Estás aquí:

Confidentiality and Data Protection Policy

ARJORD TRADE CORPORATION, SL (hereinafter the Entity) is committed to due diligence and compliance with Data Protection regulations.

Below is detailed information on the confidentiality and personal data protection policy in compliance with the provisions of article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016. , regarding the protection of individuals with regard to the processing of personal data and the free movement of such data (General Data Protection Regulation or GDPR) and article 11 of the Organic Law 3/2018, Protection of Personal Data and Guarantee of Digital Rights (LOPD GDD).

Data of the person in charge of the Treatment and contact of the person in charge / Data Protection Delegate (RPD / DPD):

  • Identity: ARJORD TRADE CORPORATION, SL
  • Address / C.P:C/ Ter 10, Nave 1 in Palau-Solità i Plegamans, 08184 Barcelona,
  • Phone: +34. 936.296.816
  • E-mail:prl@ajtc.es
  • Contact details of the DPO / DPD: Montse Tosas
  • Data Protection Channel: corporate-ethicline.com/ajtc

 

Purposes of the treatment

The Entity will process the information provided by interested persons for the following purposes:

  • Manage your attention, visit and meeting in our facilities.
  • Manage the provision and performance of services and products
  • Manage any type of request, suggestion or request about our professional services that interested people ask us.
  • Informative and commercial communications: treatment of your data in order to inform you about activities, articles of interest and general information related to our activity and the contracted services / products.
  • Manage data provided by candidates for a job through the Curriculum Vitae (CV) or other means for the purpose of the selection and recruitment process.
  • Guarantee the security of offices, facilities and people through access controls, video surveillance systems and other access control/identification systems.
  • Comply with legal provisions that apply to the Entity and its activities in health, equality and prevention of occupational risks.
  • Manage and control the operation of internal mechanisms, policies and protocols established by the Entity for the purposes of regulatory compliance and management of complaint channels for this purpose.
  • All those treatments that are applicable to us for due compliance with the regulations and official / sectoral requirements to which our activity is subject.

For the good purpose and development of your attention and management of the above purposes, the processing of your data for the purposes that correspond to those mentioned above will be carried out under the strictest compliance with the Data Protection regulations and the Policy that we are detailing You may exercise your rights at any time (see specific section).

 

Data retention criteria

  • Management of services / products contracted with the Entity: The personal data provided in the contracts, offers and/or proposals for services, as well as those of the rest of the people whose intervention is necessary, will be kept during the time that the contracted services are in force. At the end of the provision of the contracted service/s, the personal data will be kept in the event that responsibilities could arise with the Entity and/or in compliance with other regulatory frameworks that are applicable to the Entity or a rule with the force of law that requires the conservation of these. Personal data will be kept in a way that allows the identification and exercise of the Rights of those affected and, under the legal and organizational technical measures that are necessary to guarantee their confidentiality and integrity.
  • Curriculum Vitae Management: the Entity, as a rule, keeps your Curriculum Vitae for a maximum period of one year; Once said period has elapsed, it will be automatically destroyed, in compliance with the principle of data quality.
  • Work Contract Management: The personal data will be kept, in any case, during the time that the employment relationship is in force and, at the end of it, in the cases that responsibilities could be derived between the parties and when required by a regulation with the force of law.
  • Others: The rest of the data and information provided by the user by any means will be kept for as long as necessary to fulfill the purpose for which they were collected.

 

Legitimation

The legal basis that enables the Entity to be able to process the personal data of users, customers, potential customers under the following headings:

  • The consent of the interested parties for the processing and management of any request for information or consultation about our services and products.
  • The consent given by job candidates for selection and recruitment purposes.
  • The framework for the provision and/or contracting of services/products with the Entity.
  • The legitimate interest to send informative, commercial and/or promotional offers related to the activity of the Entity and the services/products contracted via email or any other means.
  • Compliance with legal obligations and internal regulatory compliance procedures.
  • The legitimate interest to guarantee the security of offices, facilities and people.

 

Recipients

No personal data is transferred to third parties, except as provided by law.

Origin

Personal data is obtained directly from interested persons and from our collaborators. The categories of personal data provided to us are the following:

  • Identification data.
  • Postal or electronic addresses.
  • Data provided and/or consented to by the interested parties themselves, related and necessary for the management and realization of the requested service/product.


Rights

Right of Access, Rectification and Deletion: Interested persons have the right to obtain confirmation as to whether or not the Entity is processing personal data that concerns them. Interested persons have the right to access their personal data, as well as to request the rectification of inaccurate data or request its deletion when, among other reasons, the data is no longer necessary for the purposes for which it was collected.

Right to Limitation and Opposition: In certain circumstances, the interested parties may request the limitation of the processing of their data, in which case we will only keep them for the exercise or defense of claims. In certain circumstances and, for reasons related to their particular situation, the interested parties may oppose the processing of their data. The Entity will stop processing the data in this case, except for compelling legitimate reasons, or for the exercise or defense of possible claims.

Right to revoke the consent given: Interested parties have the right to withdraw their consent at any time, except in the case of personal data processing provided for in the Data Protection regulations or necessary for the provision of the contracted service, which do not require said consent. However, this withdrawal does not have retroactive effects, so it will not affect the legality of the treatment based on previously granted consent.

Said rights may be exercised in our Data Protection Channel, whose access data is detailed at the beginning of this Policy.

Security and Control Measures

General

In compliance with data protection regulations, the Entity will process personal data applying the appropriate technical, legal, organizational and security measures, in order to guarantee the confidentiality and integrity of the information it manages in accordance with the provisions of current regulations.

We appreciate that you inform the Data Protection Officer / Delegate through the contact details / Channel established in this Privacy Policy, any security risk, of which you have indications or knowledge, that may compromise integrity and confidentiality. of personal data and/or confidential information, in order to be able to adopt the necessary measures to prevent its unauthorized treatment, loss, destruction or accidental damage.

cybersecurity

As a specific and complementary concept to the above, the Entity applies cybersecurity measures to prevent and manage possible attacks and fraud by cybercriminals that violate the privacy and protection of the data that our Entity processes and accesses in the scope of its activities. and operations.

In this sense, we want to alert you that in the event of possible risk situations due to communications whose content and/or format raise doubts about authenticity, we recommend omitting them and contacting the Data Protection Officer/Delegate through the contact information indicated in this document. Privacy Policy.

Likewise, any request that you receive originating from our Entity regarding changes in payment methods, request for data or contact persons or confidential (non-public) information, bank and/or credit card details and/or other official data, It should not be attended to without the direct confirmation of our Entity by another alternative means. We appreciate and need your collaboration for your communication and complaint about any notification about this type of request and other possible situations of risk of cyberattacks in which our Entity may be used, as well as for any possible security risk that you may be aware of.

Data Protection Channel

The Entity has implemented a Channel, contemplating the highest commitment, rigor and professionalism in terms of security, experience, independence and knowledge in the treatment of communications received.

The Channel, which includes use in the field of Data Protection, has been implemented through a web platform, developed and managed by an independent external expert, to provide and guarantee our previous commitments.

through the channel, may communicate and process the exercise of their Rights (see previous section) and communicate any indication or knowledge that he had of possible security breaches, cyberattacks and/or of Possible breaches or irregularities regarding the Data Protection regulations, this Policy of the Entity and all the aforementioned aspects of confidentiality and business secrets.

The access data to the Channel are detailed at the beginning of this Policy.

control authority

In the event of disagreements with the Entity in relation to the processing of your data, you have the right to file a claim with the corresponding Data Protection Control Authority. In Spain, said Authority is the Spanish Agency for Data Protection (www.aepd.es).

 

Care and support

Interested persons may communicate to the Entity any questions about the processing of their personal data or interpretation of our Policy, by contacting the Data Protection Officer / Delegate (RPD / DPD) at the address indicated at the beginning of this Policy. .