This website does not save any personal data from its users or visitors without consent nor are they sent to third parties. DOYCO, S.A. (justo DOYCO from now on) uses no cookies to compile info about users or how they browse the site, neither are IP addresses registered.
In accordance to UE regutation 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR) and all regulations in force regarding personal data protection, DOYCO is controller of data related to its customers, suppliers and employees. Personal data are freely given to DOYCO within a framework or demanded and acquired on a legitimate interest.
Personal data under DOYCO control —due to past consented relationships or acquired in free consent directly from subject— are processed confidentially and will be incorporated to DOYCO processing activities, which are the following:
· EMPLOYEES. Its main purpose is human power management, paysheets and prevention of occupational hazards from those working for DOYCO. Data processed include just those strictly necessary: identity, academics, profesional, work experience and banking. Data are transmitted to agencies subcontracted to manage that specific task. Also to public administrations under laws in force which obligate to provide the info. And finally, to customers which demand certain data to access their facilities or to control the abilities to develop tasks with proper certifications and titles.
· INSTALLATION WORKS MANAGEMENT. Its main purpose is getting proper clearance to access facilities and deploy machines and persons –both DOYCO and subcontractors— to initiate the installation works with all requirements fulfilled: legal, quality and others. Data processed include just those strictly necessary: authorizations, certification and titles to develop certain works as well as identy data. Some of them have to be transmitted to public administrations to comply with legal requirements. Contact data may be exchanged among parts for proper coordination. Data are erased once legal mandatory storage time elapses.
· CONTRACTING AND BILLING. Its main purpose is contracting and billing to customers or suppliers whose employees data may be involved along the process for signing contracts, proposals, invoices, quotations and bills or just as senders or receivers of documents. Data processed include just those strictly necessary: persons identy and contact data. Data are transmitted to agencies subcontracted to manage DOYCO accountancy and also to public administrations under laws in force which obligate to provide the info. Data are erased once legal mandatory storage time elapses.
· CUSTOMER’S RELATIONS. Its main purpose is managing the relationships established with actual and potencial customers in both pre and post sales stages. That would include commercial contact, visits, presentations or posting info about promotions or new products, as well as technical support in demos or production projects wether that were the case. Data processed are limited to professional contact data and are not shared at all. Data are suppressed after 10 years of the last contact or volunteerly on customers request, except if there is a contract setting different conditions.
· VIDEOSURVEILLANCE. Its main purpose is to maintain safe DOYCO’s staff and goods, people accessing DOYCO’s office are registered in a videorecorder. Data are not shared unless an incident or felony is involved, where public administration or security corps will be access limited provided. Data processed are just people image. Data are automatically erased a month after being recorded.
· CANDIDATES. Its main purpose is managing relations to candidatos to a job in DOYCO. Data are provided volunteerly throughout a veriety of employment websites or platforms, as well as occupational public services or directly to DOYCO’s office or electronic or postal mail. Data include those typical in a curriculum vitae: identification, contact data, academic and certifications data, professional experience and personal interests or abilities. Data are not shared or transmitted and they are suppressed after two years since they were sent to DOYCO.
Data processing purpose is already defined within the previous paragraph.
Data processing is performed as a legitimate mean to deploy DOYCO commercial and laboral activity as well as part of complying with legal obligations. DOYCO does not perform massive postages keeping communications with actual or potential customers personal and direct. So explicit consent will be required to new potential customers previous communications and actual customers will be informed of the new policy, being no unconformities expressed directly up to now.
Legal base for each of stated processing activities can be consulted in GDPR, Art #6.1.
Personal data providede by subject to DOYCO will be preserved confidentially along the timelapse to comply with the purpose for what they where compiled and to determine the responsibilities derived from each main purpose. Additionally, regulations in force will be also considered to settle preservation periods.
Personal data will be shared with third parties whenever DOYCO subcontractes part of the processing tasks, usually accounting, financial, administrative jobs, human resources... as well as to customers and/or suppliers within installation projects framework and to public administration when legally enforceable or appropiate. All of them are properly stated in the epigraph “CONTROLLER”.
DATA SUBJECTS RIGHTS
Every subject has the right to have confirmation about his/her data processing made by DOYCO.
Rights can be exercised at DOYCO C/Alfonso XII, 10 – 1º, 28.014- Madrid or sending an email to firstname.lastname@example.org. Rights to be exercised include access, rectification, erasure, restriction of processing, not to be subject of automated decision, data portability and to object.
2018 - DOYCO, S.A.