-
Language
Language
Date Updated: 12/02/2024
From JOY LAVIN, S.L we understand that it is essential to maintain a transparent relationship with you, therefore, below, we present our Privacy Policy, so that at all times you are duly informed about how we collect and treat any data safely that you provide us.
Your data will be processed in accordance with current legislation and, specifically, in accordance with the provisions of Regulation (EU) 2016/679 of April 27, 2016 (RGPD) regarding the protection of natural persons with regard to to the processing of personal data and the free movement of such data. Also in relation to Organic Law 3/2018, of December 5, Protection of Personal Data and Guarantee of Digital Rights.
A careful reading of our Privacy Policy will provide you with the necessary information to know what destination we will give to the data you provide us.
If you, or an authorized person, have provided us with your data, we inform you that JOY LAVIN, S.L, with CIF: ESB38388286 is the data controller. These data will be processed in accordance with the provisions of current regulations on the protection of personal data.
It is possible that there are other controllers in the treatments we carry out, in which case we will always inform who is responsible for their treatment, as well as their identification data.
The Website may include hyperlinks or links that allow access to web pages of third parties other than www.grupopagoda.com, and therefore are not operated by JOY LAVIN, S.L. The owners of said websites will have their own data protection policies, being themselves, in each case, responsible for their own treatment and their own privacy practices.
From JOY LAVIN, S.L we are committed to complying with the obligation of secrecy of personal data and your duty to keep them. For that, we adopt the necessary measures to avoid its alteration, loss, treatment or unauthorized access in accordance with what is established in the Regulations.
Yes, due to the nature of the data we process, we have a Data Protection Officer to ensure compliance with current data protection regulations. Our Data Protection Delegate is: CONVENCE ABOGADOS S.L, with CIF/NIF: B27726769. You can contact him at grupopagoda.dpo@convenceabogados.es.
3 WHERE DO WE REPORT? From JOY LAVIN, S.L we inform through the website www.grupopagoda.com in the section corresponding to the privacy policy. More information in "Legal Notice".
The personal data we process are:
• Those that you decide to provide us voluntarily
• The data derived from the communications you maintain with us.
• The information corresponding to your own browsing in the case of Online Services, (IP address or information derived from cookies or similar devices (you can see our Cookies Policy on the web).
• That information that is available in sources accessible to the public, to which we can legitimately access.
• The data derived from the contractual or pre-contractual relationship that you maintain with us, including your image, always informing you in this case of the possibility of capturing your image.
• Those that third parties provide us about you, there being a legitimate basis for it or having obtained your consent for it.
• The data of third parties that you provide us with the prior consent of the third party in question.
At JOY LAVIN, S.L we always treat your personal data in strict compliance with current legislation. In addition, we inform you that we have the appropriate technical and organizational measures to guarantee an optimal level of security, thus guaranteeing that only those people who have authorization will access them, that we will keep them intact, avoiding any intentional or accidental loss and that we have reinforced the data processing systems and services.
However, since JOY LAVIN, S.L cannot guarantee the impregnability of the internet or the total absence of hackers or others who fraudulently access personal data, it therefore undertakes to communicate without undue delay when a violation of the privacy security of personal data that is likely to pose a high risk to the rights and freedoms of natural persons. Following the provisions of article 4 of the GDPR, a violation of the security of personal data is understood as any breach of security that causes the destruction, loss or accidental or illegal alteration of personal data transmitted, stored or processed in another way, or unauthorized communication or access to such data.
The operations, procedures and technical procedures that we carry out in an automated or non-automated manner and that enable the collection, storage, modification, transfer and other actions on personal data, are considered personal data processing.
The basis of the legitimacy of the processing of Personal Data will be the result of the contractual or pre-contractual relationship, the employment relationship or any other that is required for the processing of data, such as express consent.
In accordance with the provisions of Law 34/2002 of July 11, on Services of the Information Society and Electronic Commerce, and Directive 2002/58/CE, we inform you that you can receive communications and information from of a commercial nature through this electronic communication system (emails, automated form response messages and other communication systems) when you have given us your consent or in the case of commercial communications regarding products or services similar to those previously provided by the responsible for the processing of your data.
In the event that you do not wish to receive communications and information of this nature, you can notify us by this same means indicating in the subject "LOW COMMERCIAL COMMUNICATIONS" so that your personal data may be removed from our database. Your request will be activated within a period of 1 month from its submission. In the event that we do not receive an express response from you, we will understand that you accept and authorize our entity to continue making the aforementioned communications.
In the case of receiving such communications by these means, we inform you that the messages are addressed exclusively to their recipient and may contain privileged or confidential information. If you are not the intended recipient, we notify you that unauthorized use, disclosure and/or copying is prohibited under current legislation.
The personal data relating to natural persons that JOY LAVIN, S.L collects by any means, will be kept as long as the interested party does not request its deletion. Likewise, they will be kept as long as the relationship that originated the data processing is maintained, respecting in any case the legal retention periods. After this period, personal data will be deleted from all JOY LAVIN, S.L. systems
There will be no assignment, transmission or transfer of personal data, except those already informed, that are not a consequence of a legal obligation. If at the request of the Public Administration or the Autonomous Institutions in the scope of the functions that the law expressly attributes to them, your data is requested, these will be transmitted.
If there is an assignment, transmission or transfer of personal data outside of the cases previously provided, you will be previously informed so that, if applicable, you give us your consent.
But in order to organize ourselves correctly, have good operations and procedures that guarantee good management, from JOY LAVIN, S.L it may be necessary to have to hire the services of advisors, professionals, or other service companies to process data under our instructions.
This treatment on behalf of third parties is regulated in a contract that is in writing or in some other legally accepted way and that allows proof of its conclusion and content, expressly specifying that the person in charge of the treatment will treat the data in accordance with our instructions and will not apply or will use it for a purpose other than that which appears in said contract, nor will it communicate them, not even for their conservation, to other people.
The data protection regulations grant you the following rights:
• Right of access: It is the right of the User to obtain confirmation of whether or not JOY LAVIN, S.L is treating their personal data and, if so, to obtain information about their specific personal data and the treatment that JOY LAVIN, S.L has carried out or carried out, as well as, among other things, the information available on the origin of said data and the recipients of the communications carried out or planned thereof.
• Right of rectification: It is the right of the User to modify their personal data that turns out to be inaccurate or, taking into account the purposes of the treatment, incomplete.
• Right of deletion ("the right to be forgotten"): It is the User's right, provided that current legislation does not establish otherwise, to obtain the deletion of their personal data when they are no longer necessary for the purposes for which they were collected or processed; the User has withdrawn his consent to the treatment and this does not have another legal basis; the User opposes the treatment and there is no other legitimate reason to continue with it; the personal data has been unlawfully processed; the personal data must be deleted in compliance with a legal obligation; or the personal data have been obtained as a result of a direct offer of information society services to a child under 14 years of age. In addition to deleting the data, the Data Controller, taking into account the available technology and the cost of its application, must take reasonable measures to inform those responsible for processing the personal data of the request by the interested party to delete any link to those personal data.
• Right to limitation of treatment: It is the right of the User to limit the treatment of their personal data. The User has the right to obtain the limitation of the treatment when they challenge the accuracy of their personal data; the treatment is unlawful; the Data Controller no longer needs the personal data, but the User needs it to make claims; and when the User has opposed the treatment.
• Right to data portability: In the event that the treatment is carried out by automated means, the User will have the right to receive from the person in charge of the treatment their personal data in a structured format, of common use and mechanical reading, and to transmit them to another responsible for the treatment. Whenever technically possible, the Data Controller will directly transmit the data to that other controller.
• Right of opposition: It is the right of the User not to carry out the processing of their personal data or to cease their processing by JOY LAVIN, S.L
• Right not to be subject to a decision based solely on automated processing, including profiling: It is the User's right not to be subject to an individualized decision based solely on automated processing of their personal data, including the preparation of profiles, existing unless the current legislation establishes otherwise.
If you want more information regarding the treatment of your data, rectify those that are inaccurate, oppose and/or limit any treatment that you consider is not necessary, or request the cancellation of the treatment when the data is no longer necessary, you can write to JOY LAVIN, S.L at Av. Antonio Dominguez, 4, , 38650 - Playa de los Cristianos (Santa Cruz de Tenerife) or by email to grupopagoda.dpo@convenceabogados.es.
• Said communication must reflect the following information: Name and surname of the user, the application request, address and supporting data.
• The exercise of rights must be carried out by the user himself. However, they may be executed by an authorized person as the legal representative of the authorized person. In this case, the documentation that proves this representation of the interested party must be provided.
Likewise, we want to inform you that you can withdraw the consent given without affecting the legality of the treatment already carried out, by sending your request to the same address indicated in the previous paragraph. In this case, you must accompany your application with a copy of your ID or document proving your identity.
In the event that you consider that there is a problem or infringement of current regulations in the way in which your personal data is being processed, you will have the right to effective judicial protection and to file a claim with a control authority, in particular, in the State in which you have your habitual residence, place of work or place of the alleged infringement. In the case of Spain, the control authority is the Spanish Data Protection Agency (https://www.aepd.es/) - C/ Jorge Juan, 6 28001-Madrid - FAX: 914483680- TELF: 901 100 099 - E-mail: ciudadano@agpd.es
We detail below the purposes of the data processing carried out by any, or all, of the Treatment Managers listed above.
| PROCESSING ACTIVITY | PURPOSE OF PROCESSING | LEGITIMATION BASIS | RETENTION PERIOD |
|---|---|---|---|
| Labor management | Management of personnel to formalize an employment contract, file control, payroll management |
Contractual relationship | 5 years from the end of the contract |
| Tax and accounting management | Necessary treatment for compliance with tax and accounting obligations |
Contractual relationship Legal obligation for the person responsible Overriding legitimate interests of the controller or third parties |
5 years from the end of the contract The time necessary to respond to legal obligations |
| Contact Management | Data processing in order to maintain communications with the interested parties |
Contractual relationship Overriding legitimate interests of the controller or third parties Express consent of the interested party |
5 years from the end of the contract Until cancellation and/or opposition by the owner Until relevant loss of use |
| Occupational risk prevention | Compliance with current legislation regarding occupational risk prevention and health surveillance |
Contractual relationship Legal obligation for the person responsible |
Until the end of the contractual relationship The term legally established by the specific regulations |
| Video surveillance | Image capture by the video surveillance system and/or alarm system with image capture, to protect the assets of the entity |
Prevailing legitimate interests of the controller or third parties |
1 month |
| Management of candidates for a job position | Selection of personnel and provision of jobs through management of curriculum, personal interviews and assessment tests |
Vital interests of the data subject or of other persons Express consent of the interested party |
Maximum 1 year |
| Customer management | Processing of the necessary data for the maintenance of the commercial/contractual relationship with clients, billing, after-sales service, the sending promotions and advertising and loyalty. |
Contractual relationship Business relationship |
5 years from the end of the contract The term legally established by the specific regulations |
| Advertising delivery | Sending commercial information, notifications about acts and events of interest, offers, information about products and services, to clients and/or potential clients. | Express consent of the interested party | Until cancellation and/or opposition by the owner Until relevant loss of use |
| E-commerce | Preparation and management of orders and purchases made through web platforms. |
Contractual relationship Business relationship |
5 years from the end of the contract The term legally established by the specific regulations |
| Labor control | Control of employee attendance at the workplace (holidays, absences, record of working hours) |
Contractual relationship Legal obligation for the person in charge Prevailing legitimate interests of the controller or third parties |
Until the end of the contractual relationship |
| Management of user registration of the web platform | Registration, maintenance and conservation of users of the web platform |
Contractual relationship Express consent of the interested party |
Until cancellation and/or opposition by the owner. Until relevant loss of use |
| Management of potential clients | Be able to carry out the necessary communications with potential clients and/or other interested parties, sending budgets, rates, product costs and other information previously requested to establish a contractual relationship |
Business relationship | Until relevant loss of use |
| Web management | Manage queries, contacts and claims received through the website |
Express consent of the interested party | Until cancellation and/or opposition by the owner Until relevant loss of use |
| Warranty management | Management of the guarantee of sold products for compliance with Royal Legislative Decree 1/2007 |
Legal obligation for the person in charge | The time necessary to respond to legal obligations |
| Money Laundering | Necessary treatment for compliance with current legislation in Law 10/2010 on the Prevention of Money Laundering and the Financing of Terrorism |
Legal obligation for the person in charge | The term legally established by the specific regulations |
It is necessary that the User has read and agrees with the conditions on the protection of personal data contained in this Privacy Policy, as well as that they accept the processing of their personal data so that the Data Controller can proceed to the same in the form, during the terms and for the purposes indicated. The use of the Website will imply the acceptance of its Privacy Policy.
JOY LAVIN, S.L reserves the right to modify its Privacy Policy, according to its own criteria, or motivated by a legislative, jurisprudential or doctrinal change of the Spanish Agency for Data Protection. Changes or updates to this Privacy Policy will not be explicitly notified to the User. The User is recommended to consult this page periodically to be aware of the latest changes or updates.
This Privacy Policy was updated to adapt to Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016, regarding the protection of natural persons with regard to the processing of personal data and the free circulation of these data (RGPD) and Organic Law 3/2018, of December 5, Protection of Personal Data and guarantee of digital rights.
This Privacy Policy document has been revised as of: 19/02/24