PRIVACY – ADDITIONAL INFORMATION


The Privacy Policy is part of the General Conditions that govern this Website. VERSION 20-04-2018

Who is responsible for processing your data?

MEDITERRANEO GLOBAL SERVICES 2010, S.A.U. - MGS
Domicile: Avenida de la Estación nº5 esc izq entlo 1-8
C.P. 03003
Alicante.
Tax ID No.: A54530043
Tel: +34 965 14 34 46
Email: info@mediterraneoglobal.es

You can contact us using any of the means above.We reserve the right to modify or adapt this Privacy Policy at any time. We advise you to read it; if you have already registered you will be informed of the changes when you access your account or profile.

If you belong to one of the following groups, please refer to the information below:

WEBSITE OR EMAIL CONTACTS

What data do we collect through the website?

We can anonymously process your IP-address, identify the operating system or browser you are using, and also the length of your visit.

If you give us information in the contact form, you will be identifying yourself so we can contact you, if necessary.

  • Replying to your questions, applications or requests.
  • Managing requested services, answering or processing your request.
  • Information electronically, with regard to your request.
  • Commercial information or information regarding events electronically, subject to express authorisation.
  • Performing online analysis and improvements of our products and services.

Acceptance and consent of the interested party: In cases where you must fill in a form and click the Send button to make a request, doing so will necessarily mean that you have been informed and have expressly granted your consent to the content of the clause attached to the form or acceptance of the privacy policy.

All our forms display the * symbol for mandatory data. If you do not fill in these fields or tick the checkbox to accept the privacy policy, the information will not be sent. It is usually worded: “I am over 14 years of age and I have read and accept the Privacy Policy.”

NEWLETTER CONTACTS

What data do we collect through the newsletter?

All our forms display the * symbol for mandatory data. If you do not fill in these fields or tick the checkbox to accept the privacy policy, the information will not be sent. It is usually worded: “I am over 14 years of age and I have read and accept the Privacy Policy.”

You can subscribe to the newsletter on the website by sending us your email address, to which the newsletter will be sent.
We will only store your email address in our database, and will send you emails periodically, either until you unsubscribe or we stop sending emails.
You will always be given the option to unsubscribe in every message.

  • Processing the requested service.
  • Information electronically, with regard to your request.
  • Commercial information or information regarding events electronically, subject to express authorisation.
  • Performing analysis and improvements of email communications, to improve our business strategy.

Acceptance and consent of the interested party: In cases where you subscribe, you must tick a checkbox and click the Send button. This will necessarily mean that you have been informed and have expressly granted your consent to receiving the newsletter.

If you do not tick the checkbox to accept the privacy policy, the information will not be sent.
It is usually worded: “□ I am over 14 years of age and I have read and accept the Privacy Policy.”

If you do not tick the checkbox to accept the privacy policy, the information will not be sent.
It is usually worded: “□ I am over 14 years of age and I have read and accept the Privacy Policy.”

CUSTOMERS

What data do we use from our customers?

  • Preparing proposals and monitoring them through correspondence between both parties.
  • Information electronically, with regard to your request.
  • Commercial information or information regarding events electronically, subject to express authorisation.
  • Managing the administrative, communications and logistics services provided by the Controller.
  • Billing and declaring the appropriate taxes.
  • Carrying out the corresponding transactions.
  • Managing payments and debt recovery.

PROVIDERS

What data do we use as a provider?

  • Information electronically, with regard to your request.
  • Commercial information or information regarding events electronically, subject to express authorisation.
  • Managing the administrative, communications and logistics services provided by the Controller.
  • Billing.
  • Carrying out the corresponding transactions.
  • Billing and declaring the appropriate taxes.
  • Managing payments and debt recovery.

The legal grounds are established with the acceptance of a contractual relationship, failing which your consent is granted when contacting us or offering your products by any means.

SOCIAL NETWORK CONTACTS

What data do we use from social networks?

  • Replying to your questions, applications or requests.
  • Managing requested services, answering or processing your request.
  • Connecting with you and creating a community of followers.

The acceptance of a contractual relationship in the environment of the corresponding social network, and in accordance with its privacy policies:

Facebook http://www.facebook.com/policy.php?ref=pf

Instagram https://help.instagram.com/155833707900388

Twitter http://twitter.com/privacy

Linkedin http://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv

Pinterest https://about.pinterest.com/es/privacy-policy

Google* http://www.google.com/intl/es/policies/privacy/

*(Google+ y Youtube)

How long will we keep personal data?

We can only consult or delete your data in a restricted way through a particular profile. We will process this data as long as you follow us, are our friend or press “like”, “follow” or similar buttons.

You must amend your data or restrict information or publications in your user or profile settings on the social network itself.

JOB-SEEKERS

What data do we use from your CV?

  • Organising recruitment processes to hire employees.
  • Scheduling job interviews and evaluating your application.
  • If you have given us your consent, we can pass your CV on to collaborating or related companies, with the sole purpose of helping you find a job.
  • If you tick the checkbox to accept the privacy policy, you give us your consent to share your job application to other companies in the group, with the aim of including you in their recruitment processes.

Similarly, we advise you that one year after receiving your CV, we will destroy it securely.

The legal grounds are your unequivocal consent, granted by sending us your CV.

Do we include personal data from third parties?

No, as a general rule we only process data provided by owners. If you provide us with third party data, you must inform these people first and request their consent, or otherwise you will exempt us from any liability due to the breach of this requirement.

And data belonging to minors?

We do not process data for children under 14 years of age. Therefore, please refrain from providing this data if you are not old enough or, where applicable, refrain from providing the data of third parties under the aforementioned age. MEDITERRANEO GLOBAL SERVICES 2010, S.A.U. is exempt from any liability for the breach of this requirement.

Will we contact you by email?

  • Only to manage your request, and if you have given it to us as a means of contact.
  • We will only send you advertising material, if you have previously and expressly given your authorisation to receive it.

What are our security measures?

You can rest assured. We have adopted an optimal level of personal data protection for the data we handle, and we have installed all the mechanisms and technical measures at our disposal and in line with technology to prevent the loss, misuse, alteration, unauthorised access and theft of Personal Data.

With whom will your data be shared?

Your data will not be passed on to third parties, except when legally obliged to do so. Specifically, the National Tax Administration Agency, banks and financial entities will be notified to collect for the service provided or product purchased, as well as those responsible for the processing of data required to execute the agreement.

In instances where purchases or payments are made, through any application, website, platform, bank card or any other online service, your data will be transferred to that platform or processed in its environment, always ensuring maximum security.

When requested, the web development and maintenance company or the hosting company will have access to our website. They will have signed a service provision contract requiring them to maintain the same level of privacy as we do.

Any international transfer of data when using American applications, will adhere to the Privacy Shield framework, which guarantees that American software companies comply with European data protection requirements with regard to privacy.

What rights do you have?

  • To know whether or not we are processing your data.
  • To access your personal data.
  • To request your data be amended if it is inaccurate.
  • To request your data be deleted if it is no longer required for the purposes for which it was collected or if you withdraw the consent granted.
  • To request that the processing of your data be limited, in some instances, in which case we will only retain your data in line with current regulations.
  • Portability of your data, which will be provided to you in a structured format, for common use or mechanical reading. If you prefer, we can send your data to a new controller of your choice. This is only valid in certain circumstances.
  • To file a claim with the Spanish Data Protection Agency or competent monitoring authority, if you believe that we have not processed your data properly.
  • To withdraw consent, at any time, for any processing to which you had previously given consent.

If you modify any piece of data, we would be grateful if you could please inform us so we can keep it updated.

Would you like a form to exercise your rights?

  • We can provide forms for you to exercise your rights. You can request them by email or if you prefer, you can use those drawn up by the Spanish Data Protection Agency or third parties.
  • These forms must be signed electronically or accompanied by a photocopy of your National ID Document [DNI].
  • If someone is representing you, you must attach a copy of their DNI, bearing their electronic signature.
  • The forms can be submitted in person, sent by post or emailed to the address of the controller at the beginning of this text.

How long does it take to respond to your Exercise of Rights?

It depends on the right you are exercising, but a maximum of one month from your request, and two months if the matter is particularly complicated, whereupon we will notify you that we need more time.

Do we process cookies?

If we use other types of cookies that are not necessary, you can view the Cookies Policy using the corresponding link at the home menu of our website.

How long will we keep your personal data?

  • Personal data will be retained while you are still connected with us.
  • Once you leave, the personal data processed for each purpose will be retained for the legally required timeframes, including the period in which a judge or court may require them, taking into account the limitation period for legal actions.
  • If there is a legal obligation to retain it, processed data will be retained until the expiry of the aforementioned legal timeframes; or, where this legal timeframe does not exist, until the interested party requests that they are deleted or withdraws the consent granted.
  • We will retain all the information and correspondence relating to your purchase or the provision of our service, for as long as the guarantees of the products or services are valid, to handle possible claims.
  • Set out in the table below is the specific period for processing each type of data:
File Document Period retained
Customers Invoices 10 years
Forms and receipts 15 years
Contracts 5 years
Human Resources Payslips, TC1, TC2 etc. 10 years
CVs Until the end of the recruitment process, and a further 1 year with your consent
Severance pay documents Contracts. Information about temporary staff 4 years
Up to 5 years after leaving
Marketing Databases or website visitors During processing
Providers Invoices 10 years
Contracts 5 years
Access control and video surveillance Visitor list 30 days
Videos 30 days restricted 3 years destroyed
Accounts Accounts ledgers and documents. Partner and board of directors agreements, company bylaws, minutes, regulations from board of directors and executive committees. Financial statements, audit reports Records and documents regarding grants 6 years
Health and Safety Company administration, rights and obligations regarding the payment of taxes. Managing dividend payments and tax withholdings. 10 years
Information on intra-group price arrangements 18 years 8 years for intra-group deals on price agreements
Insurance Employees’ medical records 5 years
Purchases Information on chemical or extremely hazardous substances 10 years
Documents relating to environmental permits While the activity is being carried out. . 3 years after the activity has finished 10 years (statute of limitations)
Records on recycling or waste disposal 3 years
Grants for cleaning operations; documentation relating to rights and obligations, receipts and payments must be retained. 4 years
Accident reports 5 years
Purchases Insurance policies 6 years (general) 2 years (damage) 5 years (personal) 10 years (life)
Legal Record of all goods deliveries and service provisions, intra-community purchases, imports and exports for VAT purposes. 5 years
Personal Data Protection Law [LOPD] Intellectual and Industrial Property documents. Contracts and agreements. 5 years
Permits, licences, certificates 6 years from the expiry date of the permit, licence or certificate. 10 years (statute of limitations in criminal law)
Confidentiality and non-compete agreements Always for the duration of the obligation or confidentiality
LOPD Processing personal data, if different from the processing notified to the Spanish Data Protection Agency. 3 years
Employees’ personal data stored on the networks, computers and communications equipment used by them, access controls and internal management/administration systems 5 years