinions expressed by users through forums, chats, or other participation tools.
5. Intellectual Property Rights
The user undertakes to respect the intellectual property rights of the organization. The use or granting of access to this Website does not imply the granting of any right over trademarks, trade names or any other distinctive sign used in it.
The term “Website” includes -with a delimiting but not limiting character- the data, texts, graphics, images, animations, musical creations, videos, sounds, drawings, photographs and others included in it, and, in general, all creations expressed by any tangible or intangible means or devices, regardless of whether they are susceptible or not of intellectual property according to the Revised Text of the Intellectual Property Law.
The downloads of this Website for commercial purposes are prohibited, so the user may not utilise, reproduce, distribute, modify, publicly communicate, transfer, transform or use the content of this Website for commercial purposes.
Likewise, according to what is established in this Legal Warning, the total or partial reproduction of the content of this Website is forbidden without the express authorization of the author and without being assumed that the user has any right over it just for him having granted access.
6. Cookies Policy
You can check this policy at the following URL : https://inprotech.es/en/cookies-policy
7. Exemption and limitation of Liability
Our company is exempt from any type of liability, for damages of any nature in the following cases without any limitation:
- Due to the impossibility or difficulties of connection to the communications network through which this Website is accessible, regardless of the type of connection used by the user.
- For the interruption, suspension or cancellation of access to the Website, for the availability and continuity of operation of the website or of the services and / or contents therein, when this is due:
- to the interruption of the technical maintenance service of the web,
- to a cause beyond our company control, whether it comes directly or indirectly from it.
- The quality and speed of access to the site, and the technical conditions that the user must meet in order to access the site and its services and / or contents.
8. Modification of Terms and conditions of use
These general conditions, and the particular conditions that may be established -with the wording that they present at all times- have an indefinite duration and will remain in force while the portal is still active. In any case, the company reserves its unilateral right to modify the conditions to access to them, as well as their content.
The person accessing the website accepts and agrees to comply with the following conditions of use: The user undertakes to use the services and information offered on the website in the form presented, without modifying the contents and for its exclusive use, without being able to transfer it in any way or notify anyone about them and is obliged to use them in his/her own and only interest in the way that corresponds according to the nature of the contents. The user agrees to use his/her access codes (username and password) for the exclusive use of its owner, and its custody, confidentiality and correct utilisation are his/her sole responsibility. Our company reserves the right to modify these general conditions of use at any time and without prior notice, so the user undertakes to review these General Conditions each time he accesses the website. Our company will not be responsible for any damage that the user or third parties may cause as a result of other people using his/her password, either with his/her knowledge or without it. The use of the Services and the Contents of the website is under the sole and exclusive responsibility of the Users.
Users are aware of, and they voluntarily accept, that the use of the Page and the Services and Contents takes place, in any case, under their sole and exclusive responsibility.
In particular, our company does not guarantee the continuity, availability and usefulness of the website, its Services and Contents. Therefore, it does not respond for possible damages of any nature that could be caused to the users.
Our company does not guarantee the absence of viruses or other elements that may cause alterations in the user’s computer system or in electronic documents or files stored in it. Therefore, the company is not liable for any damages and any kind of losses that could derive for users.
9. Applicable Law and Competent Jurisdiction
These General Conditions of Use of the Website are governed by Spanish law.
The parties, expressly waiving their own jurisdiction, submit to the Courts and Tribunals of Vigo for the resolution of any dispute that may arise.
10. Online Litigation
In compliance with the duty of information regarding online dispute resolution, in accordance with Art. 14.1 of Regulation (EU) 524/2013, we inform you that the European Commission provides an online dispute resolution platform, which is available for you at the following link: http://ec.europa.eu/consumers/odr/