Privacy policy

BASIC INFORMATION ON DATA PROTECTION
Data controllerGRUPO MARDOM TECHNOLOGIES S.L.
NIF: B47779368
CALLE PROPANO 1, 47012 (VALLADOLID)
WEB: www.grupomardom.es
EMAIL: Info@grupomardom.es
PurposeGestión de procesos de selección para los puestos vacantes que tenga Grupo Mardom.
Send you advertising or commercial information related to the sector and/or activity of the organisation and its events that may be of interest to you, offered by Grupo Mardom Technologies, S.L. if you have given us your consent in this regard. You may freely object to receiving these commercial communications without this affecting any contractual, commercial or professional relationship that you maintain with Grupo Mardom Technologies, S.L. Likewise, you may revoke your consent at any time. Maintain the commercial relationship relating to remote control systems in areas such as: personnel control, access control, dispensers, security rounds, the development of the activity outside the office, air conditioning, industrial and mobile machinery.
LegitimationExpress and informed consent. Consent to manage your data for selection processes for vacancies generated by the company. Consent for the sending of commercial communications.
DestinatariosNo communication of data is envisaged, except as provided for by law where appropriate.
We will only be able to send you commercial information about products from the Group companies' sector if you give us your consent.
There are no plans for international data transfers.
Processors within the EU.
RightsAccess, rectify and delete data; the right to limit processing, as well as other rights.

1.1. INTRODUCTION

This Privacy Policy has been developed taking into account the provisions of the Organic Law on the Protection of Personal Data in force, as well as Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and the movement of such data, hereinafter the GDPR.

This Privacy Policy has been updated on 28 July 2022 and Grupo Mardom reserves the right to modify it in the event of a change in current legislation, jurisprudential doctrine or business criteria. If any changes are made to this Policy, the updated text will be published at this same web address.

2.1. DATA PROCESSING

In terms of data protection, Grupo Mardom Technologies, S.L. shall be considered the Data Controller in relation to the files/processing identified in this Policy.
The user can contact us by e-mail at the following address rgpd@grupomardom.es for any questions or needs relating to the protection of personal data.

Contact details of the Security Officer: informatica@grupomardom.es.

Registrations: Grupo Mardom Technologies, S.L. inscrita en el Registro Mercantil de Valladolid. Tomo xxxx.

Website: https://www.grupomardom.es.

The personal data requested, where appropriate, will consist only of those data that are strictly necessary to identify and respond to the request made by the data subject, hereinafter referred to as the interested party. Said information will be processed in a loyal, lawful and transparent manner in relation to the interested party. On the other hand, personal data will be collected for specific, explicit and legitimate purposes, and will not be further processed for such purposes.

The data collected from each data subject shall be adequate, relevant and not excessive in relation to the relevant purposes for each case, and shall be updated whenever necessary.

The data subject shall be informed, prior to the collection of his/her data, of the general points regulated in this Policy, so that he/she may give his/her express, precise and unequivocal consent to the processing of his/her data, in accordance with the following aspects:

    • Possibility to withdraw consent:where consent has been given for a specific purpose, the data subject has the right to withdraw consent at any time, without affecting the lawfulness of the processing based on consent prior to its withdrawal.
    • Possibility to complain to the supervisory authority, the Spanish Data Protection Agency (AEPD):if a user considers that there is a problem with the way in which Grupo Mardom Technologies, S.L. is handling his/her data, we will be happy to deal with his/her complaints by sending an e-mail to the following address rgpd@grupomardom.es. Our Security Officer will contact the user, leaving open the possibility that, in the event that their request is not resolved, they may turn to the Spanish Data Protection Agency as the highest Data Protection authority in Spain.

3.1. PURPOSES OF PROCESSING

As a general rule, personal data is always collected directly from the data subject, however, in certain exceptions, data may be collected through third parties, entities or services other than the data subject. In certain cases, an e-mail and/or telephone number may be obtained from a profile created directly by the data subject, on a professional social network or business card on which he/she has freely made these contact details public.

This will be communicated to the data subject through the consent clauses contained in the different information collection channels and within a reasonable period of time, once the data have been obtained, and within the first month of obtaining the data at the latest.

The explicit purposes for which each of the processing operations are carried out are set out in the informative clauses included in each of the data collection methods (web forms, paper forms, announcements or posters and information notes).

However, the personal data of the interested party will be processed for the sole purpose of providing them with an effective response and attending to the requests made by the user, specified next to the option: service, form or data collection system used by the owner.

The main purpose is to maintain the business relationship concerning remote control systems in areas such as: personnel control, access control, dispenser control, security rounds, working outside the office, air conditioning, industrial and mobile machinery.

There are also other purposes for which Grupo Mardom collects data, such as: to inform the user by any means, including the sending of commercial communications, electronic or otherwise, to the e-mail address provided by the user, of Grupo Mardom Technologies, S.L. products and services similar to those purchased by the user.

Grupo Mardom does not prepare profiles nor does it foresee the assumption of automated decisions based on the personal information of which Grupo Mardom Technologies, S.L. is the Data Controller.

4.1. EMAIL, CONTACT FORMS AND MEANS OF COMMUNICATION

The website https://www.grupomardom.es of Grupo Mardom Technologies, S.L. has SSL/TLS encryption that allows users to send their personal data securely through standard contact forms.

Data collected through the website:

The personal data collected through the website will be automatically processed and incorporated into the corresponding files, of which Grupo Mardom Technologies, S.L. is the owner.

When a user visits Grupo Mardom's website, or requests information about its products and/or services, Grupo Mardom collects information automatically using tracking technologies, such as cookies or forms where certain information is expressly requested. This collection of information occurs in order to provide the information requested by the user, to learn more about the people who are interested in Grupo Mardom's products and/or services and to improve the browsing experience on the website.

Information collected automatically:

When the user visits Grupo Mardom's website, Grupo Mardom or its service providers, acting on its behalf, automatically collect certain information using tracking technologies, such as cookies, web links and similar technologies.

Grupo Mardom uses this information to understand how users visit its website and to know which parts or contents of the website are most popular. This makes it easier to understand how to improve the website and to measure the effectiveness of Grupo Mardom's advertising. In addition, tracking technologies are used to improve the browsing experience on the website; for more details on the use of cookies, please refer to the document Cookies Policy.

The user may share personal information, such as contact information, with members of Grupo Mardom staff when contacting them. In order to perform the correct follow-up, Grupo Mardom registers this interaction, including contact details or other information that may occur during the communication. Grupo Mardom stores this information to keep a record of communications with users. Grupo Mardom recommends that you do not provide personal or sensitive information that is not necessary for its staff to deal with your requests. Grupo Mardom may use third party products and/or services to process the information shared with its staff, in which case Grupo Mardom will have the legally necessary agreements with these suppliers.

The personal data collected through the website will be automatically processed and incorporated into the corresponding files owned by Grupo Mardom Technologies, S.L..

With regard to instant messaging such as WhatsApp, Facebook, Telegram, Messenger, Kakao Talk or Line, Grupo Mardom may receive a message from an interested person through an application of this type and reply to it through this same channel, without attaching personal information in any case by such means, or creating groups that allow the visualisation of data between members.

Form for sending CVs:

Grupo Mardom Technologies, S.L. will only consider applications for employment or internships (work or otherwise) that the candidate submits through the forms provided for this purpose on the website https://www.grupomardom.es, or in other media used for specific offers (such as job search portals or websites of the universities or training centres from which the candidate comes, in accordance with an agreement established for this purpose).

All applications received by other means, including paper CVs, will be rejected.

The purpose of the processing will be the management and effectiveness of the job or internship application. The recipients of this data will be the Correspondents or Processors, within the European Union, in charge of the selection of personnel by Grupo Mardom Technologies, S.L.

In the case of self-nominations, CVs will be kept for consideration for future vacancies indefinitely or until the candidate exercises his/her right of cancellation. If the applicant wishes to be considered for other vacancies, he/she should attach his/her CV in the Job Opportunities section of the website https://www.grupomardom.es.

Grupo Mardom Technologies, S.L. reserves the right to delete CVs older than two years.

As part of the process, candidates will be contacted by telephone in order to verify that they meet the minimum requirements of the vacancy to be filled, with a view to being called for a selection interview or not; the express consent of the job applicant is requested. Conversations will not be recorded.

Once the person to fill the vacancy has been selected, Grupo Mardom will endeavour to inform all applicants of the completion of the process.

Information required and formats accepted:

In the web forms created for this purpose, Grupo Mardom Technologies, S.L. asks each applicant for the corresponding authorisation to consult the content, directly accessible through search engines and/or their profiles on social networks. In order to assess the suitability of the candidate by analysing the information gathered from these sources, together with the CV provided by the applicant, the results obtained in the entrance tests and the information provided in the selection interview.

If you do not receive express authorisation for such processing, Grupo Mardom Technologies, S.L. reserves the right to reject your application.

As indicated in the online forms of https://www.grupomardom.es, candidates shall refrain from including sensitive data not required by the company for the assessment of their candidacy, nor for their subsequent job performance in the case of being selected, such as: political, religious, ideological affiliation or any other data different from their professional value, preparation for their tasks in the company and, of course, their contact details.

In accordance with current data protection regulations, all CVs that do not comply with this recommendation will be destroyed and applications will be rejected. In addition, the only format allowed for attaching CVs in https://www.grupomardom.es, will be pdf.

5.1. LEGITIMACY

As a general rule, prior to processing personal data, Grupo Mardom Technologies, S.L. signs a contract or acceptance of an order form, communicating this privacy policy. Alternatively, it obtains express and unequivocal consent from the owner of the data, by incorporating informed consent clauses in the different information collection systems or in the service provision contract itself.

However, when the consent of the data subject is not required, the legitimate basis for the processing on which Grupo Mardom Technologies, S.L. relies is the existence of a law or specific regulation authorising or requiring the processing of the data subject's data.

6.1. TARGET

As a general rule, Grupo Mardom Technologies, S.L. does not transfer or communicate data to third parties, except those legally required or outsourced for the normal operation of the company. However, if necessary, the interested party is informed of these transfers or communications of data through the informed consent clauses contained in the different ways of collecting personal data.

For all personnel selection and human resources processing, Grupo Mardom Technologies, S.L. with CIF B47779368 is jointly responsible.

Payroll and human resources data:

It will be transferred to Grupo Mardom Technologies, S.L. as the entity jointly responsible for the integral management of the company's human resources. Data will also be transferred to training companies for the documentation required for the registration, accreditation, evaluation and, where appropriate, reimbursement of training actions programmed by the company. Data will also be transferred to the mutual insurance company in charge of occupational risk prevention and to the entity in charge of monitoring the health of the company's employees. Data will be transferred to the company in charge of the implementation and/or quality audits for the elaboration of the documents of the employees who participate in them. They will be passed on to the company in charge of data protection in order to draw up the relevant clauses, contracts and documentation.

In some cases, they may be transferred to a lawyer when necessary for the resolution of a mediation process or labour litigation.

Customer contact details:

They may be transferred to a commercial person contracted to monitor the commercial relationship, to companies specialised in marketing and communication, for the preparation of bulletins, communiqués or newsletters or the organisation of events relating to subjects related to the services and products contracted with Grupo Mardom.

Invoicing data may be disclosed to the accounting and tax person, to debt collection companies in the event that it is impossible for a customer to settle a debt by his own means and after repeated requests for payment have failed to reach an agreement.

7.1. RETENTION PERIODS

Grupo Mardom Technologies, S.L. will keep user data during the contractual relationship with the user and, in any case, for a maximum period of six years from the last time the user interacted with Grupo Mardom Technologies, S.L.; without prejudice to any retention that may be necessary for the formulation, exercise or defence of potential claims or whenever permitted by applicable legislation. Once the aforementioned period has expired, Grupo Mardom Technologies, S.L. undertakes to cease processing all your data, as well as to duly block them in the corresponding Grupo Mardom Technologies, S.L. databases.

Customer data:

The information collected from the person concerned will be kept for as long as necessary to fulfil the purpose for which the personal data were collected, so that, once the purpose has been fulfilled, the data will be cancelled. This cancellation will give rise to the blocking of the data, which will only be kept at the disposal of the Authorities, Courts and Tribunals, in order to attend to any possible liabilities arising from the processing, during the period of limitation of these. Once the aforementioned period has expired, the information will be destroyed.

Legal periods of conservation of the personal data for which Grupo Mardom Technologies, S.L. is the Data Controller:

The legal deadlines for the conservation of information in relation to different matters are set out below:

DOCUMENTTIME LIMITREF. LEGAL
Employment or social security documentation4 yearsArt. 21 of Royal Legislative Decree 5/2000, of 4 August, approving the revised text of the Law on Offences and Penalties in the Social Order.
Accounting and tax documentation for commercial purposes6 yearsArt. 30 of the Royal Decree of 22 August 1885, publishing the Commercial Code.
Accounting and tax documentation for tax purposes4 yearsArt. 66-70 of Law 58/2003, of 17 December, General Taxation.
Documentation relating to subsidised training4 yearsLaw 30/2015 of 9 September, which regulates the Vocational Training System for Employment in the workplace and article 14.3 of Royal Decree 694/2017 of 3 July, which develops the aforementioned law.
Building access control1 monthAEPD Instruction 1/1996.
Videovigilancia1 monthAEPD Instruction 1/2006 Organic Law 4/1997.
OTHER DATATIME LIMIT
Data of subscribers to newsletters and bulletins of GRUPO MARDOM TECHNOLOGIES S.L.From the time the user subscribes to the time he/she unsubscribes.
Curriculums vitae in response to a specific vacancy, published by GRUPO MARDOM TECHNOLOGIES S.L.From the receipt of the CV by the means provided by Emayor Synersight Technologies, S.L. until the final selection of the person who will fill the vacancy, at which time the rest of the CVs received will be deleted and the selected CV will be archived for the time that the newly recruited person provides services in the company.
CVs uploaded to the website of Grupo Mardom Technologies, SL. Through the self-candidature formIndefinitely, from the date on which the candidate voluntarily enters his/her CV for future vacancies or until he/she exercises his/her cancellation rights, as set out in this Policy, through the channels provided by Emayor Synersight Technologies, S.L.
The company reserves the right to delete CVs that are more than two years old.
Data collected by Grupo Mardom Technologies S.L. from profiles published personally by their owners in professional social networks.From the time the user grants informed consent (in the first communication and always within 30 days of the data being collected), until the user exercises a right of cancellation or limitation of the processing; or until the legal deadlines are met in the event that the data are incorporated into the customer database.

8.1. NAVIGATION DATA

In relation to the browsing data that may be processed through the website, in the event that data subject to regulations is collected, we recommend that you consult the Cookies Policy published on our website.

Rights of the interested parties

Data protection regulations grant a series of rights to interested parties or data subjects, users of the website or users of the social network profiles of Grupo Mardom Technologies, S.L.; these are as follows:

    • Right of access:derecho a obtener información sobre si sus propios datos están siendo objeto de tratamiento, la finalidad del tratamiento que se esté realizando, las categorías de datos que se traten, las personas destinatarias o categorías de estas, el plazo de conservación y el origen de dichos datos.
    • Derecho de rectificación:derecho a obtener la rectificación de los datos personales inexactos o incompletos.
    • Derecho de supresión:derecho a obtener la supresión de los datos en los siguientes supuestos
        • Cuando los datos ya no sean necesarios para la finalidad para la cual fueron recabados.
        • Cuando la persona titular de los datos retire el consentimiento.
        • Cuando la persona interesada se oponga al tratamiento.
        • Cuando deban suprimirse para cumplir una obligación legal.
        • Cuando los datos se hayan obtenido en virtud de un servicio de sociedad de la información en base a lo dispuesto en el artículo 8, apartado 1 del Reglamento Europeo sobre Protección de datos.
    • Derecho de oposición:derecho de oponerse a un determinado tratamiento basado en el consentimiento de la persona interesada.
    • Derecho de limitación:derecho de obtener la limitación del tratamiento de los datos cuando se dé alguno de los siguientes supuestos:
        • Cuando la persona interesada impugne la exactitud de los datos personales, durante el plazo que permita a la empresa verificar la exactitud de estos.
        • Cuando el tratamiento sea ilícito y la persona interesada se oponga a la supresión de los datos.
        • Cuando la empresa ya no necesite los datos para los fines para los qua e fueron recabados, pero la persona interesada los necesite para la formulación, el ejercicio o defensa de reclamaciones.
        • Cuando la persona interesada se haya opuesto al tratamiento mientras se verifica si los motivos legítimos de la empresa prevalecen sobre las personas interesadas.
    • Derecho a la portabilidad:derecho a obtener los datos en un formato estructurado, de uso común y de lectura mecánica, y a transmitirlos a otro responsable del tratamiento cuando:
        • El tratamiento esté basado en el consentimiento.
        • El tratamiento se efectúe por medios automatizados.
    • Derecho a presentar una reclamación ante la autoridad de control competente.

Las personas interesadas podrán ejercer los derechos indicados enviando una carta formal, debidamente firmada, donde consten de forma clara los datos de contacto a la sede de Grupo Mardom Technologies, S.L.; ubicada en la calle Propano 1 (47012) Valladolid; o bien por correo electrónico a la dirección rgpd@grupomardom.es, especificando en el asunto el derecho que desea ejercer. En ambos casos, será necesario acreditar su identidad adjuntando una copia de su DNI/NIE. En este sentido, Grupo Mardom Technologies, S.L. atenderá su solicitud a la mayor brevedad posible y teniendo en cuenta los plazos previstos en la normativa en materia de Protección de Datos. Si desea saber más sobre sus derechos como ciudadano/a en materia de Protección de Datos personales, puede consultar la Guía para el Ciudadano de la AEPD.

9.1. SEGURIDAD

Las medidas de seguridad adoptadas por Grupo Mardom Technologies, S.L. son aquellas requeridas de conformidad con lo establecido en el artículo 32 del RGPD. Teniendo en cuenta las variables para los derechos y las libertades de las personas físicas, como el estado de la técnica, los costes de aplicación y su naturaleza, el alcance, el contexto y los fines del tratamiento, así como los riesgos de probabilidad y gravedad; Grupo Mardom Technologies, S.L. tiene establecidas las medidas técnicas y organizativas apropiadas para garantizar el nivel de seguridad adecuado al riesgo existente.

En todo caso, Grupo Mardom Technologies, S.L. tiene implementados los mecanismos suficientes para:

    • Garantizar la confidencialidad, integridad, disponibilidad y resiliencia permanentes de los sistemas y servicios de tratamiento.
    • Restaurar la disponibilidad y el acceso a los datos personales de forma rápida, en cado de incidente físico o técnico.
    • Verificar, evaluar y valorar, de forma regular, la eficacia de las medidas técnicas y organizativas implantadas para garantizar la seguridad del tratamiento.
    • Tratamiento de seudinimización y cifrado de los datos personales sensibles. En concreto, Grupo Mardom Technologies, S.L. ha adoptado las siguientes medidas:
    • Nombramiento de una persona responsable en materia de protección de datos, quien deberá asegurar el continuo cumplimiento de la normativa aplicable.
    • Establecimiento de funciones y responsabilidades del personal que trate datos de carácter personal.
    • Comunicación entre el personal de las funciones y responsabilidades definidas asociadas al cumplimiento de la normativa en materia de protección de datos.
    • Definición de roles y perfiles para los usuarios/as de las aplicaciones y sistemas donde se traten dichos datos de acuerdo con las funciones y responsabilidades establecidas, de forma que se evite el acceso a datos o recursos distintos de los autorizados. Este sistema de control de acceso garantiza adecuados mecanismos de identificación y autenticación de los usuarios/as, a través del uso de contraseñas que son renovadas como mínimo cada seis meses y del bloqueo automático de usuario ante intentos sucesivos fallidos de acceso, etc.
    • Medidas automatizadas que limitan el acceso a información para usuarios/as no autorizados/as o fuera del plazo de conservación determinado, mediante técnicas de borrado o de seudinimización de datos.
    • Procedimientos que limitan el acceso físico a las instalaciones donde se encuentran ubicados los sistemas de información o los soportes físicos. Los archivos en papel se conservan en armarios bajo llave a los que solo accede el responsable de seguridad.
    • Procedimientos de recuperación de datos de carácter personal ante su posible destrucción, pérdida o alteración, bajo la supervisión y aprobación del responsable en materia de protección de datos.
    • Procedimientos de detección, evaluación y notificación, en caso de ser necesario, de incidentes de seguridad que puedan afectar a los derechos y libertades de las personas interesadas.
    • Ejecución de revisiones periódicas de cumplimiento y de definición y ejecución de los planes de acción para la mitigación de los riesgos detectados.
    • Medidas que permiten disponer de un log de accesos a datos especialmente sensibles en el que se puede identificar al usuario/a y fecha de acceso.
    • Medidas de encriptación, cifrado de datos o similares sobre los soportes físicos y dispositivos portátiles que contienen datos especialmente sensibles y que se envían o usan fuera de las instalaciones de la compañía.
    • Medidas de encriptación o cifrado en la transmisión de datos especialmente sensibles a través de redes electrónicas.
    • Medidas que impiden el acceso a datos especialmente sensibles en el soporte físico (por ejemplo, documentación) durante el traslado de esta desde las instalaciones de la compañía hasta su lugar de almacenamiento, que a su vez deberá contar con medidas de control de acceso adecuadas.
Skip to content