Privacy Policy
The Privacy Policy is part of the Legal Notice governing the Website: www.abessis.com together with the Cookie Usage Policy.
The website www.abessis.com is owned by AB6 Obres i serveis, S.L. and complies with the requirements derived from Law 34/2002, of July 11, on Information Society Services and Electronic Commerce, and current regulations regarding the protection of personal data and, in particular, Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights.
AB6 Obres i serveis, S.L. reserves the right to modify or adapt this Privacy Policy at any time. Therefore, we recommend that you review it each time you access the Website. In the event that a user has registered on the website and accesses their account or profile, they will be informed upon access if there have been substantial modifications in relation to the processing of their personal data.
Who is the DATA CONTROLLER?
The data collected or voluntarily provided to us through the Website, whether by browsing it or provided through contact forms, email, or telephone, will be collected and processed by the Data Controller, whose details are indicated below:
| Identity | AB6 Obres i serveis, S.L. |
|---|---|
| Tax ID (CIF) | B62131180 |
| Postal Address | Calle Conde Salvatierra, 29-1o-2a – 46004 – València (Valencia/València) |
| Telephone | 963527357 |
| laura.barbera@abessis.com | |
| DPO Contact | (if applicable) |
| URL | www.abessis.com |
| Commercial Registry | Valencia/València, Tomo …, Libro …, Folio …, Sección …, Hoja V-….. |
If, for any reason, you wish to contact us regarding any matter related to the processing of your personal data or privacy (or our Data Protection Officer), you may do so through any of the means indicated above.
When, why, who, how, for what purpose, and for how long do we process your personal data?
When and why?
You can browse most of our web pages without providing any personal information, but in some cases, this information is necessary to provide the electronic services you request.
If we need to collect personal data to provide a service, we will process the information according to the policy set out in this document and the specific conditions of the service in question (if any), which contain specific privacy statements regarding data use and inform you of why, for what purpose, how, and for how long we process your personal data, as well as the security measures we implement.
Who collects your data?
The collection and processing of any personal data you may provide are carried out by our entity or, where applicable, its data processors. In the latter case, these processors are third parties contractually required to ensure their activity respects the law and that they implement appropriate security measures to protect said data.
For what purpose?
The personal data we request from you, or that you provide through browsing, is used to manage, provide, and improve the services you have requested.
For example, we will process your personal data to manage inquiries you send us, to manage your participation in recruitment processes, to send electronic communications if requested, and, where appropriate, for the preparation of statistics.
In this regard, we request an email address when you use our contact forms on the web. We only collect the sender’s personal data necessary to respond.
When you subscribe to our newsletters, we also request an email address to provide the service; in any case, you can manage your cancellation from the service whenever you wish, and we provide means for you to do so.
How do we process your data?
We exclusively collect personal information to the extent necessary to achieve a specific purpose. The information will not be used for a purpose incompatible with the one described.
We only disclose information to third parties if necessary for the fulfillment of the service’s purpose and only to the persons who need to know. All this is done so the service can be provided by treating your personal data with confidentiality and reserve, in accordance with current legislation.
In any case, our entity adopts security measures to protect data against possible abuse or unauthorized access, alteration, or loss.
How long do we keep your data?
We keep data only for the time necessary to fulfill the purpose of its collection or subsequent processing. The retention period will depend on the service, and each service will indicate the duration of personal data processing.
At the end of this document, we provide a table with specific conservation periods.
For what PURPOSES will we process your personal data?
Clients
We process your personal data for the following purposes:
- To manage your purchase or the service provided.
- To maintain the contractual and pre-contractual relationship for billing, preparation of quotes, and follow-up, as well as sending information by electronic means regarding your request.
- To send commercial information communications by electronic means that may be of interest to you, provided there is express authorization.
- We may create a commercial profile based on the information provided to offer products and services according to your interests. No automated decisions will be made based on said profile.
Suppliers
We process your personal data for the following purposes:
- Billing.
- Maintaining commercial contact.
- Sending information by electronic means about our products or services, where applicable.
Web or Email Contacts
We process your personal data for the following purposes:
- Answering your inquiries and requests.
- Managing the requested service or processing your order.
- Sending commercial information by electronic means that may be of interest to you, provided there is express authorization.
- We may create a commercial profile based on the information provided to offer products and services according to your interests. No automated decisions will be made based on said profile.
Social Media Contacts
We process your personal data for the following purposes:
- Answering your inquiries and requests.
- Managing the requested service, answering your request, or processing your order.
- Interacting with you and creating a community of followers.
Job Applicants
We process your personal data for the following purposes:
- Including you in recruitment selection processes.
- Scheduling job interviews and evaluating your candidacy.
- Communicating your curriculum vitae to group companies, collaborators, or affiliates with the sole objective of including you in their selection processes, provided you have given us your consent.
Contest Participants
We process your personal data for the purpose of managing your participation in the contests we organize, as well as announcing the winners and the award ceremony.
Winning participants may be photographed or recorded on video and disseminated through any medium, our website, or other communication media. Consequently, it is possible that the image of participants may be captured, recorded, and/or reproduced as an accessory to the main activity.
Website Users
By browsing our website, we collect information about your browser, device, and website usage data, as well as any information provided while using our web. In an anonymized or aggregated form, we may record the IP address (the identification number of the device’s Internet access, which allows devices, systems, and servers to recognize and communicate with each other).
The purpose of the processing is:
- To obtain practical knowledge about how users use our website to allow us to improve it.
- To perform statistical analysis to help us improve our commercial strategy.
- To perform web performance analytics.
- For technical security and systems diagnostics.
The data we obtain is not linked to a specific user and will be stored in our databases. The aforementioned data, as well as any personal data you may provide, are stored through cookies collected in a pseudonymized format and are subject to the right to object to processing, as detailed in the Cookie Policy. You can consult the Cookie Policy in the corresponding section.
Your browsing information may be stored through Google Analytics; therefore, we refer to Google’s Privacy Policy, as they collect and process such information. Likewise, our website may provide Google Maps functionality, which could access your location, if permitted, to provide specificity on distances/routes to our locations. In this regard, we refer to the privacy policy used by Google Maps to understand the use and treatment of such data.
To offer information or services of interest based on the User’s location, we may access geolocation data from the User’s device in cases where the User’s configuration permits it.
The Portal may offer features to share content through third-party applications such as Facebook, Instagram, or Twitter. These applications may collect and process information related to the user’s navigation on different websites. Any personal information collected through these applications may be used by third-party users of the same. Your interactions are subject to the privacy policies of the companies providing the applications.
The Portal may host blogs, forums, and other social media services to facilitate the exchange of knowledge and content. Any personal information provided by the user may be shared with other users of that service, over whom we have no control.
Video Surveillance
We also inform you that we have a video surveillance system, the function of which is to guarantee the security of people, property, and facilities. Current regulations legitimize the processing carried out based on legitimate interest; therefore, your image may be recorded simply by accessing our facilities.
This data may be communicated to State Security Forces and Bodies if necessary. Images will be stored for a maximum period of one (1) month from capture.
What is the LAWFUL BASIS for processing your data?
Clients
The legal basis for processing your data is (1) the execution of a contract and maintenance of the contractual relationship and (2) your consent requested for sending offers of products and services through electronic means, without the withdrawal of this consent conditioning the contract execution in any case.
Suppliers
The legal basis for processing your data is the execution of a contract to which the data subject is a party or for the application of pre-contractual measures.
Web or Email Contacts
The legal basis for processing your data is the data subject’s consent. In cases where submitting a request requires filling out a form and clicking the “send” button, doing so necessarily implies that you have been informed and have expressly granted your consent to the content of the clause attached to said form or acceptance of the privacy policy. All our forms have a checkbox that must be marked to access the offered services.
The purposes of processing will be:
- Managing inquiries or information requests sent through the Website, email, or telephone.
- Sending communications, special promotions, news, or actions of interest or requested by you, including via electronic means. As this is an ancillary purpose to the main one, the corresponding checkbox must be marked.
Personal data provided through this means will not be communicated to third parties, as AB6 Obres i serveis, S.L. will directly respond to such inquiries.
Social Media Contacts
The legal basis for processing your data is the acceptance of the contractual relationship with the corresponding social network provider manifested upon registration in their application and in accordance with their privacy policies, which are external to us.
Work with Us
If you provide us with your curriculum vitae via the Website, email, or physically at the address or any headquarters of AB6 Obres i serveis, S.L., we will incorporate it into our database. The curriculum vitae will be stored for a period of 1 year, after which, if we have not contacted you, it will be deleted.
The legal basis for processing is based on the express consent granted by the data subject for the processing of data contained in the CV by submitting it and marking the checkbox enabled for that purpose. The purpose of processing is to include you in present and future selection processes of AB6 Obres i serveis, S.L. or any entity belonging to the business group. In the event that the data subject finally joins as an employee of AB6 Obres i serveis, S.L. or any of the entities belonging to the business group, their data will be incorporated into a database owned by the same to internally manage the employee-employer relationship.
Newsletter Subscription
The Website allows the option to subscribe to the newsletter of AB6 Obres i serveis, S.L. To do so, an email address must be provided. This information will be stored in an AB6 Obres i serveis, S.L. database until the data subject requests cancellation or AB6 Obres i serveis, S.L. ceases the service.
The legal basis for processing this personal data is the express consent provided by all interested parties who subscribe to this service by marking the designated checkbox. Email data will only be processed and stored for the purpose of managing the newsletter distribution to users who request it.
Contest Participants
The legal basis for processing your data is your consent upon registering for the contest and accepting the privacy policy and contest rules. Collected personal data will not be transferred to third parties.
Website Users
The legal basis for processing data is our (1) legitimate interest in knowing our users’ browsing patterns to adapt to their interests and improve our relationship with them; and (2) your consent by browsing our website and accepting the cookie terms of use.
To which RECIPIENTS will your data be communicated?
Your data will not be transferred to third parties outside the service we provide, except by legal obligation. Specifically, it will be communicated to the State Tax Administration Agency, and to banks and financial entities for the collection of the service provided or product purchased. Your data may also be communicated to our service providers when necessary for contract execution. In these cases, the data processor has contractually committed to using the data only for the purpose justifying the processing and maintaining appropriate security measures.
What SECURITY MEASURES do we apply?
We have adopted appropriate technical and organizational measures to guarantee confidentiality, integrity, and availability in the processing of your personal data, specifically those that prevent loss, misuse, alteration, unauthorized access, and theft of personal data.
What are your RIGHTS when you provide us with your data?
- Right of Access: You can ask us if we are processing your data and in what manner.
- Right to Rectification: You can ask us to update your personal data if it is incorrect and delete it if you so wish.
- Right to Restriction of Processing: In this case, the data will only be kept by us for the exercise or defense of claims.
- Right to Object: Following your request to object to processing, we will stop processing the data in the manner indicated, unless compelling legitimate reasons or the exercise/defense of possible claims require continued processing.
- Right to Data Portability: If you want your data processed by another company, we will facilitate the portability of your data to the new controller.
- Right to Erasure: You can request that we delete your data when it is no longer necessary for processing, you withdraw your consent, it is unlawful processing, or there is a legal obligation to do so. We will analyze the case and apply the law.
If you need more information about the rights recognized by Law and how to exercise them, we recommend contacting the Spanish Data Protection Agency (AEPD). You may contact the Data Protection Officer prior to filing a claim against the data controller with the AEPD. If we have not addressed your request, you may file a claim with the AEPD. Forms for exercising rights are available upon request at the email cited above; you may also use those prepared by the AEPD or third parties. These forms must be electronically signed or accompanied by a photocopy of the ID card (DNI). If acting through a representative, it must also be accompanied by a copy of their ID or electronic signature. Forms must be presented in person or sent by postal or electronic mail to the addresses appearing in the “Controller” section. The maximum period for resolution is one month from receipt of your request.
For how long will we RETAIN your data?
Personal data will be kept as long as you maintain a relationship with us. Upon its conclusion, the personal data processed for each of the indicated purposes will be kept for the legally prescribed periods. If no such legal period exists, it will be kept until the data subject requests erasure or withdraws consent, or for the period a judge or court may require it based on the statute of limitations for legal actions. For each treatment or type of data, we provide a specific period, which you can consult in the following table:
| Data related to | Document | Retention |
|---|---|---|
| Clients and Suppliers | Invoices | 4 years (statute of limitations), art. 66 Law 58/2003, General Tax Law. 10 years (statute of limitations), Law 34/2015, of September 21, amending Law 58/2003, General Tax Law (Art. 66 bis). Administration checks and investigations. |
| Contracts | 5 years | |
| Documents and records of tax significance | General Tax Law, arts. 66 to 70. Previous 4 fiscal years. |
|
| Obligated subjects under Anti-Money Laundering Law, documentation proving AML compliance | Law 10/2010 art. 25. 10 years. |
|
| Human Resources | Payslips, TC1, TC2, etc. | 10 years, LO 7/2012. |
| Curriculums | Until the end of the selection process, and up to 1 year more unless the data subject withdraws consent or requests erasure. | |
| Severance pay docs. Contracts. Temporary worker data. Employee file. |
Law on infractions and sanctions in the social order (RD 8/2000): art. 21. 4 years. |
|
| Daily record of working hours. | RD Law 8/2019. 4 years. |
|
| Documentation or electronic records proving compliance with Occupational Risk Prevention (PRL) regulations. | 4 years. | |
| Documentation necessary for the obligation to pay Social Security contributions. | RDL 5/2000 art. 4. 5 years. |
|
| Digital tachograph: transfers and copies of data stored in memory. | Royal Decree 125/2017, of February 24. 1 year. |
|
| Marketing | Databases or website visitors. | While processing lasts. |
| Access control and Visitor Registry | AEPD Instruction 1/1996. | While processing lasts. |
| Video Surveillance | Video Surveillance | 30 days. |
| When it concerns an educational center. (Placement in common areas of school for protection of minors). | Art. 22.3 Organic Law 3/2018, of December 5, on Personal Data Protection and guarantee of digital rights. 30 days. |
|
| Legal Report AEPD 475/2014 | 10 days. | |
| Accounting | Accounting books and documents. Partner and board agreements, bylaws, minutes, board regulations, and delegated commissions. Financial statements, audit reports. Records and documents related to grants. | Commercial Code art. 30. 6 years. |
| Tax | Statute of limitations for checking tax bases and deductions. | 10 years, Law 34/2015, of September 21, amending Law 58/2003, General Tax Law (Art. 66bis). |
| Accounting books and other mandatory registry books (IRPF, VAT, IS, etc.) as well as documentary supports justifying entries. Management of the company, rights and obligations regarding tax payment. Management of dividend payments and tax withholdings. |
4 years, arts. 66 to 70, General Tax Law. | |
| Health and Safety | Workers’ Medical Records. | 5 years. |
| Environment | Information on chemical or substantially dangerous substances. | 10 years. |
| Documents regarding environmental permits | 3 years after closure of activity. 10 years (statute of limitations for crime). |
|
| Records on recycling or waste disposal. | 3 years. | |
| Grants for cleanup operations must keep docs of rights and obligations, receipts, and payments. | 4 años. | |
| Accident reports. | 5 years. | |
| Insurance | Insurance policies. | 6 years (general rule). 2 years (damages). 5 years (personal). 10 years (life). |
| Purchases | Registry of all goods delivered or services provided, intra-community acquisitions, imports, and exports for VAT purposes. | 10 años. |
| Legal | Intellectual and Industrial Property documents. Contracts and agreements. | 5 years. |
| Permits, licenses, certificates | 6 years from the expiration date of the permit, license, or certificate. 10 years (criminal statute of limitations). |
|
| Confidentiality and non-compete agreements. | Always for the duration of the obligation or confidentiality. | |
| Data Protection Regulations | Records and documents proving compliance with data protection requirements (audits, reports, processor contracts, etc.) | While processing lasts and for 3 years thereafter. |
| Documentation proving that data subjects’ rights requests are addressed | For 3 years after the request. | |
| Logs/Access registries to information systems | 2 years. | |
| If processing is based on consent, proof of consent | While processing lasts and for 3 years thereafter. | |
| Whistleblowing Channel | Internal reports. Compliance program (corporate criminal liability). | LOPDGDD 3/2018, art. 24.4: 3 months, unless the purpose is to provide evidence of the prevention model’s operation. 10 years (criminal statute of limitations). |
| Money Laundering | Obligated subjects shall keep the documentation formalizing compliance with Law obligations for a minimum of ten years. In any case, the archive system must ensure proper management and availability. | 10 years. |
| Article 25 of Law 10/2010 of April 28, on prevention of money laundering and terrorist financing | 10 years. | |
| Clinical History | Health centers must keep clinical documentation in conditions that guarantee correct maintenance and safety for the patient’s assistance for a minimum of five years from the date of discharge. It will also be kept for judicial effects. It will also be kept for epidemiological or research reasons when possible to avoid identification. To guarantee future uses, it will be kept for the minimum time established by state regulations from the date of discharge or death. |
5 years (minimum). Article 17 of Law 41/2002 of November 14, on patient autonomy and rights and obligations regarding clinical documentation. Law 10/2014, of December 29, of the Valencian Community (Health). |
| Traffic Data | Traffic data regarding internet connections, emails, and landline/mobile calls. User identifier, IP address, telephone number, IMSI and IMEI, date/time of communication, identification of type of service used. | 1 year. Article 5 of Law 25/2007, of October 18, on conservation of data regarding electronic communications and public communication networks. |
| Account Auditing | Auditors and audit firms shall keep documentation regarding each audit, including working papers and support for report conclusions, for five years from the report date. | 5 years. Article 24 of RDLeg. 1/2011 of July 1, approving the revised text of the Audit Law. |
| Access Control to Buildings | Data included in automated files created for building access control must be canceled one month after obtaining it. | 1 month. Rule five of AEPD Instruction 1/1996, of March 1. |
| Documents in Lawyers’ Files | Statute of limitations for professional liability actions against lawyers is five years since October 7, 2015; therefore, closed files must be kept for at least that period. | 5 years. Art. 1964.2 Civil Code, per Law 42/2015 of October 5. |
| Registry Books and Entry Forms in Hotels | Entry forms must be grouped in registry books (100-500 pages) and kept for three years at the disposal of Security Forces. Includes data of minors under 14, relationship, and payment details (type, identification of medium, IBAN, etc.). | 3 years. OM INT/1922/2003 of July 3. 3 years per Royal Decree 933/2021 regarding documentary registry obligations for hospitality and motor vehicle rental activities (includes tourist housing and internet portals). |
| Driver Recognition Centers | Centers must keep reports, findings of doctors and psychologists, complementary reports, and documents provided by the data subject for ten years. | 10 years. Article 15.5 of Royal Decree 170/2010 of February 19. |