Privacy Policy

Retention Period of the Data

KéVolá is committed to protecting the privacy of users who access this website and/or any of its services. The use of the website and/or any of the services offered by KéVolá implies the user’s acceptance of the provisions contained in this Privacy Policy and that their personal data will be processed as stipulated herein. Please note that although there may be links from our website to other sites or social networks, this Privacy Policy does not apply to the websites of other companies or organizations to which the site may redirect. KéVolá does not control the content of third-party websites, nor accepts any responsibility for the content or privacy policies of those sites.

Basic Information on Data Processing (Regulation (EU) 2016/679 and LO 3/2018)

 

Data Controller

KéVolá

NIF: G19477850

Dirección: Mataró,Carrer Via Europa, 154, bxs. 1a.

Email: info@kevola.org
Purpose of Processing To provide and manage our security services.

Legal Basis
  • Consent obtained from the data subject when requesting information from us.
  • Execution of the service contract when entering into an agreement with us.
Recipients The data will not be disclosed to third parties, except as required by law or as necessary to fulfill the purpose of the processing.
Data Subject Rights

Data subjects have the right to exercise the rights of access, rectification, restriction of processing, deletion, portability, and objection by sending their request to our address.
Retention Period of the Data The personal data provided will be retained as long as you are a user of our services or wish to receive information, and thereafter for the periods established to comply with our legal obligations, which in the case of accounting and fiscal documentation for commercial purposes is 6 years, in accordance with Article 30 of the Commercial Code, and for tax purposes is 4 years, in accordance with Articles 66 to 70 of the General Tax Law.
Complaint Data subjects can contact the AEPD to file any complaint they deem appropriate.
Additional Information You can consult the additional and detailed information below in the “Privacy Questions” section.

 

Privacy Questions

In compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council, dated April 27, 2016 (GDPR), and Organic Law 3/2018, of December 5, on the Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD), we provide you with the following information regarding the processing of your personal data:

Who is the data controller for your data?

Identity: KéVolá
NIF: G19477850
Address: Mataró,Carrer Via Europa, 154, bxs. 1a.
Phone: +34 666 47 82 99
Email: info@kevola.org

For what purpose do we process your personal data?

  • We process the information provided to us to manage our security services.

     

  • If you contact us through the contact form on our website, we will process your information to manage your inquiry.

     

  • We may also use your data to inform you about our activities, products, or services when you are already our customer or, if not, when you have provided us with your consent to do so.

     

  • When you access our premises, your image may be recorded by video surveillance cameras for security control purposes.

     

  • If you send us a resume, we will process the data in order to manage our CV database for personnel selection.

How long will we retain your data?

The personal data provided will be retained as long as you use our services or wish to receive information (noting that you may object to the processing of your data for promotional purposes at any time by notifying us at expansiva@expansiva.es), and thereafter for the periods established to comply with our legal obligations, which, in the case of accounting and fiscal documentation for commercial purposes, is 6 years (in accordance with Article 30 of the Commercial Code) and 4 years for tax purposes (in accordance with Articles 66 to 70 of the General Tax Law).

  • Images captured by the video surveillance system will be retained for one month.
  • In the case of resumes, the data will be retained for one year.

What is the legal basis for the processing of your data?

For managing the contractual relationship with the data subject, we will base the processing of the data on the execution of the contract or within the framework of the pre-contractual relationship.
For sending commercial information, we will base the processing on your consent; however, if you are already our customer, we may send you information about our products and services, always providing a simple and free method to unsubscribe, in accordance with Article 21.2 of Law 34/2002, of July 11, on information society services and electronic commerce.

Regarding any information provided by minors under 14 years of age, it is an absolute requirement that it is submitted with parental consent, or that of the guardian or legal representative of the minor, so that the personal data may be processed. If this is not the case, the legal representative of the minor shall notify us as soon as they become aware.

Regarding the collection of data through the capture of images by the video surveillance system, the legal basis is provided by the legitimate interest of preserving the security of persons and property.

To which recipients will your data be disclosed?

The data will not be disclosed to third parties, except as required by law or as necessary to fulfill the purpose of the processing.

What are your rights when you provide us with your data?

      • Anyone has the right to obtain confirmation as to whether we are processing their personal data.

         

      • Data subjects have the right to access their personal data, as well as to request the rectification of inaccurate data or, where appropriate, request its deletion when, among other reasons, the data is no longer necessary for the purposes for which it was collected.

         

      • In certain circumstances, data subjects may request the restriction of the processing of their data, in which case we will only retain the data for the exercise or defense of claims.

         

      • Also, in certain circumstances and for reasons related to their particular situation, data subjects may object to the processing of their data. In such cases, we will cease processing the data, except for compelling legitimate reasons or for the exercise or defense of possible claims.

         

      • Data subjects also have the right to data portability.

         

      • Every data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them.

         

      • Finally, data subjects have the right to file a complaint with the competent supervisory authority.

How can you exercise your rights?

By sending a written request, along with a copy of an identification document, to our physical or electronic address.

How did we obtain your data?

The personal data we process comes directly from the data subject. The data subject guarantees that the personal data provided is accurate and is responsible for communicating any modifications to this data. Data marked with an asterisk are mandatory in order to provide you with the requested service.

What data do we process?

The categories of data that we may process in the provision of our services are:

  • Identifying data
  • Postal or electronic addresses

In the case of the video surveillance system:

  • Image

In the case of resumes, also:

  • Personal characteristics
  • Academic and professional information

The data is limited, as we only process the data necessary for the provision of our services and the management of our activity.

Do we make international data transfers?

The use of Google’s analytical cookies (including YouTube cookies) and Facebook’s marketing cookies implies a transmission of data to these companies located in the United States of America. The United States and the European Union have a Privacy Framework agreement approved by the Commission’s Implementing Decision of 10.7.2023 in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council. You can find more information in Google’s privacy policy and Meta’s (Facebook) privacy policy.

Do we use cookies?

We use cookies during the browsing of our website with the user’s consent.

Users can configure their browser to be notified of the use of cookies and to prevent their use. Please visit our cookies policy.

What security measures do we apply?

We apply the security measures established in Article 32 of the GDPR; therefore, we have adopted the necessary security measures to ensure an adequate level of security in relation to the risk of the data processing we perform, with mechanisms that allow us to guarantee the confidentiality, integrity, availability, and ongoing resilience of our data processing systems and services.
Some of these measures include:

  • Informing personnel about data processing policies.
  • Periodic backups.
  • Access control to the data.
  • Regular verification, evaluation, and assessment processes.

How do we process data on behalf of third parties?

The type of data, the category of data subjects, and the processing activities we may perform on behalf of our clients will be established in the corresponding data processing agreement.