Privacy Policy and Processing of Personal data

Scope of the Privacy Policy

This policy shall apply to those users who provide personal data to Fyasec, Consultores y Auditores SLL, through the website www.Fyasec.com as well as to all those individuals who provide their personal data through the various means provided for it by Fyasec, Consultores y Auditores SLL. This website does not collect personal data from users without their knowledge.

Fyasec, Consultores y Auditores SLL is committed to respect the privacy of the data collected as well as the confidentiality, integrity and security of the same. Likewise, Fyasec, Consultores y Auditores SLL, undertakes to ensure transparency about the information about the data collected and the use of the same in accordance with the terms and conditions of this Privacy Policy.

Who is responsible for the processing of your personal data?

The entity responsible for the processing of personal data is Fyasec, Consultores y Auditores SLL, with CIF B91831081 and registered address at Calle Manuel de Falla nº8, C. Postal 41805, Benacazón (Sevilla). E-mail: dpo@Fyasec.com.

Who is the Data Protection Officer and what is he/she for?

We notify the interested party that we have a Data Protection Delegate, who can be contacted to resolve any doubts related to the processing of their personal data, through the following address: dpo@Fyasec.com.

What kind of personal data do we process?

The personal data collected in the various forms on paper or digital format, contracts and other documents enabled by Fyasec, Consultores y Auditores SLL (hereinafter Fyasec) have the following typology:

• Identifying data (name, photographs, surname, e-mail address, address, etc.).
• Professional, academic and training data (degrees, training courses).
• Economic-financial data (current account numbers, credit/debit card numbers).
• Personal characteristics, social circumstances.

In general and, unless otherwise specified in the form or document in which the data are collected, these will be required for the purpose that is proper in each case. The absence of the data considered as obligatory will mean the impossibility to attend the request/request of the interested party. The user is responsible for the veracity of the data communicated and must request their modification by the means specified below, whenever necessary to ensure their correct processing.

What do we process your personal data for? How long do we keep your personal data?

The personal data provided by the interested party will be processed for the following purposes:

1. Manage requests for consultation, exercise of data protection rights, information and claims by the user in order to respond to their needs. When you apply any consultation, claim or exercise related to data protection rights, the data provided in your request will be processed in order to meet your request and provide you with a response. Your personal data will be kept for the time necessary to fulfill the purpose for which they were collected and to determine the possible responsibilities that may arise from that purpose and the processing of the data.
2. Execution of contracts and invoicing. The data provided by the contracting parties in the different contracting processes will be processed for the purpose of providing the contracted service, apply the billing thereof and proceed with the fulfillment of the applicable legal obligations. Personal data will be kept for the time necessary to fulfill the purpose for which they were collected and to determine the possible responsibilities that may arise from that purpose and the processing of data, in accordance with Law 58/2003 of 17 December, General Taxation, in addition to the periods established in the rules of archives and documentation.
3. Sending information about our services. The data provided by users by any means (web, telephone or paper format) provided they give their consent, will be processed for the purpose of sending informative communications, by non-electronic means. The personal data of those interested in receiving corporate information will be kept in the system indefinitely as long as the interested party does not request its deletion.

What allows us to process your personal data?

The legal basis for the processing of your data resulting from contracting of services is the execution of the contract for the provision of services, in accordance with Article 6.1.b) of the General Data Protection Regulation. The processing of job applicant data is based on the execution of measures aimed at potential employment.

The data processing necessary for sending corporate information is based on the free consent of the data subject, in accordance with Article 6(1)(a) of the General Data Protection Regulation. Consent must be explicitly given through the channels provided. This consent may be revoked at any time through the channels indicated below for the exercise of rights.

Do we share or disclose your personal data to third parties?

Your personal data may be communicated or transferred to authorities, judicial bodies and public bodies, to the extent that such communication is mandatory or necessary to comply with a required legal obligation.

Your data may be disclosed on certain occasions to service providers and third parties necessary for the management and execution of a procedure that requires the involvement of a provider.

Fyasec does not apply and does not plan to apply international data transfers to third parties. In the event that it were to apply, they would be carried out in compliance with the legal provisions, recommendations and instructions for this purpose established by the current regulations and the Supervisory Authority.

What rights do I have concerning my personal data?

In accordance with the Data Protection regulations in force, we inform the interested party that he/she has the following rights:

• Right of access. This includes the right to contact the Data Controller to find out if your data is being processed and the purpose for which it is being processed, as well as to obtain a copy of it.
• Right of rectification. This includes the right to rectification of inaccurate or incomplete personal data without undue delay by the Data Controller.
• Right of portability. This includes the right to request the delivery of personal data in a structured, commonly used, machine-readable and interoperable format, and which can be transmitted to another Data Controller, provided that the processing is based on consent or the performance of a contract.
• Right of suppression. It includes the right to request the deletion of your personal data in the following cases:
  • That are not necessary for the purpose for which they were obtained.
  • That it is based on consent.
  • That you have exercised your right to object.
  • That the data have been processed unlawfully.
  • The data must be deleted due to a legal obligation.
  • Obtained in connection with the provision of information society services.
• Right to object. This includes the right of the data subject to object to the Data Controller applying any of the following processing:
  • When based on legitimate interest or public interest, including profiling.
  • When its purpose is direct marketing.
• Right to limit the processing of personal data. It consists of the right to request the limitation of the processing, being able to request the suspension of the processing of the data or the conservation of the data for another purpose.
• Right not to be subject to automated decisions. This right is intended to ensure that you are not subject to a decision based solely on the processing of your data, including profiling, that produces legal effects on you or significantly affects you in a similar way.

You can exercise your rights of access, rectification, deletion and portability of your data, of limitation, opposition to its processing, as well as not to be subject to decisions based solely on the automated processing of your data, where appropriate, at the following address: Calle Avda. Castilleja de la Cuesta Nº 16 Oficina Primera, C. Postal 41110, Bollullos de la Mitación (Sevilla) or at the email address: dpo@Fyasec.com. Likewise, the interested party may exercise their rights as affected, in the terms provided by the regulations, as well as file a complaint with the Spanish Data Protection Agency (www.aepd.es).

Last update: August 2021