PRIVACY POLICY

QUALITYFRY PRIVACY POLICY

PRIVACY POLICY

0.INTRODUCTION


Below, the privacy policy to which this website is subject is explained in detail. This policy provides information to website users about all relevant matters related to the processing of their personal data. The structure followed will be the one set out below. For any questions or clarifications, you may contact the person in charge of the site through the channels provided in this privacy policy.

  1. Introduction
  2. Identification of the data controller
  3. Details on data processing
    • a. Processing undertaken
    • b. Data conservation periods applicable to all data processing
    • c. Recipients, transferees, and international transfers
  4. Exercise of GDPR rights

1.IDENTIFICATION OF THE DATA CONTROLLER


DATA CONTROLLER:
The data controller for your personal data is QUALITYFRY SL. You can obtain all the contact information belonging thereto in this website’s legal notice.

2.PROCESSING DETAILS (PURPOSE, ORIGIN, LEGAL GROUNDS, DATA RECIPIENTS, AND DATA CONSERVATION PERIOD).


    1. PROCESSING UNDERTAKEN
      • Email:
        • A contact email is made available to website users on the website in order to establish effective communication between the entity responsible for the site and the user.
        • Data processed: email address of the website user and any other personal data that users provide the entity responsible for the site in their message.
        • Origin: the website user himself or herself.
        • Purpose: to answer the user’s query.
        • Legal grounds: consent.
        • Data conservation period: 1 year after the purpose has been fulfilled.
      • Telephone number:
        • A telephone number is made available to the website user on the website in order to allow for an efficient means of communication between the entity responsible for the site and the user.
        • Data processed: the website user’s telephone number and all the personal data that said individual discloses to the entity responsible for the site in the conversation.
        • Origin: the website user himself or herself.
        • Purpose: to handle the user’s call.
        • Legal grounds: consent.
        • Data conservation period: 1 year after the purpose has been fulfilled.
      • CV receipt:
        • Data: documents sent to the entity responsible for the site by the applicant; all content that is directly accessible through search engines; profiles that the applicant has on professional social networks; the data obtained in exams for employment access; and any information revealed in the job interview
        • Origin: the applicant or, in the event that the entity responsible for the site starts the search with third-party help, job portals, social networks, third-party websites, and other origins.
        • Purpose: to assess the applicant for the creation of a working relationship.
        • Legal grounds: execution of a contract in which the applicant is a party, or for the application (at the applicant’s request) of pre-contractual measures and, in the case of searches initiated by the entity responsible for the site, legitimate interest.
        • Conservation period: up to 2 years from receipt of the data sent by the candidate or the end of the process to which the applicant has applied — whichever is later.
      • Client contact form
        • Data: contact details and any other data provided by the website user in their correspondence.
        • Origin: the website user himself or herself.
        • Purpose: to establish a commercial relationship with the client and inform him/her about the company’s products.
        • Legal grounds: consent.
        • Data conservation period: up to 2 years after the purpose has been fulfilled.
      • Email feed (Newsletter):
        • Data: email address.
        • Origin: the website user himself or herself.
        • Purpose: to manage subscription to the company newsletter.
        • Legal basis: consent.
        • Data conservation period: until the user unsubscribes.
      • Area reserved for clients:
        • Data: identification and contact details
        • Origin: the website user himself or herself.
        • Purpose: to establish a business relationship with a potential client
        • Legal basis: consent.
        • Data conservation period: 1 year from the end of the business relationship.

 

For none of the aforementioned data processing cases are there automated decisions that may affect the rights of the website’s users.

Co-responsibility on social networks: QUALITYFRY SL is co-responsible, along with the owners of the social networks on which the company has an official profile, for the corresponding processing for initial user data collection. The social media site owners are co-responsible for the purposes of data management and the receipt of requests for the exercise of rights by website users.

b.DATA CONSERVATION PERIODS APPLICABLE TO ALL DATA PROCESSING
In certain cases, and when required by law, it will be necessary for the entity responsible for the site to keep personal data for a period longer than that indicated. Some examples are the following:

c.RECIPIENTS, TRANSFEREES, AND INTERNATIONAL TRANSFERS
En determinados casos y bajo la legitimación de una ley imperativa, será necesario que el responsable conserve los datos por un plazo superior al indicado. Algunos
ejemplos son los siguientes:

  • The entity responsible for the site does not transfer personal data to third parties except by legal obligation or in cases for which the website user provides his/her consent after having been duly informed.
  • International transfers of data are foreseen in relationship with the web analytics service via cookies provided by Google LLC.

3.EXERCISE OF GDPR RIGHTS


How can you exercise your rights?
Website users can send a written request to the office of entity responsible for the site or to the email address indicated above in this privacy policy. Said request must include a photocopy of the user’s national ID document or another similar identification document to exercise of the following rights:

  • Right to request access to personal data: you may ask the entity responsible for the site for access to the personal data that is being processed.
  • Right to request rectification (in the event the data on file is incorrect) or deletion.
  • Right to request the limitation of your data’s processing, in which case the data will only be kept by the entity responsible for the site in order to exercise or defend claims.
  • Right to oppose treatment: the entity responsible for the site will stop processing the data in the way you indicate, unless for compelling legitimate reasons or for the exercise or defence of possible claims that must continue to be processed.
  • Right to data portability: in the event that the user wants his/her data to be processed by another firm, the entity responsible for the site will facilitate the portability of his/her data to the new manager.

Models, forms, and more information on the rights referred to above: see the official page of the Spanish Data Protection Agency.

Possibility of withdrawing consent: in the event that consent has been granted for a specific purpose, the user has the right to withdraw consent at any time without this affecting the legality of the consent-based processing prior to withdrawal. The withdrawal of consent may have different effects depending on the data processing procedure in question. In any event, the user may contact the entity responsible for the site to request information in this regard.

How can you file a complaint with the supervisory authority?
If a user believes that there is a problem with the way in which the data controller is handling their data, they can direct their claims to both the controller and the corresponding data protection supervisory authority, the latter being the Spanish Data Protection Agency in Spain.