ACERTTO TALENT LINKERS S.L. (Acertto) is an Organization in which activities involving personal data processing take place; this confers her a huge responsibility in the planning and organization of proceedings so that they respond to the legal accomplishment related to this topic.
In the exercise of these responsibilities and with the object of establishing the general principles which must govern the processing of personal data within Acertto, approves this Policy of Personal data Protection, which is notified to her employees and which is made available for every interest group.
- 1. Purpose
The Policy of Personal Data Protection is a measure of Proactive responsibility whose purpose is to ensure the accomplishment of the legislation applicable for this topic and, in relation to this, the respect of the right of honor and intimacy within personal data processing of every person who maintain a relationship with Acertto.
According to what established by this Policy of Personal Data Protection, the principles governing data processing within the organization are established, along with the proceedings and the organization and security measures which the persons affected by this Policy commit to implement in their part of responsibility.
With this purpose, the Management will assign the responsibilities to the personnel who takes part in processing data operations.
- 2. Scope of application
This Policy of Personal Data Protection will be applied by Acertto, its administrators, executives and employees, as well as every person who maintain a relationship with it, expressly including the service suppliers who can access data (“Data Controllers”).
- 3. Principles of Personal Data processing
As a general principle, Acertto will scrupulously comply with the legislation related to personal data protection and has to be able to prove it (Principle of <>), paying a particular attention to those proceedings which can imply a greater risk for the rights of the affected (Principle of <>).
Regarding what has been stated, ACERTTO TALENT LINKERS S.L. will watch over the accomplishment of the following principles:
– Lawfulness, loyalty, transparency and limitation of the purpose. Data processing must always be communicated to the affected, through the use of clauses and other means; it will be considered legitimate only if there is evidence of the consent to data processing (with particular attention to the consent given for persons under the legal age), or has another valid legitimization and the purpose of the same is in accordance with the regulations.
– Data minimization. The processed data must be appropriate, pertinent and restricted to the necessary in relation with the purposes of the processing.
– Exactness. Data must be exact and, if necessary, updated. Thereunder, the necessary measures to eliminate or rectify without any delay the personal data which are not exact in relation with the purposes of the processing will be implemented.
– Limitation of the storage period. Data will be maintained in order to allow the identification of the interested in no longer than necessary in relation with the purposes of the processing.
– Integrity and Confidentiality. Data will be processed in order to guarantee a suitable security to personal data, including the protection against unauthorized or unlawful processing and against its loss, destruction or accidental damage, by means of the implementation of the suitable technical or organizational measures.
– Data transfer. It is forbidden to purchase or obtain personal data from unlawful sources or whenever the aforementioned data have been gathered or transferred contravening the Law, or their legitimate provenience origin has not been sufficiently guaranteed.
– Hiring of suppliers with Access to data. Only the suppliers who offer enough guarantees to implement suitable technical and security measures in data processing will be chosen to be hired. The due Agreement will be documented in this regard with these third parties.
– International transfer of data. Every personal data processing subject to European Union regulations which implies a transfer of data outside of the European Economic Area must be realized with the strict accomplishment of the requirements established by the applicable regulations.
– Rights of the affected. Acertto will provide the affected with the exercise of the rights of access, rectification, elimination, limitation of processing, opposition and portability, establishing with that purpose the internal proceedings, and in particular the models for its exercise which result to be necessary and appropriate, which must meet, at least, the legal requirements to be applied for each case.
Acertto will promote the acknowledgement of the principles gathered in the present Policy of personal data protection and that they will be taken into consideration (i) in the planification and implementation of every professional proceeding, (ii) in the products and services provided, (iii) in every agreement and obligation which is formalized or assumed and (iv) in the implantation of the systems and platforms which allow employees or third parties to access and/or collect or process personal data.
4. Employees’ commitment
Employees are informed about the present Policy and declare themselves aware that the information of personal nature is part of the assets of Acertto; According to this, they adhere themselves to it, committing to the following:
- Realizing the training of awareness of Data Protection which Acertto makes available for them.
- Applying the security measures at a user level which correspond to their position in the company, without damaging the responsibilities in its planification and implementation which may be assigned to them according to their role in Acertto.
- Using the established formats for the exercise of Rights on the behalf of the affected and immediately informing Acertto in order to make the response effective.
- Informing Acertto, as soon as they get to know it, about deviations from what established by this Policy, specially about “Breaches in personal Data Security”, using in this regard the established format.
5. Control and assessment
A verification, assessment and valuation of technical and organizational measures will be realized annually, or whenever significant changes in data processing take place, to ensure the security of processing.
ACERTTO TALENT LINKERS S.L.
The present legal notice regulates the use of the website www.acertto.es (from now on, THE WEB), whose owner is ACERTTO TALENT LINKERS S.L. (from now on, THE WEB’S OWNER). The navigation through the website of THE OWNER OF THE WEBSITE attributes the condition of user of the same and involves the full and unreserved acceptance of each and every one of the provisions included in this Legal Notice, which may undergo modifications. The user commit his/herself to make proper use of the website in accordance with laws, good faith, public order, traffic uses and this Legal Notice. The user will take responsibility before THE OWNER OF THE WEBSITE or before third parties for any damage which might occur as a consequence of the failure to fulfill the aforesaid responsibility.