AMBIENCE HOME DESIGN S.L. (the “Company”) is an Organization in which activities take place of personal data processing, which gives it an important responsibility in the design and organization of procedures so that they are aligned
with legal compliance in this matter.
In the exercise of these responsibilities and in order to establish the general principles that must govern the processing of personal data in the Company, approves this Policy of protection of personal data, which notifies its Employees and puts available to all your Interest groups.
The Personal Data Protection Policy is a measure of Responsibility proactive that aims to ensure compliance with the applicable legislation in this matter and relationship to it, respect for the right to honour and privacy in the treatment of the personal data of all the people that are related to the Company.
In development of the provisions of this Personal Data Protection Policy, establish what are the Principles that govern the processing of data in the organization and in consequence, procedures, and organizational and security measures that people Those affected by this Policy undertake to implement in their area of responsibility.
To this end, the Directorate will assign the responsibilities to the personnel participating in the data processing operations.
2. Applies for:
This Personal Data Protection Policy will be applicable to the Company, its administrators, managers and employees, as well as all the people that relate to she, expressly including service providers with access to data.
3. Principles of the processing of personal data
As a general principle, the Company will scrupulously comply with the legislation on the subject of personal data protection and must be able to prove it (Principle of «Proactive responsibility»), paying special attention to those treatments that may assume a greater risk for the rights of those affected (Principle of “risk approach”).
In relation to the above AMBIENCE HOME DESIGN S.L. will ensure compliance with following Principles:
– Legality, loyalty, transparency and limitation of purpose. Data processing The affected party must always be informed through clauses and other procedures; It will only be considered legitimate if there is consent to the processing of data (with special attention given to minors), or has another legitimation valid and the purpose of it is in accordance with regulations.
– Data minimization. The data processed must be adequate, relevant and limited to what is necessary in relation to the purposes of the treatment.
– Accuracy. The data must be accurate and, if necessary, updated. To this In this regard, the necessary measures will be taken to eliminate or rectify them without procrastination of personal data that is inaccurate with respect to the purposes of treatment.
– Limitation of the term of conservation. The data will be maintained so that they allow identification of interested parties for no longer than necessary to The purposes of the treatment.
– Integrity and Confidentiality. The data will be treated in a way that guarantees adequate security of personal data, including protection against unauthorized or illegal treatment and against its loss, destruction or accidental damage,
by applying the appropriate technical or organizational measures.
– Transfer of data. The purchase or obtaining of character data is prohibited staff from illegitimate sources or in those cases where such data have been collected or assigned in contravention of the law or its legitimate guarantee is not sufficiently guaranteed origin.
– Hiring suppliers with access to data. They will only be chosen for hiring suppliers that offer sufficient guarantees to apply technical measures and appropriate security in data processing, with these third parties the Due Agreement in this regard.
– International data transfers. All processing of personal data subject to European Union regulations that imply a transfer of data outside of the European Economic Area must be carried out in strict compliance with the requirements established in the applicable law.
– Rights of those affected. The Company will facilitate the exercise of rights of access, rectification, deletion, limitation of treatment, opposition and portability, establishing internal procedures for this purpose, and in particular
models for their exercise that are necessary and timely, which should satisfy, at least, the legal requirements applicable in each case.
The Company will promote that the principles contained in this Data Protection Policy of personal character be taken into account (i) in the design and implementation of all work procedures, (ii) in the products and services offered (iii) in all contracts and obligations that formalize or assume and (iv) in the implementation of how many systems and platforms allow access by employees or third parties and / or data collection or processing of a personal nature.
4. Commitment of workers
Workers are informed of this Policy and declare themselves aware that the Personal information is an asset of the Company, and in this respect adhere to she, committing to the following:
– Perform awareness training on Data Protection that the Company puts to its provision.
– Apply security measures at the user level that apply to your workplace, without prejudice to the responsibilities in its design and implementation that may be could be attributed according to their role in AMBIENCE HOME DESIGN S.L .
– Use the formats established for the exercise of Rights by the affected and inform the Company immediately so that it can be done Effective response.
– Inform the Company, as soon as it becomes aware, of deviations from the set forth in this Policy, in particular of “Data Security Violations personal”, using the format established for this purpose.
5. Control and evaluation
An annual verification, evaluation and assessment will be carried out, or whenever there are changes significant in data processing, of the effectiveness of technical and organizational measures to ensure the safety of the treatment.
AMBIENCE HOME DESIGN S.L.