Processing of (personal) data by the entity in charge of the online application process

INTRODUCTION

The Privacy Policy forms part of the General Conditions that govern the Page www.quibim.com together with the Policy of Cookies and the Legal Disclaimer.
Quibim, S.L. respects current legislation on the protection of personal data, the privacy of users and the secrecy and security of personal data, in accordance with the provisions of applicable legislation on data protection. Specifically, the Privacy Policy has been developed pursuant to the provisions of the “Personal Data Protection and Guarantee of Digital Rights” Organic Law 3/2018, of December 5, 2018 (the “LOPD GDD”), and pursuant the European General Data Protection Regulation 679/2016 (the “EU GDPR”) from the European Parliament and the Council, of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data. To this end, Quibim adopts the necessary technical and organizational measures to prevent the loss, misuse, alteration, unauthorized access and theft of the personal data provided, taking into account the state of technology, the nature of the data and the risks to which they are exposed. In particular, Quibim informs that your personal data may only be obtained for processing when it is adequate and relevant in relation to the specific, explicit and legitimate scope and purposes for which it was obtained.

DATA PROCESSING MANAGER AND DATA PROTECTION OFFICER

Quibim, S.L. (“Quibim”) with C.I.F. B-98481658, as holder of the website domains “www.quibim.com” and “www.quibim.es”, as well as their subdomains (indistinctively, the “Webs”), with address at Europa building, Aragón Avenue, 30, floor 13, 46021 Valencia (Spain), telephone: +34 961 243 225 and email address: contact@quibim.com is responsible for user personal data processing.

The Data Processing Officer (DPO) (dpo@quibim.com), recognizes the importance of protecting the privacy sphere of the user and/or visitor of the Website (hereinafter referred to as the “user”), for which it has been developed the present privacy policy for the protection of personal data (the “Privacy Policy”), so that the user can freely decide if he wants to facilitate Quibim the personal data that may be required or obtained in connection with his use of this Website and/or the requesting of any of the services offered therein.

PURPOSE OF THE PERSONAL DATA PROCESSING

In compliance with the provisions of the GDPR regulation, we inform you that personal data and information you provide to Quibim, whenever you complete any electronic form available in the Website in order to formalize the contract of our services (the “Data”), will be incorporated to a personal data file owned by Quibim.

The purpose of the personal Data processing is to process the User’s request, depending on the reason for which the data were provided:

Data management of candidates’ curriculums vitae.
- Data categories to be processed: Details in the CV of the person applying for the job: name and surnames, DNI/CIF/identification document, address, signature and telephone number. Sensitive personal data: gender, nationality, civil status, age, date and place of birth. Academic and professional Data: qualifications, academic education and professional experience. Image data: photo.
Data management of labour relations of Quibim personnel.
- Data categories to be processed: Contact information. Data regarding working life, salary and social security.
Data management of providers
- Data categories to be processed: Contact information and data needed to execute payments, and to track orders and/or contracted services.
Data management of customers
- Data categories to be processed: Contact information and other data necessary to provide services and issue invoices.
Data management of users
- Data categories to be processed: Contact information and data related to service access and usage.
Data management of subscribers to the Quibim newsletter
- Data categories to be processed: Contact information (name and email address).
Data management of new contacts
- Data categories to be processed: Contact information (name of the individual and/or organization he/she represents. Contact information such as email address, telephone number and/or postal address).

Data sources: In all processing mentioned, personal data comes from the interested party.

Questions included in forms are of a voluntary nature, except those marked with an asterisk (*), which are mandatory. In the case of not answering mandatory questions, Quibim reserves the right not to process incomplete requests.

LEGITIMACY FOR DATA MANAGEMENT

With regard to the processing of User data by Quibim, it will be legitimated by the explicit consent given by the interested party for the processing of his/her personal data with the intended purposes. The unequivocal and independent consent for each processing purpose is manifested when accepting the privacy policy.

DATA COMMUNICATIONS WITH THIRD PARTIES

Quibim is committed not to give, sell, or share the Data with third parties without the express and previous user consent. Moreover, international Data transfers are not performed.

It will be possible to legitimately communicate data to natural and legal persons related to the Data Processing Manager for the delivery of services associated with the purposes of the processing, under Quibim instructions. By contract, it is mandatory to protect and use such data only for the purposes for which it has been provided and being consistent with the current Privacy Policy.

Personal data provided by the User in the Website can be communicated to public organisms, courts and other administrative authorities, when deemed necessary, in order to comply with a legal obligation or to exercise legal actions against claims.

Furthermore, Quibim will cancel or rectify Data whenever being inexact, incomplete or are not necessary or appropriate anymore for the purpose for which they where provided by the User.

COMMERCIAL COMMUNICATIONS

Quibim, by means of some of the electronic forms included in the Website, will request your explicit consent in order to be able to send you commercial communications by any means, including e-mail or equivalent means of electronic communications.

SECURITY MEASURES

Quibim adopts the security measures required by LOPD GDD and GDPR Regulations, appropriate to the nature of the Data that are the object of treatment at any given time.

Quibim guarantees that it has implemented appropriate technical and organizational policies to apply the security measures stablished by the RGDP in order to protect the rights and freedoms of Users and has provided them with adequate information so that they can exercise them.

INFORMATION STORAGE PERIODS

The storage periods of personal data of interested parties are set according to the following criteria:

Personal data of clients and users: kept for a period of 5 yearsfrom the finalization of the provision of service by Quibim.
Personal data of providers and contacts: kept for a period of 3 years from the finalization of the commercial relationship with Quibim.
Personal data of personnel candidates: kept for a period of 2 years from the closing of the personnel selection process.
Documentation of a labour-related or social security nature: the documentation or records or computer media in which the corresponding data have been transmitted to prove compliance with the obligations regarding affiliation, registrations, removals or variations that, where appropriate, occur in relation to said matters, as well as the contribution documents and the receipts justifying the payment of salaries and the delegated payment of benefits, including also all the contractual documentation, will be kept for a term of 4 years from the cessation of the employment and/or contractual relationship between Quibim and the interested party.
Personal data for commercial communications: QUIBIM will keep indefinitely the personal data whose purpose of treatment is the send of commercial communications, up to a maximum of one month after the interested party requests the cancellation of said data through the corresponding exercise of their rights.

RIGHTS OF THE INTERESTED PARTY

The interested party who has provided his/her Data to Quibim may exercise his/her rights of access, rectification, suppression, limitation, portability and opposition (the “Rights of the interested party”), as well as to withdraw his/her explicit consent for the treatment of his/her personal data, on the terms legally provided for. For such purpose, a communication shall be notified:

By post to the following address: Europa building, Aragón Avenue, 30, floor 13th, 46021 Valencia (Spain);
By sending an e-mail to the following address: contact@quibim.com

In both cases, indicating your name, surnames and a copy of your identity card.

Additionally, the interested party has the right to submit a claim to the Data Protection Control Authorities in case of violation of their rights as interested.

AMENDMENTS TO THE PRIVACY POLICY

Quibim may unilaterally modify, at any time and without prior notice, the Privacy Policy, we therefore recommend that you print or save this policy and, in any case, to read and review the Privacy Policy every time you access the Website.

COOKIE POLICY - QUIBIM, S. L.

(hereinafter referred to as "QUIBIM")

In compliance with the duty of information set out in Article 22 (2) of Law 34/2002, of 11 July, on Information Society Services and Electronic Commerce, the purpose of this cookie policy is to inform users clearly and precisely about the cookies used by the https://quibim.com/ website.

WHAT ARE COOKIES?

Cookies and other similar technologies such as local shared objects, flash cookies or pixels, are small files that web servers send to your computer to store and retrieve information about your visitors, as well as to ensure the proper functioning of the site.

The use of these devices enables the web server to remember some data concerning the user, such as their preferences for viewing the pages of that server (country, language, etc.), name and password, products they are most interested in, etc. in order to improve the services offered and help provide the user with a better browsing experience.

WHAT IS THE SHELF LIFE?

Depending on the duration, a distinction can be made between:

Session cookies: cookiesdesigned to collect and store data while the user accesses a website.

Persistent cookies: cookies in which the data remain stored in the terminal and can be accessed and processed for a period defined by the party responsible for the cookie, which can range from a few minutes to several years.

WHO OWNS THE COOKIES?

Cookies can be classified according to ownership:

Own cookies: are sent to the user's terminal equipment from a computer or domain managed by the editor itself and from which the service requested by the user is provided.

Third-party cookies: are sent to the user's terminal equipment from a computer or domain that is not managed by the editor, but by another entity that processes the data obtained through the cookies.

WHAT COOKIES ARE USED ON https://quibim.com/?

Different types of cookies are used on the website for different purposes. The cookies used are listed below:

Category: Necessary Cookies

Necessary cookies make the website usable by enabling basic functions such as website navigation and access to secure areas of the website. The website cannot function properly without these cookies.

NAME	PURPOSE	MANAGEMENT	DATA SENT TO	EXPIRY
cookielawinfo-checkbox-necessary	Determines whether the visitor has accepted the cookie consent box.	quibim.com	Ireland Appropriate country under the GDPR (EU)	1 day
cookielawinfo-checkbox-non-necessary	Determines whether the visitor has accepted the cookie consent box.	quibim.com	Ireland Appropriate country under the GDPR (EU)	1 day
__cfruid	This cookie is a part of the services provided by Cloudflare - including load balancing, web content delivery and DNS server connection for web operators.	calendly.com	United States*1 Basis: art. 46.1.c) RGPD	Session
elementor	Used in relation to the Wordpress theme of the website. The cookie allows the website owner to deploy or change the content of the website in real time.	quibim.com	Ireland Appropriate country under the GDPR (EU)	Persistent
m	Determines the device used to access the website. This allows the website to be presented in the appropriate format.	m.stripe.com	United States*1 Basis: art. 46.1.c) RGPD	2 years
referrer_user_id	Required for the booking function of the website.	calendly.com	United States*1 Basis: art. 46.1.c) RGPD	14 days

¹Please refer to the section "international transfers" in the sub-section "Who is responsible?"

Category: Marketing cookies

Marketing cookies are used to track visitors across websites. The intention is to show ads that are relevant and attractive for the individual user, and therefore more valuable to publishers and third-party advertisers.

NAME

PURPOSE

MANAGEMENT

DATA SENT TO

EXPIRY

ads/ga-audiences

Used by Google AdWords to reconnect with visitors who are likely to become customers, it is based on the customer's online behavior across websites.

google.com

United States*2

Basis: art. 49.1.a) RGPD

Session

²Please refer to the section "international transfers" in the sub-section "Who is responsible?"

Category: Analysis cookies

Analysis cookies help the entity responsible for the cookie to track and analyze the behavior of the users of the websites to which they are linked, including the quantification of the impacts of the ads. The information collected by this type of cookie is used to measure the activity of the website, application or platform, for the purpose of making improvements according to the analysis of the usage data of the service users.

NAME	PURPOSE	MANAGEMENT	DATA SENT TO	EXPIRY
_ga	It records a unique ID that is used to generate statistical data about how the visitor uses the website.	quibim.com	United States*3 Basis: art. 49.1.a) RGPD	2 years
_ga_#	Collects data on the number of times a user has visited the website, as well as the dates of the first and most recent visit. Used by Google Analytics.	quibim.com	United States*3 Basis: art. 49.1.a) RGPD.	2 years
_gat	Used by Google Analytics to track request rates	quibim.com	United States*3 Basis: art. 49.1.a) RGPD	1 day
_gid	It records a unique ID that is used to generate statistical data about how the visitor uses the website.	quibim.com	United States*3 Basis: art. 49.1.a) RGPD	1 day
_hjAbsoluteSessionInProgress	This cookie is used to count the number of times a website has been visited by different visitors. This is achieved by assigning a random ID to the visitor, to avoid double visitor registration.	quibim.com	United Kingdom Appropriate country under the GDPR (EU)	1 day
_hjFirstSeen	This cookie is used to determine whether the visitor has visited the website before or is a new visitor.	quibim.com	United Kingdom Appropriate country under the GDPR (EU)	1 day
_hjIncludedInPageviewSample	Used to detect whether user navigation and interactions are included in the website's data analysis.	quibim.com	United Kingdom Appropriate country under the GDPR (EU)	1 day
_hjIncludedInSessionSample	It records data on visitor behavior on the website. This is used for internal analysis and website optimization.	quibim.com	France Appropriate country under the GDPR (EU)	1 day
_hjSession_#	Collects statistics about the user's visits to the website, such as the number of visits, the average time spent on the website and which pages have been read.	quibim.com	United Kingdom Appropriate country under the GDPR (EU).	1 day
_hjSessionUser_#	Collects statistics on the user's visits to the website, such as the number of visits, the average time spent on the website and which pages have been read.	quibim.com	United Kingdom Appropriate country under the GDPR (EU).	1 year
c3po.jpg	Collects data related to browsing and user behavior - This is used to compile statistical reports and heatmaps for the website owner.	tracker.metricool.com	United States*3 Basis: art. 49.1.a) RGPD.	Session

³Please refer to the section "international transfers" in the sub-section "Who is responsible?"

Category: Preference cookies

Preference cookies enable the website to remember information that changes the way the website behaves or looks, such as the user’s preferred language or the region you are in.

NAME

PURPOSE

MANAGEMENT

DATA SENT TO

EXPIRY

calendly_session

If consent is given by the visitor, this cookie allows the website to add events to the visitor's calendar.

calendly.com

United States^*4

Basis: art. 49.1.a) RGPD.

21 days

⁴Please refer to the section "international transfers" in the sub-section "Who is responsible?"

These information tables will be updated as the services offered on this website change.

WHO IS RESPONSIBLE?

QUIBIM, S.L. is the Data Controller of the personal data of the Data Subject and informs you that these data will be processed in accordance with the provisions of Regulation (EU) 2016/679, of 27 April 2016 (GDPR), for which you are provided with the following processing information:

Purposes of processing: as specified in the section on cookies used on this website.

Lawfulness of the processing: with the exception of necessary cookies, the lawful basis of the processing is the consent of the data subject (art. 6.1.a) GDPR). For necessary cookies, the lawful basis is the legitimate interest of the data controller (6.1.f) GDPR).

Data retention criteria: as specified in the section on cookies used on the website.

Disclosure of data: data will not be disclosed to third parties, except for cookies owned by third parties or to comply with a legal obligation.

International data transfers: This website uses cookies from US providers so it is likely that your data will be transferred to or stored in the US. Please note that the EU, following the Schrems II ruling, no longer recognizes the Privacy Shield as a valid mechanism for complying with data protection requirements when transferring personal data to the US, so your data may not be adequately protected in the US. Therefore, the aforementioned companies have announced that their processing of personal data will be legitimized in the Standard Contractual Clauses. QUIBIM, S.L. is monitoring the transparency documentation published by the aforementioned companies and is in the process of evaluating the additional mechanisms proposed by them. Further information will be provided as it is made available by the relevant companies and supervisory authorities.

HOW TO CHANGE THE COOKIE SETTINGS?

Cookie settings panel

From the cookie configuration panel you can configure the cookies that the website can install in your browser, except for the technical or functional cookies that are necessary for browsing and using the different options or services offered.

Modify cookies from the browser

Remember that you can also restrict, block or delete cookies from QUIBIM, or any other website using your browser.

Delete cookies from your device

Cookies that are already on a device can be deleted by clearing the browser history, which deletes cookies from all visited websites.

However, some of the saved information (e.g. login data or website preferences) may also be lost.

Manage site-specific cookies

To have more precise control over site-specific cookies, users can adjust their privacy and cookie settings in their browser.

Blocking cookies

Although most modern browsers can be configured to prevent cookies from being installed on your device, this may require you to manually adjust certain preferences each time you visit a site or page. In addition, some services and features may not work properly (e.g. profile logins).

In each browser the operation is different, you can find out how to do it in the browser's help menu, which establishes the procedure for its elimination. For more information you can access the following web pages:

Google Chrome: https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=en

Mozilla Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences?redirect=no

Safari: https://support.apple.com/guide/safari/manage-cookies-sfri11471/mac

Internet Explorer: https://support.microsoft.com/en-us/topic/how-to-delete-cookie-files-in-internet-explorer-bca9446f-d873-78de-77ba-d42645fa52fc

It is possible that by disabling certain cookies the website may not function correctly or you may not be able to access certain functions of the website.

Date of last update: 17/11/2022.

Processing of (personal) data by the operator of the recruitment website

General information

This recruitment website is operated by Personio SE & Co. KG, which offers a human resource and candidate management software solution (https://www.personio.com/legal-notice/). Data transmitted as part of your application will be transferred using TLS encryption and stored in a database. The sole controller of this data within the meaning of article 24 of the GDPR is the enterprise carrying out this online application process. Personio’s role is limited to operating the software and this recruitment website and, in this context, being a processor under article 28 of the GDPR. In this case, the processing by Personio is based on an agreement for the processing of orders between the controller and Personio. In addition, Personio SE & Co. KG processes further data, some of which may be personal data, to provide its services, in particular for operating this recruitment website. We will refer to this in more detail below.

The controller

The controller under data protection law is:
Personio SE & Co. KG
Seidlstraße 3
80335 München
Tel.: +49 (89) 1250 1004
Entry in the commercial register
Commercial register entry number: HRA 115934
Registration Court: Amtsgericht München
Data Protection Officer contact: privacy@personio.com

Access logs (“server logs”)

Each access to this recruitment website automatically causes general protocol data, so-called server logs, to be collected. As a rule, this data is a pseudonym and thus does not allow for inferences about the identity of an individual. Without this data, it would, in some cases, be technically impossible to deliver or display the contents of the software. In addition, processing this data is absolutely necessary under security aspects, in particular for access, input, transfer, and storage control. Furthermore, this anonymous information can be used for statistical purposes and for optimizing services and technology. In addition, the log files can be checked and analyzed retrospectively when unlawful use of the software is suspected. The legal basis for this is §25 subsection 2 Sentence 2 TDDDG. Generally, data such as the domain name of the website, the web browser and web-browser version, the operating system, the IP address, as well as the timestamp of the access to the software is collected. The scope of this log process does not exceed the common log scope of any other site on the web. These access logs are stored for a period of up to 7 days. There is no right to object to this.

Error logs

So-called error logs are generated for the purpose of identifying and fixing bugs. This is absolutely necessary to ensure we can react as quickly as possible to possible problems with displaying and implementing content (legitimate interest). As a rule, this data is a pseudonym and thus does not allow for inferences about the identity of an individual. The legal basis for this is §25 subsection 2 Sentence 2 TDDDG. When an error message occurs, general data such as the domain name of the website, the web browser and web-browser version, the operating system, the IP address, as well as the timestamp upon occurrence of the respective error message and/or specification is collected. These error logs are stored for a period of up to 7 days. There is no right to object to this.

Use of cookies

So-called cookies are used on parts of this recruitment website. They are small text files which are stored on the device with which you access this recruitment website. As a general rule, cookies serve the purpose of ensuring secure access to a website (“absolutely necessary”), implementing certain functionalities such as standard-language settings (“functional”), improving the user experience or the performance of the website (“performance”), or placing targeted advertisements (“marketing”). On this recruitment website, we generally use only cookies that are absolutely necessary, functional or performance-related, in particular for implementing certain default settings such as language, for identifying the job advertising channel, or for analyzing the performance of a job advert via which a user accessed this recruitment website. The use of cookies is absolutely necessary for providing our services and thus for the performance of the contract (article 6 (1) b) of the GDPR). Period of storage: up to 1 month or until the end of the browser session Right to object: You can determine via your browser settings whether you allow or object to the use of cookies. Please note that deactivating cookies may result in limited or completely blocked functionalities of this recruitment website.

Rights of data subjects

If Personio SE & Co. KG as the controller processes personal data, you as the data subject have certain rights under Chapter III of the EU General Data Protection Regulation (GDPR), depending on the legal basis and the purpose of the processing, in particular the right of access (article 15 of the GDPR) and the rights to rectification (article 16 of the GDPR), erasure (article 17 of the GDPR), restriction of processing (article 18 of the GDPR), and data portability (article 20 of the GDPR), as well as the right to object (article 21 of the GDPR). If the personal data is processed with your consent, you have the right to withdraw this consent under article 7 III of the GDPR. To assert your rights as a data subject in relation to the data processed for the purpose of operating this recruitment website, please refer to Personio SE & Co. KG’s Data Protection Officer (see item B).

Concluding provisions

Personio reserves the right to adjust this data privacy statement at any point in time to ensure that it is in line with the current legal requirements at all times, or in order to accommodate changes in the services offered, for example when new services are introduced. In this case, the new data privacy statement applies to any later visit of this recruitment website or any later job application.