PRIVACY POLICY

 

  1. Introduction.

We have a high level of commitment to people's privacy, so the protection of personal data is important to us.

We treat the data in accordance with the provisions of the EU Regulation 2016/679 General Data Protection, Organic Law 3/2018 on the Protection of Personal Data and Guarantee of Digital Rights and other regulations in force in this regard.

This Privacy Policy has been revised in January 2024 to comply with the duties of information and transparency of the website itself and general of the person in charge, to provide any type of interested party and not only users of the website the general terms of the person responsible for the matter. Variations may exist until your next revision.

 

  1. Who is responsible for processing your data?

Responsible: SIT ON CLOUD SLU

NIF / CIF: B73965907

Address: EL DESCANSO, N.º 102 MAILBOX 25. 30890 PUERTO LUMBRERAS (MURCIA)

E-mail: privacy@sunube.es

 

  1. What is the origin and type of data we process?

The origin of the information we process can be any of the following categories:

  • Paper, electronic or digital forms.
  • Communication and messaging systems: email and messaging applications, telephone, etc.
  • Other lawful sources and origins of information.

The different categories of data that we can treat depending on the type of interested party (user, client, supplier, employee, etc.) and the nature of the activity of the person in charge and the different data treatments are:

  • Identification data, for example: name and surnames, image.
  • Identification codes or keys, for example: username, employee code.
  • Postal or electronic contact addresses, for example: telephone, email, profile on social networks.
  • Data of personal and professional characteristics, for example: age, date of birth, qualifications, professional experience, curriculum.
  • Economic, financial and insurance data; for example: bank details, credit card, etc.
  • Economic and non-economic payroll data and other information of a labor nature; for example: job position, payroll document, etc.
  • Transaction data, for example: goods and services supplied and received.
  • Other data and information necessary or implicit in the development of our activities, services and object.

MANDATORY OR OPTIONAL NATURE OF THE INFORMATION PROVIDED BY THE INTERESTED PARTY.

The interested party, by checking the corresponding boxes and entering data in the fields, marked as mandatory completion (for example, with an asterisk) in the contact form or presented in download forms, expressly and freely accept and unequivocal, that your data is necessary to respond to your request, by the person responsible, the inclusion of data in the remaining fields being voluntary.

The interested party guarantees that the personal data provided to the person responsible is true and undertakes to communicate any modification thereof. The data requested through the website, marked as mandatory, are necessary to provide an optimal service to the interested party. If all data is not provided, it is not guaranteed that the information and services provided are completely tailored to your needs.

 

 

  1. For what purposes do we process your data?

In general, the data is processed to successfully carry out the actions implicit in the normal development and management of the activity of the person in charge. Although we can specify different treatment purposes depending on the possible existing categories of interested parties:

  • Clients and potential clients: management and maintenance of commercial, pre-contractual and contractual relationships; internal administration; economic management; advertising and marketing, customer service.
  • Collaborators, creditors and suppliers: management and maintenance of business relationships, internal administration and financial management.
  • Working people: management, development and maintenance of the employment relationship, human resource management, communications, training activities, occupational risk prevention, registration of the working day and other purposes derived from legal obligations and development of employment relationships.
  • Candidates: management of resumes received, management of job offers and personnel selection.
  • Web and social network users: user service and management of communications between the parties.
  • The existing information of any other category of interested parties treated by the person in charge will be done within the framework of its activity, in strict compliance with the applicable regulations and under the general criteria of this Privacy Policy.

Other general purposes that the person in charge can implement are:

  • Preparation of a commercial profile, with the aim of improving your experience by personalizing offers and communications. No individualized decisions will be made based on said profile and the legitimate interest will be acted upon.
  • Video surveillance, for the security of goods and people, as well as the corresponding labor control based on legitimate interest.
  • Telephone switchboard, in order to record communications for security, guarantee and quality of care, based on legitimate interest.
  • Financial management and control of monetary obligations. In the case of debtors with certain pending payments, due and payable, the person responsible may communicate this circumstance to credit solvency files, debtor files, and debt management or collection services, among others, based on legitimate interest.
  • Communications: development and execution of communications through the data and means of contact available (email, instant messaging, etc.) with categories of internal (employees) and external stakeholders (customers, potential employees, suppliers, etc.) . The purposes of said communications may be informative, organizational, commercial and advertising, as appropriate based on the informed consent and the legitimate interest of the person in charge.
  • Other purposes derived from the nature of the person in charge, motivated by the normal development and exercise of its activity, from a valid legitimizing basis.

 

  1. How long will we keep your data?

In general, personal data will be kept at least as long as there is a relationship with the interested party, as long as its deletion is not requested, as long as responsibilities may arise or as long as there is any legal provision for conservation.

With regard to the data of job candidates and applicants, they will be deleted immediately when they are not of interest to the person in charge.

The data controller has in its data protection plan an inventory of retention periods that it observes to manage the different applicable retention periods.

The deletion of the data will be carried out in any case ensuring the confidentiality of these.

 

  1. What is the legitimacy for the treatment of your data?

The person in charge observes and applies the different existing legitimizing bases that are applicable to each purpose of treatment. These are:

  1. Informed consent of the interested party.
  2. Pre-contractual or contractual commitments.
  3. Legitimate interest of the person in charge.
  4. Applicable legal obligations.
  5. Other legally prescribed legitimating bases.

 

  1. To which recipients will your data be communicated?

The data of the interested parties will not be communicated to any third party by default, except: a) auxiliary services, authorized treatment managers or other implicit third parties necessary in the correct provision of goods and services; b) competent authorities and public administrations in the exercise of their functions; c) other legitimate interested parties and legally provided third parties.

 

  1. What are your rights when you provide us with and / or process your data?

As an interested party, you may at any time request the exercise of any of the following rights that assist you in data protection matters:

  • Access to the personal data of the interested party to confirm whether or not they are treating data that concerns them and obtain more information about this treatment.
  • Rectification or Deletion of personal data concerning the interested party when, among other reasons, they are inaccurate or are no longer necessary for the purposes for which they were collected.
  • Limit the processing of the personal data of the interested party in certain circumstances, in which case they will only be kept for the purpose of exercising or defending claims, for the protection of the rights of another person or for reasons of public interest.
  • Receive the personal data that concerns you, that you have previously provided us, and in a structured format whenever possible. (Portability of your data).
  • Oppose the processing of your data in certain circumstances and for reasons related to your particular situation. The company will stop processing your data, except for compelling legitimate reasons, or the exercise or defense of possible claims.
  • Revoke consent, which may lead to the cancellation or cancellation of the existing business or contractual relationship, if any. Without prejudice to the treatments carried out prior to the withdrawal of consent.

For this, you will only have to contact us through the email or postal address indicated at the beginning.

Optionally you can also contact our data protection delegate appointed, or to Agency of protection of data to learn more about your rights or request their protection by the supervisory authority.

 

  1. Data security.

We adopt the necessary technical and organizational measures in our information system to guarantee an adequate level of confidentiality, integrity, availability and resilience of the data in order to protect the rights and freedoms of the interested parties.

The controller complies with the provisions and principles described in the GDPR to process data in a lawful, fair and transparent manner in relation to the interested party, and adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.

However, as far as the legal system allows it, we do not assume any responsibility for the damages of alterations that third parties may cause in our information system. Any breach of security will be conveniently and immediately reported to the competent authority and/or State security forces and bodies.

 

  1. Sending communications or information.

Our policy regarding the sending of information through telematic means (email, instant messaging, etc.), is limited to sending only communications that we consider of interest to our users and interested parties, in relation to the functions and activity of the company, or that you have consented to receive.

If you prefer not to receive these messages, we will offer through them the possibility of exercising your right to cancel and waive the receipt of these messages, in accordance with the provisions of Title III, Article 22 of Law 34 / 2002 of Services for the Information Society and Electronic Commerce.

 

  1. Social networks.

The person responsible may have a presence on social networks through the corresponding profiles, this section and any legal and privacy terms present on the website being applicable for the processing of data of users or interested parties who become followers or of any way they are linked to said profiles.

The purposes of use of these profiles by the controller are communication, commercial development, marketing and advertising, processing queries posed to the controller and user service, reporting on actions, activities and events organized by the controller or in which the controller participates, and interact through official profiles.

The legitimizing bases set out in section 6 above are complemented in this case because the user or interested party may have a profile on the same social network as the person responsible and has decided to join or connect with the profile of the person responsible, thus showing interest in the published information. by the person responsible. Therefore, when following the profiles of the person responsible, you provide your consent for the processing of the data available in your profile.

The user can access the privacy policies and terms of the corresponding social network at any time, as well as configure the privacy features that may be carried out in their profile. The publications made by the user will be known by other users, so the user himself is primarily responsible for his privacy.

Users who are followers and/or participants in our profiles will refrain from:

  1. To publish content or information contrary to the Laws, morality, and good faith. Any illicit, annoying, inappropriate use or behavior that may generate negative opinions in the profile or that violates the rights of people is not allowed.
  2. To behave contrary to the principles of legality, honesty, responsibility, protection of human dignity, protection of minors, protection of public order, protection of private life, consumer protection and intellectual and industrial property rights.

The person in charge reserves the power to withdraw without prior notice any content that is considered inappropriate. Likewise, it is released from any responsibility in relation to the security measures corresponding to each platform, and the user must know them together with the legal terms and conditions of use of the platform itself.

The person responsible will be expressly exonerated from any responsibility that may arise from the use of social networks by minors or people with special abilities. The social networks of the controller do not knowingly collect any personal information from minors, therefore, if the user is a minor, they should not register or use the social networks of the controller, nor provide any personal information. Particularly in Spain, the processing of personal data of a minor can only be based on 14 years of age or older. On the other hand, if any rule or regulation requires it, or the user has special abilities, the intervention of the holder of his or her parental authority or guardianship will be necessary, or his or her legal representative through a valid document that certifies representation.

 

  1. Employment and candidate management

Those interested in accessing job offers from the person in charge can provide their data and professional information to the person in charge through different channels, preferably through existing forms, email addresses, and existing means for this purpose, if applicable.

These data will be processed in accordance with these privacy terms present herein for the purpose of managing applications for possible job offers, internships and training of the responsible entity and any subsidiary companies or companies belonging to the same business organization, when it exists and corresponds. .

The treatment will be carried out based on the informed consent of the interested party or another valid legitimizing basis.

The data provided, if they are not of professional interest for the entity or once they are no longer necessary for the purposes for which they were collected, will be eliminated ensuring their confidentiality and anonymization.

Any interested party may revoke their consent and exercise their privacy rights under the terms set forth in this privacy policy.