Security and confidentiality
LAMPARAS ON LINE, S.L. declares that it respects current Spanish and European legislation on personal data protection, specifically Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 and Organic Law 3/2018, of 5 December, on the Protection of Personal Data and the guarantee of digital rights.
The party responsible for the processing of your personal data and the owner of this website is LAMPARAS ON LINE, S.L. (hereinafter, LOL), a mercantile company registered in the Mercantile Register of Zaragoza in Volume 4377 folio 1 and registration sheet Z-64822 with tax identification number B-99537193 and with its registered office at P.I. Ruiseñores Ctra de Logroño km 8.5, 50015 Zaragoza (Spain).
In addition to the address indicated above, if you wish to contact us you can do so through our:
- Contact form
- Telephone: 876 440 290
- E-mail: email@example.com
Typology, purpose and legitimate basis for the processing of personal data
We collect personal data on:
- Workers' data: the purpose of this data is to manage the employment relationship, draw up their pay slips, control the working day and other obligations deriving from the same. The data collected are identification data, special categories (health/disability), personal characteristics data, academic data and professions, employment details and financial data. The basis of legitimacy for the data processing is the relationship between the parties, the legal obligation to collect this type of data and the consent of the data subjects. The data retention period is set at five years from the end of the employment relationship, except for pay slips, TC1 and TC2, which must be kept for ten years.
- Data on job seekers: the purpose of this data is to manage selection processes. The data collected are identification data, data on personal characteristics, academic data and professions and employment details. The basis of legitimacy for data processing is the pre-contractual relationship between the parties and the consent of the data subjects. The data storage period is set at six months from the end of the selection process.
- Data of potential customers: the purpose of the data processing is the commercial management of potential customers. The data collected are identification data and commercial information. The basis of legitimacy is the execution of a pre-contract and the legitimate interest of the data controller. The data will be kept for a period of five years from the end of the contact with the potential customer.
- Customer data: the purpose of the data processing is the execution of a commercial contract or pre-contract and the supply of the requested services. For this purpose, identification data, property data and financial data are requested. The legitimate basis for data processing is the legitimate interest of the data controller and the performance of a contract. The data will be deleted within five years of the end of the business relationship.
- Supplier data: the purpose of this data is to manage commercial contracts for which identification data, financial or tax data and other data such as TC2 or civil insurance are collected. It is the execution of the contract or pre-contract itself that legitimises us to process your data, which will be cancelled within five years of the end of the commercial relationship.
- Partner data: the purpose of the partners is to manage the company internally. The processing of their data is legitimised by the commercial relationship between the parties.
- Data for sending commercial communications: the purpose of the processing is to send commercial communications or newsletters, for which identification data is requested. The data will be cancelled as soon as the processing ends as soon as the interested party decides to unsubscribe in order not to receive any more communications.
- Data in response to queries: we will collect the contact details with which you identify yourself to send us communications, your email, telephone, or postal address, as well as any other information that you freely decide to give us and that we cannot detail as we do not know the content of all the possible communications that you may send us. We process this personal data to respond to your queries, as well as to respond to your rights in terms of personal data protection. The legitimate basis for responding to your communications is your consent, the legitimate interest of LOL in responding to your queries. This data will be deleted within two years.
- Data relating to the exercise of rights: the purpose of the processing is to attend to the exercise of data protection rights. The basis of legitimacy is compliance with current data protection regulations. This data will be kept to a minimum and will be always retained in compliance with the provisions of the applicable data protection regulations.
The personal data provided will be retained for as long as the relationship between us exists, for the legal retention periods, or until the data subject requests deletion or objection. In general, a conservation period of five years from the end of the relationship between the parties is established. At the end of this period, the data will be cancelled or confidentially destroyed.
How do we share information with third parties?
LOL informs the data subject that some of our suppliers may process their personal data as processors, for example, in the case of:
- Third-party service providers, where necessary for the provision of services, coordination of activities, internal management, supplier approval, software, system and platform support, cloud hosting services and carrying out electronic communications. In such cases, access to your data by third parties will only be carried out when LOL maintains a contractual relationship with the data processor that guarantees confidentiality, the non-use of the personal information of users that we make available to them for purposes other than those indicated above, as well as compliance with our internal regulations on privacy and information security.
- When such transfer of data is covered by a legal obligation or is required by the competent authorities to respond to legal requirements, criminal investigation of possible illegal activity or claims that content infringes the rights of third parties or to protect the rights, property or security of third parties, in the event of merger, sale, restructuring, acquisition, joint venture, assignment, transfer or other disposal, in whole or in part, of our business, assets or shares (e.g., transfers to the AEAT, TGSS, etc.).
In some cases, LOL uses third party tools and services for the management of services. Some of these services may be owned by third party’s resident outside the European Economic Area.
LOL tries to use secure tools whose servers are preferably located in Spain, or failing that, in a member state of the European Union, or that comply with European law according to the guidelines and recommendations of the Spanish Data Protection Agency, the European Commission and the Community reference agreements on international data transfer.
Exercise of rights and complaints to the Spanish Data Protection Agency
At any time, the User may withdraw his/her consent and/or exercise his/her rights of access, rectification, suppression, limitation, opposition, and portability provided for in the European regulations on personal data protection, by sending a letter to firstname.lastname@example.org or by post to LOL, at P.I. Ruiseñores Ctra de Logroño km 8.5, 50015 Zaragoza (Spain).
In this case, the User must indicate the right he/she wishes to exercise and attach a copy of his/her ID card or any other valid identification document that legitimises him/her to do so, including that which allows electronic identification.
If their rights are not effectively exercised, they may file a complaint with the Spanish Data Protection Agency.
Your commitment, the veracity of the data you provide us with
The User declares that the personal data provided to LOL are truthful.
As a User you should know that you are solely responsible for any damage or harm, direct or indirect, that may be caused to LOL as responsible for this website or to a third party if you send us false data or data of third parties without your prior consent, causing deception, damage, or harm.
So that we can keep your data accurate and up to date, we ask the User to inform us of any changes that may occur in the data provided.
Consent of minors
It is forbidden by LOL to send personal data through this website, or the means indicated therein by users under 14 years of age. If LOL detects users who may be under the age, it will not process their data and therefore will not respond to requests.
LOL reserves the right to request a copy of your ID card or equivalent document proving their legitimacy in case of having reasonable suspicions about the minority of the User.
Applicable Security Measures
In order to protect the personal data of users, LOL ensures itself and controls its processors, in the implementation of technical and organizational measures appropriate to the state of the art to protect personal data, taking into account the scope, context and purposes of processing, as well as the risks of varying likelihood and severity to the rights and freedoms of data subjects, seeking to be able to ensure the confidentiality, integrity, availability and resilience of systems and processing services.
Our information security policies and procedures are regularly reviewed and updated to meet our business needs, technological changes, and regulatory requirements.
Applicable law and jurisdiction
If the User accesses this site from a location outside Spain, the User is responsible for complying with all applicable local and international laws.