From May 25th, 2018 the General Data Protection Regulation (EU) 2016/679 comes into force and will establish united standards for the protection of personal data throughout the European Union.
This privacy notice explains how Pax2Go (company code: 13023624), Calle Mistral 2, 46119 Naquera, Spain) (hereinafter referred as “we”, “us” and “our”) collect, use and share Your personal information or information You have provided or otherwise we have received or collected about You.
Your personal data is being processed in accordance with the General Data Protection Regulation (EU) 2016/679 (hereinafter referred to as “GDPR”), the Data Protection Law of Spain, other laws and sub statutory legal acts.
Pax2Go (company code: 13023624), Calle Mistral 2, 46119 Naquera, Spain email: firstname.lastname@example.org.
PROCESSING OF PERSONAL DATA
We process the following personal data:
Identification and contact related data such as name, surname, date of birth, position, workplace contact details, personal identification number, VAT payer’s code, taxpayer’s code, telephone number, e-mail address, image;
details of licenses, qualification, education, work experience, trainings, abilities;
financial data: bank name, operating account number;
Data required for the Client Verification and Onboarding Procedure: full names, date of births, other identification details (citizenship, copies of passport/ ID, proof of living address, bank information, contact details, source of wealth/ funds) of the members of the Board of Directors, directors and secretaries (e.g., CEO, COO, CFO, Deputies, Heads of departments), persons assigned to represent the Party, shareholders with more than 25 % ownership and ultimate beneficial owners;
Data and content related to email communication sent to us and our employees, agents and servants regarding contracts concluded with us and other related matters;
The details of the contract and its provision such as the data about concluded contracts, as well as the data about such contracts and details about its provision, termination and amendments (if any);
Other data necessary for the provision and administration of contracts concluded between us, as well as other information that may be required for the conclusion, provision and administration of agreements concluded with us or anticipated to be concluded, as well as in compliance with the requirements of legal acts;
Personal data submitted by candidates for employment in our company in relation to the recruitment of such a candidate.
THE PURPOSE OF PERSONAL DATA PROCESSING
We process personal data for the following purposes: (a) to identify and contact the person for the provision and administration of the concluded contracts; (b) to execute contracts and render the services under such contracts as well as to keep record of such contracts and business relationship; (c) to maintain our legitimate interest to develop, improve our services and the quality of it; (d) to defend against the claims or other requirements, to exercise the rights of our representatives or our employees; as well as (e) to fulfil the obligations relevant to us and our employees under the applicable law; (f) to fulfill the requirements for money laundering and financing terrorism prevention, prevention of corruption, bribery and fraud, international, US, UK sanctions (restrictions), to verify the liability of the parties on the basis of the legitimate interest of Data controller to implement the Client Verification and Onboarding Procedure; (g) to carry out the recruitment process for the employment purposes; (h) to contact in order to suggest our services as well as to conclude a contract in relation thereto; (i) for monitoring and access to our premises purposes (CCTV and face recognition).
The above mentioned personal data is processed exclusively in relation to the legitimate business and commercial purposes as indicated above.
SOURCES OF PERSONAL DATA
We process personal data which either you or your employees, representatives, agents have provided to us before entering to the contractual or any other legal relations during the negotiations, or the execution and provision of a contract, or which are provided to us during various business events, conferences, trainings, forums, meetings, negotiations, when visiting our premises and throughout maintaining professional, business relationships.
We may process personal data in relation to business-oriented correspondence by email with us. We may also receive and process personal data from our clients, suppliers, associates as well as from publicly available sources.
We may combine personal data which we have received from different sources.
We may store, manage, analyze and organize personal data by using our designated systems, contacts’ and CRM databases, as well as other databases, systems, and software programs whenever it is needed for the purposes indicated above.
PERSONAL DATA RECIPIENTS
We may share personal data with our subsidiary companies, as well as with our agents, service providers and third parties, in various jurisdictions whenever it is necessary for any data processing purposes set out herein.
For this reason, we may transfer personal data outside the European Economic Area (EEA) that may have different laws and data protection compliance requirements, including data protection laws of a lower standard to those that apply inside EEA. However, we will ensure that any personal data that is accessible outside the EEA is handled using adequate and sufficient protection.
In accordance to the applicable legal requirements, we may share personal data with:
Public authorities, including the State tax Inspectorate, Civil Aviation Administration, State Enterprise Spanish Airports, by request of these bodies or in other cases stipulated in regulations;
Civil Aviation Administrations of other countries, including those beyond the European Economic Area, during audits.
By processing personal data, we may use the following data processors: companies providing data center, hosting, cloud, IT infrastructure, website managing and related service providers, advertising and marketing as well as software development service providers, software database infrastructure and communication service providers, insurance companies, hotels, if required, consultants and professional advisers.
PERSONAL DATA RETENTION
We retain personal data only as long as it is necessary and only for the purpose for which we obtained such data, or as long as the applicable law requires us to keep such personal data, e. g., personal data processed for the purpose of the Client Verification and Onboarding Procedure is stored no longer than 5 (five) years.
You have the right to request to get access to your personal data, to require to rectify inaccurate or incomplete personal data, to restrict processing ant to require to erase or to transfer your personal data to other data controller or to provide it to you in form and substance convenient to you, you have the right to cancel your consent or disagree with the processing of your personal data, you may also file a complaint with the Data Protection Inspectorate (for more information please refer to www.hacienda.gob.es) and you have other rights described in GDPR.
ENFORCEMENT OF YOUR RIGHTS
In order to exercise your rights indicated hereinabove you should file an application, as well as complaints, notifications or requests by following email email@example.com or by arriving at Pax2Go Calle Mistral 2, 46119 Naquera, Spain
We will respond to your request without undue delay, but in any case, within one month after the receipt of your request, unless complexity and number of requests determines a longer response time.