Privacy Policy

PRIVACY – EXTENDED INFORMATION

 

The Privacy Policy is part of the General Conditions that govern this Website.

MAY 2018 VERSION

 

Who is responsible for the processing of your data?

 

SILLAS MESAS HOSTELERIA SL

RÚA MALLOU DE ABAIXO, 51 15703 SANTIAGO DE COMPOSTELA

C.I.F. B70544762

 

Tfno: 625666775

Mail:  info@creandohosteleria.es

 

You can go in any way to communicate with us.

We reserve the right to modify or adapt this Privacy Policy at any time. We recommend that you review it, and if you have registered and access your account or profile, you will be informed of the changes.

 

If you are one of the following groups, check the drop-down information:

 

+ WEB OR EMAIL CONTACTS

What data do we collect through the Web?

We can treat your IP, what operating system or browser you use, and even the duration of your visit, anonymously.

If you provide us with information in the contact form, you will identify yourself so that we can contact you, if necessary.

 

• Answer your questions, requests or requests.

• Manage the requested service, answer your request, or process your request.

• Information by electronic means, related to your request.

• Commercial or event information by electronic means, provided there is express authorization.

• Perform analysis and improvements on the Web, on our products and services. Improve our business strategy.

 

The acceptance and consent of the interested party: In those cases where to make a request it is necessary to fill in a form and click on the send button, the completion of the same will necessarily imply that you have been informed and have expressly granted your consent to the content. of the clause attached to said form or acceptance of the privacy policy.

 

All our forms have the * symbol in the mandatory data. If you do not provide these fields, or do not mark the checkbox of acceptance of the privacy policy, the sending of the information will not be allowed. It usually has the following formula: “□ I have read and accept the Privacy Policy.”

 

 

+  NEWSLETTER CONTACTS

What data do we collect through the newsletter?

On the Web, it is allowed to subscribe to the Newsletter, if you provide us with an email address, to which it will be sent.

We will only store your email in our database, and we will proceed to send you emails periodically, until you request the cancellation, or we stop sending emails.

You will always have the option to unsubscribe, in any communication.

• Manage the requested service.

• Information by electronic means, related to your request.

• Commercial or event information by electronic means, provided there is express authorization.

• Perform analysis and improvements in sending mailing, to improve our commercial strategy.

 

The acceptance and consent of the interested party: In those cases where you subscribe, it will be necessary to accept a checkbox and click on the send button. This will necessarily imply that you have been informed and have expressly granted your consent to receive the newsletter.

If you do not mark the checkbox of acceptance of the privacy policy, the sending of the information will not be allowed. It usually has the following formula: “□ I have read and accept the Privacy Policy.”

 

 

• +SOCIAL NETWORKS CONTACTS

What data do we use from social networks?

• Answer your questions, requests or requests.

• Manage the requested service, answer your request, or process your request.

• Relate to you and create a community of followers.

 

The acceptance of a contractual relationship in the environment of the corresponding social network, and in accordance with its Privacy policies:

How long are we going to keep personal data?

We can only consult or cancel your data in a restricted way by having a specific profile. We will treat them as long as you leave us following us, being friends or giving “like”, “follow” or similar buttons.

Any rectification of your data or restriction of information or publications must be done through the configuration of your profile or user in the social network itself.

• +JOBSEEKERS

What data do we use from your CV?

• Organization of selection processes for hiring employees.

• Appoint you for job interviews and evaluate your candidacy.

• If you have given us your consent, we may transfer it to collaborating or related companies, with the sole purpose of helping you find a job.

• If you check the privacy policy acceptance checkbox, you give us your consent to transfer your job application to the entities that make up the group of companies in order to include you in their personnel selection processes

Likewise, we inform you that after one year from the receipt of your curriculum vitae, we will proceed to its safe destruction.

 

The legal basis is your unequivocal consent, when you send us your CV.

 

Do we include personal data of third parties?

No, as a general rule we only process the data provided by the owners. If you provide us with data from third parties, you must first inform and request their consent from said persons, or otherwise you exempt us from any responsibility for the breach of this requirement.

 

Will we carry out communications by electronic means?

• They will only be made to manage your request, if it is one of the means of contact that you have provided us.

• If we carry out commercial communications, they will have been previously and expressly authorized by you.

 

What security measures do we apply?

You can rest assured: We have adopted an optimal level of protection of the Personal Data that we handle, and we have installed all the means and technical measures at our disposal according to the state of technology to avoid loss, misuse, alteration, unauthorized access and theft of Personal Data.

 

To which recipients will your data be communicated?

Your data will not be transferred to third parties, except legal obligation. Specifically, they will be communicated to the State Tax Administration Agency and to banks and financial entities for the collection of the service provided or product purchased, as well as to those in charge of the necessary treatment for the execution of the agreement.

In case of purchase or payment, if you choose an application, website, platform, bank card, or any other online service, your data will be transferred to that platform or will be processed in its environment, always with maximum security.

When we order it, the web development and maintenance company, or the hosting company, will have access to our website. They will have signed a service provision contract that requires them to maintain the same level of privacy as us.

Any international transfer of data when using American applications will adhere to the Privacy Shield agreement, which guarantees that American software companies comply with European data protection policies in terms of privacy.

 

 

What rights do you have?

• To know if we are treating your data or not.
• To access your personal data.
• To request the rectification of your data if they are inaccurate.
• To request the deletion of your data if they are no longer necessary for the purposes for which they were collected or if you withdraw the consent granted.
• To request the limitation of the processing of your data, in some cases, in which case we will only keep them in accordance with current regulations.
• To carry your data, which will be provided to you in a structured, commonly used or machine-readable format. If you prefer, we can send them to the new manager you designate. It is only valid in certain cases.
• To file a claim with the Spanish Data Protection Agency or competent control authority, if you think we have not treated you correctly.
• To revoke consent for any treatment for which you have consented, at any time.

If you modify any information, we appreciate that you communicate it to us to keep it updated.

Do you want a form for the exercise of Rights?

• We have forms for the exercise of your rights, ask us by email or if you prefer, you can use those prepared by the Spanish Agency for Data Protection or third parties.
• These forms must be electronically signed or accompanied by a photocopy of the DNI.
• If someone represents you, you must attach a copy of their ID, or have them sign it with their electronic signature.
• The forms can be presented in person, sent by letter or by mail at the address of the Responsible at the beginning of this text.

 

How long does it take us to reply to the Exercise of Rights?

It depends on the right, but a maximum of one month from your request, and two months if the issue is very complex and we notify you that we need more time.

 

Do we treat cookies?

If we use other types of cookies that are not necessary, you can consult the cookie policy in the corresponding link from the beginning of our website.

How long are we going to keep your personal data?

• Personal data will be kept as long as you remain linked with us.
  Once you disassociate yourself, the personal data processed for each purpose will be kept for the legally stipulated periods, including the period in which a judge or court may require them, taking into account the statute of limitations for legal actions.
• The data processed will be kept as long as the aforementioned legal periods do not expire, if there is a legal obligation to maintain it, or if there is no such legal period, until the interested party requests its deletion or revokes the consent granted.
• We will keep all the information and communications related to your purchase or the provision of our service, while the guarantees of the products or services last, to attend to possible claims.
• In each treatment or type of data, we provide you with a specific period, which you can consult in the following table:

 

File	Document	Conservation
Clients	Bills	10 years
	Forms and coupons	15 years
	Contracts	5 years
Human Resources	Payrolls, TC1, TC2, etc.	10 years
	Curriculums	Until the end of the selection process, and 1 more year with your consent
	Severance pay documents Contracts. Temporaly Worker Data	4 years
	Worker file	Up to 5 years after withdrawal.
Marketing	Databases or website visitors	While the treatment lasts.
Suppliers	Bills	10 years
	Contracts	5 years
Access control and video surveillance	Visitors List	30 días
	Videos	30 day lockout 3 years destruction
Accounting	Accounting books and documents Partner agreements and boards of directors, company statutes, minutes, board of directors regulations and delegated committees. Financial statements, audit reports Grant-related records and documents	6 years
Fiscal	Keeping of the company’s administration, rights and obligations related to the payment of taxes. Administration of dividend payments and tax withholdings.	10 years
	Information on the intra-group price establishments	18 years 8 years for intra-group transactions for price agreements
Security and Health	Workers’ Medical Records	5 years
Enviroment	Information on chemical or substantially hazardous substances	10 years
	Documents related to environmental permits While the activity is carried out.	3 years after the closure of the activity 10 years  (prescription crime)
	Records on recycling or waste disposal	3 years
	Grants for cleaning operations must retain documents of rights and obligations, receipts and payments.	4 years
	Accident reports	5 years
Secure	Insurance policies	6 year (general rule) 2 years (damage) 5 years (personal) 10 years (life)
Shopping	Register all deliveries of goods or provision of services, intra-community acquisitions, imports and exports for VAT purposes.	5 years
Legal	Intellectual and Industrial Property Documents. Contracts and agreements.	5 years
	Permits, licenses, certificates	6 years from the expiration date of the permit, license or certificate. 10 years (criminal statute of limitations)
	Confidentiality and non-competition agreements	Always the term of the obligation or confidentiality
LOPD	Processing of personal data, if it is different from the treatment notified to the AEPD	3 years
	Personal data of employees stored in the networks, computers and communications equipment used by them, access controls and internal management / administration systems	5 years