Follow us:

Data protection policy

1. BASIC INFORMATION ON DATA PROTECTION

Controller:  CLECE VITAM, S.A.
Main Aim:User Management and dealing with requests.
Legal basis:Consent of the interested party.
Recipients:Data shall be given to third parties to meet legal obligations or with prior consent.
Rights:To Access, Rectify, and Delete Data and other rights as explained in the Data Protection policy – Additional Information.
Additional information:Consult the Personal Data Protection Policy on the web site (Additional Information).

2. PERSONAL DATA PROTECTION (ADDITIONAL INFORMATION)

Updated GRPD version, 01/09/2022

DATA CONTROLLER
Identity: CLECE VITAM, S.A.
Company tax code: A-87045456
Postal Address: Avda de Manoteras 46, 2º (28050-Madrid)
Telephone: 917459320
Contact: Data Protection Officer (DPO): rgpd-clecevitam@clecevitam.com

PURPOSE
Data gathered through the web site is incorporated into files owned by the company for the following purposes:

  • Managing requests made through the web site whether using the contact facility or any other type of on line form or email request.
  • Waiting list management.
  • Sending newsletters and alerts through any channel, including electronic means (such as email, web notifications, SMS) and through the post regarding news, articles, activities, events, and competitions that may contain commercial information on products, services, offers and promotions relating to activities undertaken by the companya.
  • In the event that you state you do not wish to receive commercial information in the future, your data (name, surname and email) shall be included in the exclusion file in order to avoid sending unwanted information.
  • Managing recruitment and selection for specific positions and maintaining the jobs pool.
  • Ethics channel: Dealing with communications received through the various media or channels made available, such as the email address on the company’s website, telephone (24/7) and the web platform managed by the contracted data processor, with the guarantee of maintaining the sender’s absolute confidentiality and that no reprisals of any kind will be taken for acting in good faith.
  • Treatment of user data from social networks through corporate profiles.
  • Own and third party cookies based on preferences.

Replies to questions on personal data that appear in forms marked with an asterisk (*) are obligatory.

LEGAL BASIS

  • Legitimate interest in the treatment of your data based on the response to your request, or request for, or offer of, information.
  • Consent of the interested party; sending commercial communications, communicating data to subsidiary companies, publishing data associated with the diffusion of activities (events, competitions).
  • Public interest (Ethics channel): The communications channel (ethics channel) is based on the existence of a public interest, in the terms established in article 6.1.e) of the General Data Protection Regulation, on detecting and preventing complaints and the corresponding prevention of damages and risks of liability to CLECE and as defined in article 24 of Organic Law 3/2018.

DATA RETENTION
Retention periods for your data are determined in accordance with current legislation, regulations, or applicable legal provisions in force, or in any event:

  • For users that send requests and/or queries: within the time needed to attend to the same.
  • Communications concerning publicity and promotions: when the user requests deletion, except for data handled as part of commercial activities within the Exclusion Register.
  • The retention period for professional data from your curriculum that can be sent through media enabled by the web site shall be 5 years. Following this, the data will be destroyed. Once the period established ends, or in those circumstances where the data is discarded during the current selection process, your data shall be stored for future recruitment purposes provided we have your consent, in which case you are responsible for maintaining and sending your updated details.
  • Ethics channel: Will be held in the complaints reception system solely for the length of time needed to ascertain the facts reported. In any event, the information must be removed from the system three months after it was entered. However, it may be processed outside of the system to investigate the facts reported for as long as is necessary until such time as the matter is concluded. Once the investigation of the communication has concluded and any appropriate actions have been taken, the data pertaining to said complaints that have been processed will be held and duly blocked in compliance with any applicable legal obligations. If the decision is made not to take the complaint filed any further, the information may be held in said system in anonymised form.

RECIPIENTS
Data shall be provided to competent public entities in those cases where there is a legal requirement to do so.

Professional data from your curriculum may be communicated to subsidiary companies for the sole purpose of employment, provided we have your consent.

Management of the web site implies service providers may access your data in order to carry out Data Processing. Access shall be subject to all security measures necessary to safeguard and protect your information as regulated in the contract. Said provision shall at no time constitute a transfer of data.

Those interested in doing so have the right to obtain information on whether the company is handling their personal data.
You have the right to request:

  • Access to your personal data.
  • Rectification of incorrect data.
  • Deletion of your data, when amongst other reasons, is not necessary for the purposes for which it was gathered.
  • Limiting the treatment of your data, in which case it is solely kept for the exercise or defence of claims.
  • Challenging the treatment of your data, in specific circumstances and for reasons related to their particular situation. The company shall cease handling the data, except for imperative legitimate reasons or in exercising or defending possible claims.
  • Portability of data.
  • You have the right to withdraw the consent granted at any time, without this affecting the legality of the treatment based on your consent prior to its withdrawal.

Rights recognised under Regulation (UE)2016/679 may be exercised directly or through a legal or voluntary representative.
Your rights may be exercised through a request sent through computer systems using the email contact for the Data Protection Officer or sending/delivering your request to the address indicated above.

To obtain information on your rights you can visit: https://www.aepd.es/reglamento/derechos/index.html

If you do not obtain satisfaction after exercising your rights, you can present a claim to the Spanish Data Protection Agency.

SECURITY LEVELS
The company has implemented measures and technical means that are available to you in order to avoid improper use, alteration, loss, unauthorised access or theft of the personal data you have provided.

HTTPS (Hyper Text Transfer Protocol Secure) appears in the URL address of this web page where it is protected by an SSL certificate that guarantees the secure send of data gathered through forms, subscription, etc. Details of the certificate, for example the issuing entity and the corporate name of the web site owner, can be seen by clicking on the padlock symbol on the navigation bar.

INTERNATIONAL DATA TRANSFER
Web hosting suppliers for the web site are service providers that may access your data for Data Processing purposes. As a rule, their servers must be located within the European Economic Space. If not, we always ensure that said suppliers are located in countries with an adequate level of data protection and that offer guarantees that comply with European legislation in data protection, and in particular, the GRPD.

SOCIAL NETWORKS
Our company has a presence across different media and social networks, such as: Facebook, Twitter, YouTube, Instagram, Linkedin. The possible treatment of social network user data that the controller undertakes shall as a maximum be the data handling the social network allows corporate profiles.

The company reminds you that you must understand the privacy policies of said media or social networks with which you are registered in order to avoid sharing information you do not wish to share.

Privacy configurations are available for managing accounts on social networks in order to manage privacy preferences, identity, publicity and other contrary effects.

COOKIES
On our Web Site we use a technology called “cookies”. For more detailed information consult the Cookies Policy.

On viewing/accessing third party content, such as Youtube, through the web site, Vimeo, RRSS, you may have accepted the cookies on these web sites. These are not under our control.