OUR BACK TO OFFICE COLLECTION IS NOW AVAILABLE! FLORENCE, THE OUTCOME OF OUR EVENT COLLECTION

Privacy Policy

PERSONAL DATA INFORMATION

Last revised: July 30th, 2024.

DATA CONTROLLER

The Data Controller is POLIN ET MOI S.L., Calle Bruselas, 5-E, 28232, Las Rozas (MADRID).

Privacy Principles

At POLIN ET MOI S.L., we are committed to continuously working to ensure the privacy of your personal data processing and to provide you with the most complete and clear information possible. We encourage you to read this section carefully before providing us with your personal data.

If you are under fourteen years old, please do not provide us with your data without your parents' consent.

In this section, we inform you how we process the data of people who have a relationship with our organization, starting with our principles:

  • We do not request personal information unless it is necessary to provide you with the services you request.
  • We never share personal information with anyone, except to comply with the law, or if we have your express authorization.
  • We will never use your personal data for purposes other than those expressed in this privacy policy.
  • Your data will always be treated with a level of protection appropriate to data protection legislation, and we will not subject them to automated decisions.

We have drafted this privacy policy considering the requirements of the current data protection legislation:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons (GDPR).
  • Organic Law 3/2018, of 5 December, on Personal Data Protection and guarantee of digital rights (LOPD).
  • Royal Decree 1720/2007, of 21 December (RLOPD).

Due to the modification of treatment criteria, to facilitate its understanding or to adapt it to current legislation, we may modify this privacy policy. We will update the date accordingly, so you can check its validity.

Data Processing Activities

EMPLOYEE DATA PROCESSING

Legal Basis:

  • GDPR: 6.1.b) Processing necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract.
  • GDPR: 6.1.c) Processing necessary for compliance with a legal obligation to which the controller is subject.
  • Royal Legislative Decree 2/2015, of 23 October, approving the revised text of the Workers' Statute Law.

Purpose of Processing:

  • Management of hired personnel.
  • Personal file, time control, training, pension plans, occupational risk prevention.
  • Issuance of payroll.
  • Management of union activity.

Data Subjects: Employees

Categories of Data:

  • Names and surnames, DNI/NIF/ID document, employee register number, Social Security/Mutuality number, address, signature, and telephone.
  • Special categories of data: health data (sick leaves, occupational accidents, and disability degree, without diagnosis inclusion), union membership (for the exclusive purpose of union fee payment, if applicable), union representative (if applicable), attendance justifications for self and third parties.
  • Personal characteristics data: gender, marital status, nationality, age, date and place of birth, and family data. Family circumstances data: date of joining and leaving, licenses, permits, and authorizations.
  • Academic and professional data: qualifications, training, and professional experience.
  • Job and career details, incompatibilities.
  • Presence control data: entry and exit date/time, absence reason.
  • Economic-financial data: payroll data, credits, loans, guarantees, tax deductions, previous job income deductions (if applicable), judicial withholdings (if applicable), other withholdings (if applicable). Banking data.

Categories of Recipients:

  • Entity entrusted with occupational risk management.
  • General Treasury of Social Security.
  • Union organizations.
  • Financial entities.
  • State Tax Administration Agency.
  • Main contractors to whom we provide services as subcontractors.

International Transfers: No international data transfers are foreseen.

Retention Period: They will be kept for the necessary time to fulfill the purpose for which they were collected and to determine possible liabilities derived from that purpose and data processing. Economic data of this processing activity will be retained under the provisions of Law 58/2003, of 17 December, General Taxation.

Security Measures: Adapted to the requirements of Regulation (EU) 2016/679, General Data Protection Regulation.

CONTACT DATA PROCESSING

Legal Basis: Consent of the data subject

Purpose of Processing: To address your request, send information, and follow up on the request.

Data Subjects: Contact persons, clients, suppliers

Categories of Data: Names and surnames, telephone, email address

Categories of Recipients: No data transfers to third parties are contemplated.

International Transfers: No international data transfers are foreseen.

Retention Period: Contact data will be kept indefinitely or until the data subject requests its deletion.

Security Measures: Adapted to the requirements of Regulation (EU) 2016/679, General Data Protection Regulation.

PROCESSING OF RIGHTS OF PERSONS (ARCO)

Legal Basis:

  • GDPR: 6.1.c) Processing necessary for compliance with a legal obligation to which the controller is subject.
  • General Data Protection Regulation.

Purpose of Processing: To address requests in the exercise of the rights established by the General Data Protection Regulation: Right of access, rectification, erasure, restriction, portability, and objection to automated decision-making.

Data Subjects: Natural persons who request it (employees, clients, suppliers, contact persons)

Categories of Data: Names and surnames, address, signature, and telephone.

Categories of Recipients: Personal data may be communicated to the Supervisory Authority (Spanish Data Protection Agency) within the framework of a rights protection investigation initiated by the data subject.

International Transfers: No international data transfers are foreseen.

Retention Period: They will be kept for a period of five years from the moment of the request.

Security Measures: Adapted to the requirements of Regulation (EU) 2016/679, General Data Protection Regulation.

CANDIDATE PROCESSING FOR SELECTION PROCEDURES (HR)

Legal Basis:

  • GDPR 6.1.a) The data subject has given consent to the processing of their personal data for one or more specific purposes.
  • GDPR 6.1.b) Processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract.

Purpose of Processing: Personnel selection and job provision.

Data Subjects: Candidates applying for job positions.

Categories of Data:

  • Names and surnames, DNI/NIF/ID document, employee register number, address, signature, and telephone.
  • Personal characteristics data: gender, marital status, nationality, age, date and place of birth, and family data.
  • Academic and professional data: qualifications, training, and professional experience.
  • Employment details.

Categories of Recipients: No data transfers to third parties are foreseen.

International Transfers: No international data transfers are foreseen.

Retention Period: Data will be kept for the necessary time to fulfill the purpose for which they were collected and to determine possible liabilities derived from that purpose and data processing.

Security Measures: Adapted to the requirements of Regulation (EU) 2016/679, General Data Protection Regulation.

SUPPLIER DATA PROCESSING

Legal Basis:

  • GDPR: 6.1.b) Processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract.
  • GDPR: 6.1.c) Processing is necessary for compliance with a legal obligation to which the controller is subject.
  • Royal Legislative Decree 2/2015, of 23 October, approving the revised text of the Workers' Statute Law.
  • Law 58/2003, of 17 December, General Taxation.

Purpose of Processing:

  • Acquisition of products and/or services necessary for our activities.
  • Control of subcontractors if applicable.

Data Subjects:

  • Suppliers.
  • People working for our suppliers.

Categories of Data:

  • Names and surnames, DNI/NIF/ID document, address, signature, and telephone.
  • Employment details: job position, occupational safety training.
  • Economic, financial, and insurance data: banking data.

Categories of Recipients:

  • Financial entities (for invoice payments).
  • State Tax Administration Agency.

International Transfers: No international data transfers are foreseen.

Retention Period: Data will be kept for the necessary time to fulfill the purpose for which they were collected and to determine possible liabilities derived from that purpose and data processing, in accordance with Law 58/2003, of 17 December, General Taxation.

Security Measures: Adapted to the requirements of Regulation (EU) 2016/679, General Data Protection Regulation.

Close
Click for more products.
No produts were found.

Create a free account to save loved items.

Sign in