Privacy Policy

This Privacy Policy is part of the General Terms and Conditions governing this website. Version 2.0, dated 21 May 2018.

Who is the Data Controller in charge of your data?

VALCASADO, S.A. (VISSUM). Address: C/ Ebanistas 4, Polígono Industrial Urtinsa. C.P. 28923. Alcorcón, Spain

Tax ID No.: A81642803. Tel.: +34 916 434 117; Email: info@vissum.com

Contact details of the Data Controller or Data Protection Officer: dpo@vissum.com

Please feel free to contact us by any means. We reserve the right to modify or adapt this Privacy Policy at any time. We advise you to read this policy carefully. If you have signed up, you will be informed of any changes when entering your user account or profile.

If you belong to one of the following groups, please see the information in the drop‑down.

          

+ PATIENTS

Which of your data will we use?

  • Health information included in your medical record so we can ensure suitable internal management, practitioner-patient communication and a good healthcare service. Your data will also be processed by virtue of the agreement you signed with VISSUM to settle any claims arising in relation to the service provided.

The lawfulness of said data use is based on your acceptance of the contractual relationship. Therefore, the gathering and processing of your data is necessary for us to formalise your admission to the service, which means that your refusal to provide data will make it impossible to include you as a service user.

+ WEBSITE OR EMAIL CONTACTS

What data will we gather via the website?

We may process information anonymously such as your IP address, which operating system or browser you use and how long your visit lasts.

If you also provide your data through the contact form, you will be revealing your identity in order for us to contact you if necessary to:

  • Reply to your queries, requests and questions.
  • Provide the service requested, respond to or process a request.
  • Provide information by electronic means regarding your request.
  • Provide commercial information or details on events by electronic means, whenever express authorisation has been granted to do so.
  • Analyse and improve the website, our products and services. Improve our business strategy.

Data subject acceptance and consent: Whenever a request requires you to complete a form and press the ‘send’ button, completion and submission of said form by you will mean that you have necessarily been informed and granted your express consent regarding the clause attached to said form and/or have accepted the privacy policy.

Mandatory data fields are marked with an * on all our forms. Failure to fill in said fields or to check the box for acceptance of the privacy policy will prevent you from being able to submit your information. It will normally look like this: “□ I have read and I accept the Privacy Policy.”

+ POTENTIAL CUSTOMERS

What will we use your data for?

  • To provide information by electronic means regarding your request.
  • To provide commercial information or details on events by electronic means, whenever express authorisation has been granted.

Where will your data come from?

  • Unless you have provided your data directly, we may have obtained them from a third party. We always make sure that companies which disclose personal data do so lawfully, which means you must have been informed in advance and granted your express consent.

 + CUSTOMERS

What will we use your data for?

  • To draw up quotes and follow them through by means of communication between both parties.
  • To provide information by electronic means regarding your request.
  • To provide commercial information or details on events by electronic means, whenever express authorisation has been granted.
  • To manage administrative, communication and logistical services carried out by the Data Controller.
  • For invoicing purposes and to file the appropriate tax returns.
  • To carry out the relevant procedures.
  • To perform control and recovery tasks.

+ QUALITY SURVEY RESPONDENTS

What will we use survey data for?

  • To appraise the degree of quality of the service provided.
  • To improve the services we offer based on compliance with ISO standards.

  The lawfulness of said data use is based on the express consent of the respondent.

 + SUPPLIERS

What will we use supplier data for?

  • To provide information by electronic means regarding your request.
  • To provide commercial information or details on events by electronic means, whenever express authorisation has been granted.
  • To manage administrative, communication and logistical services carried out by the Data Controller.
  • For invoicing purposes.
  • To carry out the relevant procedures.
  • For invoicing purposes and to file the appropriate tax returns.
  • To perform control and recovery tasks.

The lawfulness of said data use is based on your acceptance of the contractual relationship or, failing this, on your consent granted upon contacting us to offer us your goods or services.

+ SOCIAL NETWORK CONTACTS

What will we use your social network data for?

  • To reply to your queries, requests and questions.
  • To provide the service requested, respond to or process a request.
  • To interact with you and create a community of followers.

The lawfulness of said data use is based on your acceptance of a contractual relationship within the environment of the social network in question, in accordance with their Privacy Policy.

How long will we keep your personal data?

We can only view or remove your data on a restricted basis because you have a specific profile. We will process them for as long as you allow us to by continuing to be friends or by liking or following us, etc.

To modify your data or restrict the information or publications you receive, please go to your profile or user settings on the social network in question.

+ JOB SEEKERS

What will we use your CV data for?

  • To organise recruitment processes to hire employees.
  • To call you to a job interview or to assess your candidacy.
  • If you have granted your consent, we may transfer your data to collaborating or associated companies for the sole purpose of helping you to find work.
  • By checking the box for acceptance of the privacy policy, you are granting us your consent to transfer your job request to companies in our group of businesses so as to include you in their personnel recruitment processes.

Moreover, you are informed that after a year has passed since your CV was received we shall proceed to its safe destruction. The lawfulness of said use is based on your express consent given by sending us your CV.

Do we include third-party personal data?

No. As a general rule, we only process data provided by the holder. If you provide us with third-party data, you will be required to have previously sought their consent; otherwise, we will not be liable for any non‑compliance in this regard.

Will we process the data of underage minors?

No, we do not process the data of subjects aged under 14. Therefore, please refrain from providing your data if you are not above that age or the data of third parties who are not above age. Alcarria residencias asistenciales, S.L. will take no responsibility for failure to comply with this requirement.

Will we make contact with you by electronic means?

  • Yes, but only to process your requests and if this is one of the means of contact you have provided.
  • We will only make commercial communications with your express prior authorisation.

What security measures will we apply?

Rest assured that we have secured an optimal degree of protection regarding the personal data we handle, and we have implemented all of the means and technical measures available to us according to the state of the art to avoid any loss, wrongful use, alteration, unauthorised access to or theft of your personal data.

Who will your data be revealed to?

If you have medical insurance, we will need your express authorisation to disclose your data to insurance companies for the purpose of managing and charging services. The data disclosed must never exceed those strictly necessary to comply with the purposes established.

Furthermore, your data will be sent to the Spanish Tax Agency and to banks and other financial institutions in order to charge you for the services rendered or goods purchased, as well as to the necessary data processors to carry out the agreement.

For purchases and/or payments, if you choose to make them via an app, website, platform, bank card or any other online service, your data will be transferred to the platform or will be processed in their environment under the strictest security conditions.

When ordered to do so by us, the website development and maintenance or hosting firm may access our website. Said firms will have signed a service level agreement with us beforehand binding them to secure the same degree of privacy as us.

Any international data transfers made using American apps will be subject to the Privacy Shield Framework, which guarantees that U.S. companies are compliant with European data protection policies regarding privacy.

What are your rights?

  • To know whether or not we are using your data.
  • To access your personal data.
  • To request the modification of your data if they are incorrect.
  • To request the removal of your data if they are no longer necessary for the purposes for which they were gathered or if you wish to withdraw your consent.
  • To request the limitation of the processing of your data in certain cases, in which case we will only retain them to the extent envisaged in current regulations.
  • To seek the portability of your data, which will be provided to you in a structured regular or mechanical format. Alternatively, we can send them to your new designated data controller if you prefer. This is only applicable in certain cases.
  • To file a claim before the Spanish Data Protection Agency or the competent control authority if you believe we have not treated you appropriately.
  • To withdraw your consent for any data processing you have accepted, at any time.

If you modify any data, we would appreciate you letting us know so we can keep them updated.

Would you like a form to claim your rights?        

  • We have forms at your disposal so you can exercise your rights. Simply request one by email or use those provided by the Spanish Data Protection Agency or a third party.
  • These forms must be signed electronically or feature a copy of your ID attached.
  • If someone is claiming on your behalf, we will need a copy of their ID or their electronic signature on the form.
  • Forms may be submitted in person, by post or by email to the Data Controller’s address provided above.

When will we get back to you about exercising your rights?

That depends on the right in question, but you will hear from us within one month of your request, or two months for highly complex matters. We will let you know if we need more time.

Do we use cookies?

If we use any cookies other than those strictly necessary, you will see them in the cookies policy under the corresponding link on the home page.

 How long will we keep your personal data?

  • Personal data will be kept for as long as you are linked to us.
  • Once you are no longer linked to us, the personal data processed for each purpose will be retained for the statutory periods, including the term during which a judge or court may request them, taking into account timeframes for filing judicial action.
  • The data processed will be retained as long as the above statutory periods last, if there is a legal obligation to keep them, or, in the absence of a statutory period, until the data subject seeks their suppression or revokes their consent.
  • We will keep all information and communication in relation to your purchases or to the provision of our service for as long as the goods or service warranties last in order to deal with any claims.
  • For each case of data processing or type of data, please the table below for specific data retention periods:

 

File/ Document/ Retention

Customers                

  • Invoices                       10 years
  • Forms and coupons   15 years
  • Contracts                       5 years

Human Resources   

  • Salaries, tax forms TC1, TC2, etc.                  10 years
  • CVs                                  Until completion of the recruitment process, plus one year with your consent
  • Severance pay documents. Contracts. Temporary worker data.         4 years
  • Worker records.                                                                     Up to five years after the end of employment.

Marketing                 

  • Databases or website visitor details.                                      While processing lasts.

Suppliers

  • Invoices                     10 years
  • Contracts                     5 years

Access control and video surveillance      

  • List of visitors          1 month
  • Videos                        30 days

Accounting               

  • Account books and documents.                                  6 years
  • Partner agreements and management board decisions, company by-laws, minutes, regulations of the management board and delegated committees.     6 years
  • Financial statements, audit reports                           6 years
  • Records and documents linked to subsidies.           6 years

Tax

  • Company administration matters, rights and obligations regarding tax payment.      10 years
  • Managing payment of dividends and tax withholdings.                                                     10 years
  • Information regarding establishment of an intra-group price.         18 years, 8 years for intra-group transactions regarding price agreements.

Health & Safety                   

  • Employee Health Records 5 years as from the date of each care episode

Environment 

  • Information regarding chemicals or significantly hazardous substances                   10 years
  • Documents relating to environmental permits.          As long as the activity lasts, 3 years after the activity has ended,  10 years (criminal offence extinguishment)
  • Records on waste recycling or disposal           3 years
  • Subsidies for cleaning work to preserve documents regarding rights, obligations, receipts and payments.  4 years
  • Accident report                   5 years

Insurance

  • Insurance policies                    6 years (generally), 2 years (damages), 5 years (personal), 10 years (life)

Procurement

  • Records of goods deliveries or service provision, intra-community acquisitions, imports and exports for V.A.T. purposes.        5 years

Judicial                      

  • Intellectual and industrial property documents. Contracts and agreements.             5 years
  • Permits, licences, certificates.                 6 years as from expiry of the permit, licence or certificate. 10 years (criminal extinguishment)
  • Non-disclosure and non-compete agreements.        Always as long as the obligation or confidentiality requirements apply

 

Data Protection Act (LOPD)         

  • Personal data processing, if other than as reported to the Spanish Data Protection Agency.    3 years
  • Personal data pertaining to employees stored on the net, computers and communication systems used by same,  access controls and international management/administration systems.                                      5 years