If you do not provide your personal data, we will not be able to fulfill the purposes described above.

No automated decisions will be made based on the data provided.

If the processing is based on the data subject’s consent, the data will be kept for as long as the data subject does not request deletion or withdraw consent. For processing based on legitimate interest, the data will be kept for as long as the data subject does not object to the processing.

Professional contact data will be kept for as long as business relations can be maintained and for a maximum period of 10 years from their collection or last interaction, unless there is opposition from the interested party.

• Execution of a contract or pre-contractual measures: management of potential customers who have expressed interest in our products and/or services (art. 6.1.b. RGPD).
• Legitimate interest of the Controller: Management of professional contact data (LOPDGDD art.19, RGPD art. 6.1.f).
• Legitimate interest of the Data Controller and a third party: to manage and address queries, claims, complaints or suggestions about our products and/or services (art. 6.1.f RGPD).
• Consent of the interested party: Send commercial communications by electronic means about our products and/or services (RGPD, art. 6.1.a).

·         Data processors

o    Business management software providers.

o    Web hosting and maintenance service providers.

·         CONTASULT GROUP companies depending on the procedure to be consulted:

o    GRUPO CONTASULT ASESORES, S.L.U. with NIF B10824753, address Avenida Ciro Gil, Edificio Sotovila Guardiaro, 2 – 11311 San Roque (Cádiz) SPAIN and e-mail

o    CONTASULT S.L.U. with NIF B-11400074, address Urbanización Los Sauces, Bloque 2, Bajo, Algeciras (Cádiz) SPAIN and e-mail . info@contasult.com

This communication is made on the basis of a legitimate interest of the data controller in accordance with Article 6.1.f RGPD and Recital 48 in order to manage the provision of services according to the workload and expertise of each of the companies of the group.

However, WhatsApp Ireland Limited will make international transfers when using its WhatsApp services to the U.S. Such transfers will be based on a European Commission Adequacy Decision or Standard Contractual Clauses. Information about the destination countries for such transfers can be found at: https://www.whatsapp.com/legal/business-data-processing-terms and https://www.whatsapp.com/legal/business-data-transfer-addendum.

If you do not provide your personal data, we will not be able to fulfill the purposes described above.

No automated decisions will be made based on the data provided.

In relation to data processed for which the basis of legitimacy is the legitimate interest of the data controller, the data will be processed as long as the data subject does not object to such processing.

Professional contact data will be kept for as long as business relations can be maintained and for a maximum period of 10 years from their collection or last interaction, unless there is opposition from the interested party.

• Execution of a contract or pre-contractual measures: manage the provision of contracted services and execute contracts with suppliers (RGPD, art. 6.1.b).
• Fulfillment of a legal obligation: to carry out the fiscal and accounting management of suppliers (RGPD, art. 6.1 c).
• Legitimate interest of the Controller: Management of professional contact data (LOPDGDD art.19, RGPD, art. 6.1.f).

• Tax Administration: to comply with legal obligations (legal requirement).
• Financial institutions, in order to make the corresponding payments (contractual requirement).
• Data processors:

o    Business management software providers.

·         CONTASULT GROUP companies based on the legitimate interest of the controller for internal administrative purposes (Article 6.1.f RGPD and Recital 48)

o    GRUPO CONTASULT ASESORES, S.L.U. with NIF B10824753, address Avenida Ciro Gil, Edificio Sotovila Guardiaro, 2 – 11311 San Roque (Cádiz) SPAIN and e-mail

o    CONTASULT S.L.U. with NIF B-11400074, address Urbanización Los Sauces, Bloque 2, Bajo, Algeciras (Cádiz) SPAIN and e-mail . info@contasult.com

If you do not provide your personal data, we will not be able to fulfill the purposes described above.

No automated decisions will be made based on the data provided.

For processing based on the data subject’s consent, the data will be retained until the data subject withdraws his or her consent or requests the deletion of the data.

When the data is obtained without an active application, the data will be retained for a maximum period of 2 years from the last interaction with the data subject, unless the data subject withdraws consent in advance.

For processing based on legitimate interest, the data will be kept for as long as the data subject does not object to the processing.

• Execution of a contract or pre-contractual measures: management of CVs to carry out personnel selection processes and search for the best candidate for a specific job position.
• Legitimate interest of the data controller and the third party: sending communications by email or contacting by telephone informing you about the status of the candidacy in which you have applied (RGPD, art. 6.1 f). The company has a legitimate interest, as these allow efficient management of the selection process and keep the candidate informed about the progress of his or her application, fulfilling a reasonable expectation generated when applying for the vacancy. The use of these communication channels is a proportional and non-intrusive means. This treatment benefits both the company, which improves the candidates’ experience, and the interested itself, which receives information on its situation in the selection process. As for the legitimate interest of the third party, which in this case is the candidate, it also lies in his right and expectation to receive information on the status of the vacancies to which he has applied, which allows him to make decisions regarding his professional career and plan his next steps based on the information received in the process.
• Legitimate interest of the data controller and a third party: The conservation of curricula vitae (CV) sent proactively by candidates, in the absence of an active candidacy, in order to be considered in future selection processes. This legitimate interest of the person responsible is based on the expectation of being able to fill future vacancies with suitable profiles without the need to open a new selection process. The creation of a database with the CVs received allows the organization to avoid delays associated with the publication of new vacancies and the process of receiving applications, thus having previously evaluated profiles available for future needs. The candidate’s legitimate interest lies in the reasonable expectation that, by sending his or her CV spontaneously, it will be kept by the company to be considered in a vacancy arises that fits his or her professional profile. The candidate identifies the company as an employer related to his/her interests with the expectation of being taken into account in future job opportunities (RGPD, art. 6.1.f).
• Consent of the data subject: to keep CVs sent by data subjects to a specific active application for the purpose of being considered for future vacancies (art. 6.1.a. RGPD).

• Data processors:

o    Business management software providers

·         CONTASULT GROUP companies based on the legitimate interest of the person responsible, depending on the company in which a vacancy may be available (art. 6.1.f RGPD and recital 48)

o    GRUPO CONTASULT ASESORES, S.L.U., with NIF B10824753, address Avenida Ciro Gil, Edificio Sotovila Guardiaro, 2 – 11311 San Roque (Cádiz) SPAIN and e-mail

o    CONTASULT S.L.U., with NIF B-11400074, address Urbanización Los Sauces, Bloque 2, Bajo, Algeciras (Cádiz) SPAIN and e-mail .info@contasult.com

If you do not provide your personal data, we will not be able to fulfill the purposes described above.

No automated decisions will be made based on the data provided.

If it is proven that the information provided or part of it is not truthful, it shall be immediately deleted as soon as such circumstance comes to light, unless such lack of truthfulness may constitute a criminal offense, in which case the information shall be kept for the necessary time during the legal proceedings.

Once three months have elapsed since the receipt of the communication and no investigation has been initiated, it must be deleted, unless the purpose of the conservation is to leave evidence of the operation of the system.

Communications that have not been acted upon may only be recorded in an anonymized form, without the blocking obligation provided for in Article 32 of Organic Law 3/2018 of December 5 being applicable.

The data will be kept in the information registry for the necessary and proportionate time and, in any case, for a maximum of ten years.

·         Compliance with a legal obligation – Directive (EU) 2019/1937 of the European Parliament and of the Council of 23 October 2019 on the protection of persons who report breaches of Union law (art. 8; obligation of the establishment of internal whistleblower channels – Law 2/2023 of 20 February regulating the protection of persons reporting regulatory and anti-corruption infringements and Law 2/2023 of 20 February regulating the protection of persons reporting regulatory and anti-corruption infringements).

·         Consent of the data subject: for the recording/transcription of the requested face-to-face meeting with the entity for the purpose of whistleblowing (Directive (EU) 2019/1937; art. 18.2 and 4).

·         Data processors

o    Whistleblower channel software providers

o    Business management software providers.

If you do not provide your personal data, we will not be able to fulfill the purposes described above.

No automated decisions will be made based on the data provided.

• Fulfillment of a legal obligation: to manage and respond to the requests of data subjects in the exercise of the rights established in the data protection regulations (RGPD, art.6.1.b).

·         Control authorities for the purpose of managing and attending to requests and possible complaints (legal requirement).

·         Data processors:

o    Company’s legal advisors.

o    Business management software providers.