Last Update a 17/05/2018
This Privacy and Data Protection Policy is part of the General Conditions that govern the www.panel.es website (hereinafter, the web), and through it provides expanded information on the data processing of a nature personal made by PANEL SISTEMAS INFORMÁTICOS, and that could be compiled and /or treated during the navigation through the web, or based on the commercial and /or labor relationship with the company PANEL SISTEMAS INFORMÁTICOS.
PANEL SISTEMAS INFORMÁTICOS S.L. (hereinafter PANEL, or the Treatment Responsible), with registered office at Condesa de Venadito, number 5, 1st floor, 28027 (Madrid) and CIF number B-83766485, is responsible for the processing of data provided by users (“Users”) through the Web, Social Networks, Electronic Mail, or based on the commercial and / or work relationship with PANEL.
You can contact PANEL by postal mail at the above address, by email to the address firstname.lastname@example.org, or by phone by calling 91 405 78 88.
WEB AND EMAIL CONTACTS
The Treatment Manager will treat the identification and contact data provided by users through contact forms, download centre form, or contacting with the Responsible by email, as well as any other data the user may include. In addition, PANEL may treat the IP, operating system or browser used by the user, and even the duration of the visit, anonymously.
The data will be treated with the following purposes:
– Answer queries, requests or petitions.
– Manage the requested service or process requests.
– Information by electronic means, which deal with an application.
– Carry out studies and improvements on the Web, on PANEL products and services.
– Improve the commercial strategy.
– Send commercial communications related to PANEL activity and the products and/or services marketed by PANEL.
SOCIAL NETWORK CONTACTS
All personal data available in Social Network profiles (RRSS), as well as those that the user provides to the Treatment Manager when contacting through this channel, will be treated with following purpose:
– Answer inquiries, requests or petitions.
– Manage the requested service or process a request.
– Establish a user-responsible relationship and create a community of followers.
– Send commercial communications related to the activity of PANEL and the products and/or services marketed by PANEL.
In this case, the treatment is based on the acceptance of a contractual relationship within the corresponding social network environment, and in accordance with its Privacy policies, thus it is advisable that the user consult the same.PANEL can only consult or cancel the data in a restricted way when having a specific profile. These will be treated if the user agrees to do it through the different interactions that each RRSS allows. The user shall complete the rectification of the data or restriction of information or publication by means of his/her profile configuration in the social network.
JOB AND PRACTICES SEEKERS
PANEL will process all data received through the CV sending form, both identification and contact data, as well as those contained in the CV attached by the candidate for the following purposes:
– Organization of selection processes for hiring employees.
– Schedule for job interviews and evaluation of candidacies.
Under PANEL’s conservation policy, personal data will be kept for a maximum period of one year from receipt of your Curriculum Vitae; After the same, you can renew your express consent and, if you do not renew it, your data will be deleted.
Likewise, PANEL SISTEMAS INFORMÁTICOS may communicate the Curriculum Vitae data to the clients to whom it was to be assigned with the same purpose, in order for the client to evaluate the adequacy of their profile as a candidate for the project offered.
As a rule, the Treatment Manager only deals with data provided by their owners. In case of receiving data by third parties, PANEL, prior to any other action, must inform and seek the consent to the involved people; otherwise PANEL will be exempt from any responsibility for the breach of this requirement.
PANEL will not process data for children under 14 years. Therefore, the user must refrain from providing them, if they are not that age or, if applicable, to provide data from third parties that do not have the age. PANEL disclaims any responsibility for provision breach.
PANEL will send commercial communications to the e-mail address provided by any of the means, as long as the user has given his/her express consent by checking the corresponding checkbox.
The Treatment Manager will store the email address in the database and will send commercial information periodically, until the user requests the cancellation or preferences update, options that will be available in all communications
The purposes of this specific treatment consist of:
– Manage the requested service.
– Information, by electronic means, which deal with the request.
– Commercial information or events by electronic means, if there is express authorization.
– Maintain the commercial relationship with the user.
– Perform analysis and improvements in mailing, to improve the commercial strategy.
PANEL has adopted an information security optimal level, setting the means and adopting the appropriate technical and organizational measures according to the state of the technology, to avoid the loss, misuse, alteration, unauthorized access or theft of Personal Data.
PANEL is a company certified in ISO 27001 standard for Information Security since 2016. Check our certification in this link.
The users’ personal data may be transferred to:
- State Tax Administration Agency, and banks and financial entities to collect the service provided or product purchased; by virtue of legal obligation.
- To PANEL website users’ community, as long as the user interacts by publishing comments.
- In charge of the treatment necessary for the service provision , those who will have signed a contract for the services provision that requires them to maintain the same level of privacy as that of the Treatment Manager.
- Likewise, PANEL will, in no case, provide its personal data to third parties so that they can send you advertising or commercial information directly.
If any of the assignments involves an international transfer of data when using American applications, it will be adhered to the Privacy Shield agreement, which guarantees that American software companies comply with the European data protection policies regarding privacy.
The regulation on data protection recognizes the user a series of rights, which PANEL as responsible, is obliged to satisfy:
– Knowledge about the process of your data.
– Access to the personal data object of the treatment.
– Request data rectification if they are inaccurate.
– Request deletion of data if they are no longer necessary for the purposes for which they were gathered or if you withdraw the consent granted.
– Request to limitation of data treatment, in some cases, where they will only be conserved according to current regulations.
– Data portability, which will be provided in a structured, commonly used or machine-readable format; or they may be sent to the new designated manager. It is only valid in certain cases.
– Fulfil a claim with the Spanish Data Protection Agency or competent control authority.
– Revoke the consent for any treatment for which he had consented, at any time.
To facilitate the process and to comply with the principle of data accuracy, if any data is modified, the Treatment Manager thanks the communication of this amendment to the email account email@example.com
For the exercise of the aforementioned rights, the user may request to PANEL by e-mail to firstname.lastname@example.org or use those established by the Spanish Data Protection Agency or third parties. These forms must be signed electronically or accompanied by a photocopy of the National Identification Card; In case of representation, a copy of the user’s National Identification Card must be attached or signed by an electronic signature. The forms can be presented in person, sent by letter or by mail to email@example.com.
Depending on the exercised right, PANEL will take a maximum of one month to respond from the reception of the request, and two months if the subject is very complex, in which case the user will be notified.
- Personal data will be maintained while the user remains linked to the Treatment Manager.
- Once dissociated, the data processed for each purpose will be maintained during the legally stipulated deadlines, including the period in which a judge or court may request them, considering the limitation period for legal actions.
- The data processed will be maintained if the aforementioned legal deadlines do not expire, if there is a legal maintenance obligation, or if the legal term does not exist, until the interested requests their suppression or revocation of the consent granted.
- PANEL will keep all the information and communications related to the provision of the service, while the guarantees of the products or services last, to attend to possible claims.
- For more information about the conservation periods, you can consult the following table:
|Costumers||Commercial Invoices||Between 6 and 10 years|
|Commercial offers and budgets||5 years|
|Human Resources||Payroll, TC1, TC2, etc.||Between 4 and 6 years|
|Curriculum Vitae||Until the end of the selection process, and 1 more year with your consent|
|Severance pay docs.|
Temporary workers data.
|Worker’s file.||Until 5 years after the cancellation.|
|Marketing||Databases or web visitors.||While the deal lasts.|
|Provider||Commercial Invoice||Between 6 and 10 years|
|Access control and surveillance||Visitor list||30 days|
|Videos||30 days blocking|
3 years destruction
|Accounting||Books and accounting documents.|
Partner agreements and directors board, company bylaws,minutes,director board regulation and delegated committees.
Financial statements, audit reports.
Records and document related to grants
|Fiscal||Take over the administration of the company, rights and obligations related to the payment of taxes.|
Administration of dividend payments and tax withholdings.
|Security and health||Medical workers records||5 years|
|Environment||Information chemical and dangerous substances.||10 years|
|Documents related to environmental permits (While the activity is being carried out).||3 years after the activity closing|
10 years (crime prescription)
|Records on recycling or waste disposal||3 years|
|Subsides for cleaning operations must keep the documents of rights and obligations, receipts and payments.||4 years|
|Accidents reports |
|Insurance||Insurance Policy||6 years (general rule)|
2 years (damages)
5 years (personal)
10 years (life)
|Purchases||Register all goods deliveries or services, intra-community acquisitions, imports and exports for IVA purposes.||5 years|
|Juridical||Industrial and Intellectual property docs|
Contracts and agreements.
|Permits, licenses and cerificates||6 years from the permit, license or certificate expiration date.|
10 años (penal provision)
|Confidentiality and non-competition agreements.||Allways the term of the obligation or confidentiality|
|LOPD||Treatment of persoanl data, if is different from the notified treatment to AEPD||3 years|
|Personal data of employees stored in the networks, computers and communications equipment used by them, access controls and internal management/administration systems.||5 years|