Privacy Policy

In accordance with the General Data Protection Regulation of the European Union (hereinafter referred to as the "RGPD”).

Personal data collected by different means will be controlled and processed by the Data Controller in accordance with the terms of this Privacy Notice.

 

Data Controller

The Responsible for the processing of personal data is Asesores y Gestores de Telecomunicación, S.A. with registered address at c/ Dalia, 265. 28109 Alcobendas. Madrid.

The personal data collected will be controlled and processed by the Data Controller.

In addition, personal data may be processed or controlled jointly by any of the companies in the Asesores y Gestores International Group, currently made up of

  • Asesores y Gestores International Recruitment Group, S.A. de CV (Mexico)
  • Asesores y Gestores International Recruitment Group, S.A.S. (Colombia)

 

This privacy notice applies to:

(1) our job applicants, 

(2) our partners,

(3) users of this website; and

(4) customers and suppliers.

 

The Privacy Notice describes the types of personal data or personal information we collect, how we use this information, how we process and protect the information we collect, how long we store it, with whom we share it, to whom we transfer it, and the rights individuals may exercise regarding our use of their personal data. It also describes how you can contact us about our privacy practices and exercise your rights. Our privacy practices may vary among the countries in which we operate to reflect local practices and legal requirements.

 

You can view specific local terms below:

A. Mexico Privacy Policy

B. Colombia Privacy Policy

 

Information we collect

We collect your personal information in several ways, such as through our website, social networks; at our events and through telephone, email and in-person recruitment and our interaction with customers and suppliers. We may collect a selection of personal data depending on the nature of the relationship, which includes, but is not limited to (as permitted by local law):

  • Contact information (such as name, postal address, email address and telephone number).
  • Information you provide about people you want us to contact (the Controller assumes that such people have previously given permission for such communication).
  • Other information you provide to us, such as in the "Write to us" function on our website.

In addition, if you are a candidate and apply for a position, we may collect the following types of personal information (as permitted by local law):

  • Work and academic history.
  • Language and other job-related skills.
  • Identity document number.
  • Date of birth.
  • Nationality and authorization to work in the country.
  • Information provided by references.
  • Information contained in your resume, information you provide regarding your professional interests, and other information about your qualifications for the job.

And where required by law and explicit consent has been provided by you:

  • Disabilities and health-related information.

 

How we use the information we collect

We use the information described above for the following purposes (as permitted by local law):

  • To conduct the selection process for a vacancy that you applied for.
  • To determine whether your profile is suitable for the position for which you are applying.
  • To find certain professional and personal competencies according to the requirements imposed by the client to fill a vacancy.
  • To know your situation and environment in which you work.
  • To transfer the information from the CVs to the client companies that have requested recruitment.
  • According to your professional profile, send by e-mail information about vacancies to which you could apply.
  • Where permitted by law, in accordance with the notice of cookies and advertising from the Data Controller (Asesores y Gestores de Telecomunicación SA), and only if you have given your consent, to send promotional materials, alerts on available positions and other communications.
  • Respond to specific queries and requests.

 

Reasons for processing

Data processing will be carried out on the basis of the application of appropriate legal grounds corresponding to a number of categories, including

(a) the consent or explicit consent of the data subject, where required by the applicable law;

b) where it is essential and necessary for the legitimate interest of the data controller as described in more detail below [for example to enable the user to access the website to use the services offered].

 

Legitimate interest

The Data Controller may process personal data for certain legitimate business purposes, including some of the following:

  • where the process enables us to enhance, modify, customize or improve our services/communications for the benefit of our customers, candidates and employees;
  • to improve the security of our network and information systems;
  • to better understand how people interact with our website;
  • for direct marketing purposes;
  • to provide you with postal or electronic communications that we believe will be of interest to you;
  • to determine the effectiveness of promotional and advertising campaigns.

Whenever we process data for these purposes, we will ensure that we take into account and respect your rights. You have the right to object to such processing, and if you wish to do so, please send an e-mail to dataprotection@asesoresygestores.net. Please note that if you exercise your right to object, this may affect our ability to carry out and provide services to you for your benefit.

 

How we process and protect personal information

We process the personal data we collect for the purposes defined in this notice and only for the period of time necessary for the purposes for which we collect it. Different applicable laws may also involve obligations to maintain different data for different periods of time.

We maintain administrative, technical and physical safeguards designed to protect the personal data you provide against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. To ensure adequate security and confidentiality of personal data, we implement the following security measures:

- Physical Security and Logical Security: Physical Security has physical access control, a video surveillance system, a fire system, network operators and redundant electrical supplies. In Logical Security, there is a perimeter firewall to protect the network and applications, and protection in case of a Denial of Service attack, also called DOS (Denial of Service) attack.

In case of Non-Managed Servers, the perimeter firewall is open, since it needs to be customized in each case, but it has the basic protection of DOS. Local firewalls are also available on each server and application firewalls (WAF).

Other security actions that are performed are daily backups.

- Open ports: Ports are established by the services contracted.

- Mail Security: Users are protected from brute force attacks to discover access passwords, user and password, through the firewall for applications. The mail service also has antivirus and antispam.

- Blocking by false positives: Occasional cases of false positives can occur, when the firewall detects an attack that is not intentional. When these cases occur, the provider together with the client analyses the reasons for finding the best solution, a responsibility shared by both parties.

- Injected code scripts: In relation to computer attacks in which malicious code is injected into scripts, simple program, which stores in a flat text file on web pages, or through phishing, model of computer abuse and is committed through the use of a type of social engineering characterized by trying to acquire confidential information fraudulently, actions are carried out, on the one hand, proactively (perimeter firewall, WAF and antivirus) and, on the other hand, reactively when the code has been injected, through the warnings of external services ( INTECO-INCIBE, Google Analytics, SpamHaus, etc. ). In this case, the responsibility is also shared between the user and the company, since the user has to take care of the updates and security patches of their applications and plugins.

- Antivirus: The services are protected with ClamAV Antivirus, an open source antivirus package that provides a series of utilities that include a flexible and scalable multiprocess, a command line scanner and an advanced tool for the automatic updating of virus definition bases.

 - ISO27001: The supplier has the ISO27001 security certificate.

 

How long we store the information we collect

We store the personal data we collect in our systems in a way that allows the identification of the data subjects for as long as necessary for the purposes for which the data was collected or for which it is further processed.

We determine this specific period of time by taking into account

  • The need to keep stored the personal data collected in order to offer services established with the user;
  • To safeguard a legitimate interest of the data controller as described in the purposes;
  • The existence of specific legal obligations that make processing and related storage necessary for a specific period of time.
     

Information we share

We do not disclose the personal information we collect about you except as described in this Privacy Notice or in separate notices regarding certain activities. We share personal information with providers who perform services on our behalf based on our instructions. We do not authorize these providers to use or disclose the information except as necessary to perform services on our behalf or to comply with legal requirements. We may also share your personal information (i) with our affiliates and (ii) if you are a candidate for the position, with customers who may have job opportunities available or interest in hiring our candidates and (iii) with other people we work with, such as employment consultants and subcontractors, to find a job for you.

In addition, we may disclose personal information (i) if we are required to do so by law or legal process; (ii) to law enforcement or other government officials based on a lawful request for disclosure; and (iii) when we believe the disclosure is necessary or appropriate to prevent physical harm or financial loss, or in connection with an investigation of actual or suspected fraudulent or illegal activity. We also reserve the right to transfer your personal information in the event that we sell or transfer all or part of our business or assets (including in the event of a reorganization, dissolution or liquidation).

 

Data Transfers

We may transfer the personal information we collect about you to countries other than the country in which the information was originally collected. Those countries may not have the same data protection laws as the country in which you originally provided the information. When we transfer your information to other countries, we will protect it as described in this privacy policy and such transfers will comply with applicable law.

The countries to which we may transfer the personal data we collect about you may be:

  • Within the European Union.
  • Outside the European Union.

When we transfer personal data from the European Union to countries or international organizations outside of the European Union, the transfer is on the basis of:

  • European Commission's decision on adequacy;
  • In the absence of a decision on adequacy, other legally permissible grounds, such as (a) legally binding and enforceable instrument between public authorities or bodies; (b) binding corporate rules; (c) standard data protection clauses (formerly called model clauses) adopted by the Commission, etc.

 

Rights of the interested parties
Where permitted by applicable law, you may exercise, in accordance with Articles 15 to 22 of the GPRS, the following specific rights:

  • Right of access: a data subject has the right to access his/her personal data in order to verify that it is processed in accordance with the law.
  • Right of rectification: a data subject has the right to request the rectification of any personal data concerning him/her which are inaccurate or incomplete, in order to protect the accuracy of such information and to adapt it to the processing of the data.
  • Right of erase: a data subject has the right to request that the data controller delete his/her information and no longer process such data. However, a number of exceptions are regulated where this right does not apply.
  • Right to limitation of processing: a data subject has the right to request that the data controller restrict the processing of his/her data.
  • Right to data portability: a data subject has the right to request portability of the data, which means that the data subject may receive the personal data originally provided in a structured and commonly used format or that the data subject may request the transfer of the data to another data controller.
  • Right to object: a data subject who provides personal data to a data controller has the right to object, at any time, to the processing of data on a number of grounds, as set out in the RGPD, without having to justify his/her decision.
  • Right not to be subject to automated individual decisions: the data subject has the right not to be subject to a decision based solely on automated processing, including profiling, if such a profile has a legal effect on the data subject or significantly affects him or her.
  • Right to lodge a complaint with a supervisory authority: the data subject has the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of his or her habitual residence, place of work or place of the alleged breach, if the data subject considers that the processing of personal data relating to him or her violates the RGPD.

Where data processing is based on consent, as stipulated in Article 7 of the RGPD, you may withdraw your consent at any time.


If you need more information about the processing of your personal data, please send an e-mail to dataprotection@asesoresygestores.net

 

Privacy Notice Updates

This privacy notice (including any attachments) may be updated periodically to reflect changes in our privacy practices and legal updates. We will notify you of significant changes by posting a prominent notice on our website indicating at the top of the policy when it was last updated.


Contact

If you have any questions or comments about this Privacy Notice, or want to exercise your rights, please write to the Data Protection Officer in Spain:
Asesores y Gestores de Telecomunicación SA. C/ Dalia, 265. 28109 Alcobendas. Madrid.

 

Privacy Notice for Mexico


 
Personal data that is requested or provided voluntarily will be treated in accordance with the Federal Law on the Protection of Personal Data in the Possession of Individuals, published in the Official Gazette of the Federation on July 5, 2010, as well as its Regulations of December 21, 2012, guaranteeing at all times the use of administrative, physical and technical security measures sufficient to protect your data from damage, loss, alteration, destruction, or unauthorized use, access or treatment.

 

You are also informed of the following:

 

Responsible for processing and address

The Responsible for the processing of personal data is the company Asesores y Gestores International Recruitment Group, S.A. de C.V. (hereinafter Asesores y Gestores), whose address is located at Av. Insurgentes Sur 1915 - 502. Guadalupe INN, Delegación Álvaro Obregón, C.P. 01020, in Mexico City, Federal District.

 

Purposes of the processing of personal data

The personal data that is collected directly from the owner, as well as those provided voluntarily through the company's website www.asesoresygestores.net, specialized job search portals and social networks, will be used for the following purposes:

  • To carry out the selection process for a vacancy that you applied for.
  • To determine if your profile is suitable for the position you are applying for.
  • To find certain professional and personal skills according to the requirements imposed by the client to fill a vacancy.
  • To know your situation and environment in which you work.
  • To transfer the information from the CVs to the client companies that have requested recruitment.
  • According to your professional profile, send by e-mail information about vacancies to which you could apply.

 

Means of exercising rights of access, rectification, cancellation and opposition (ARCO)

For the exercise of ARCO Rights, you or your duly accredited legal representative may send a written request to the following e-mail address: dataprotection@asesoresygestores.net or by mail to the above address.

Name of the owner of the data, address or other means of communicating the response to your request. Indicate the means by which you wish your request to be answered:

  • Address
  • Email address
  • Document proving your identity or that of your representative
  • Clear and precise description of the data by which one seeks to exercise any of the rights, and
  • Any other element or document that facilitates the location of personal data

 
However, you may request the application form and the procedure for action from the following e-mail address: dataprotection@asesoresygestores.net
 
Legal deadlines for response:20 working days to inform the holder of the determination made regarding the application, and if appropriate, it will be effective within 15 working days after the date on which the determination was communicated.


National and international transfers of personal data

National Transfers

You are hereby informed that your identification, professional and academic data will be communicated to the Client companies, for which you are applying for a job vacancy.

 

International Transfers

In accordance with section III and IV of Article 37 of the Federal Law on the Protection of Personal Data in Possession of Individuals, you are informed that your personal data will be communicated to a company belonging to the Group, Asesores y Gestores de Telecomunicación, S.A., located in Madrid, Spain.

 

Likewise, your identification, professional and academic data will be communicated to the Client companies, for which you are applying for a job vacancy.

 

Revocation of consent

You may revoke your consent to the processing of your data. However, it is important that you are informed that it is not always possible to comply with your request or to terminate the use of your data immediately, as it could be the case that some legal obligation requires you to continue processing your data. In any case, you must take into account that the revocation of your data implies the conclusion of the relationship with the Data Controller.

 

To revoke your consent, you may send a written request to the following e-mail address: dataprotection@asesoresygestores.net

 

To find out the procedure for revoking your consent, you can contact us by post or by writing an e-mail to the following address: dataprotection@asesoresygestores.net so that we can send you your consent.

 

Changes to the Privacy Notice

This Privacy Notice may change due to new legal requirements, our own needs for the services we offer, our privacy practices, changes in our business model, or other causes. Asesores y Gestores is committed to keeping you informed, either through our website www.asesoresygestores.net or, if applicable, by sending you the last email registered in our database. In the event that you do not express your refusal, it will be understood as consented.

 

Means of limiting the use or disclosure of personal data

In order for you to limit the use or disclosure of your data, other than the exercise of ARCO rights, or revocation of your consent, Asesores y Gestores offers you the following e-mail: dataprotection@asesoresygestores.net in order not to receive communications or reports of job vacancies.

 

Request for sensitive data

You are informed that, in certain job vacancies, handicap data, considered as sensitive data, will be requested in accordance with the Federal Law on the Protection of Personal Data in the Possession of Individuals.

 

Privacy Notice for Colombia 

 
In accordance with Law 1581 of 2012 on the Protection of Personal Data, as well as its Regulatory Decree, 1377 of 2013, personal data that is requested or provided voluntarily will be processed guaranteeing at all times the use of administrative, human and technical security measures sufficient to protect your data from damage, loss, alteration, destruction, or unauthorized use, access or processing.
 

You are also informed of the following:

 

Responsible for the treatment and address

The company ASESORES Y GESTORES INTERNATIONAL RECRUITMENT GROUP, S.A.S. (hereinafter referred to as Asesores y Gestores), whose address is Calle 31, No. 6-42, Of. 602, Bogotá, Colombia, is responsible for the processing of personal data. Tel. +57 1 102 0006.

 

Purposes of data processing

The personal data that is collected directly from the owner, as well as those provided voluntarily through the company's website www.asesoresygestores.net, specialized job search portals and social networks, will be used for the following purposes:

  • To carry out the selection process for a vacancy that you applied for.
  • To determine if your profile is suitable for the position you are applying for.
  • To find certain professional and personal skills according to the requirements imposed by the client to fill a vacancy.
  • To know your situation and environment in which you work.
  • To transfer the information from the CVs to the client companies that have requested recruitment.
  • According to your professional profile, send by e-mail information about vacancies to which you could apply.

 

Means of exercising rights of access, updating, rectification and deletion

To exercise the Rights, you, your assigns or your duly accredited legal representative may send a written request to the following e-mail address: dataprotection@asesoresygestores.net, as well as by mail to the above address.

 

Name of the owner of the data, address or other means of communicating the response to your request. Indicate the means by which you wish your request to be answered:

  • Address.
  • E-mail address.
  • Document proving your identity or that of your representative.
  • Clear and precise description of the data by which you are seeking to exercise any of the rights, and
  • Any other element or document that facilitates the location of personal data

However, you may request the application form and the procedure for action from the following e-mail address: dataprotection@asesoresygestores.net

 
Legal deadlines for reply:

The consultation will be answered within a maximum of ten (10) working days from the date of receipt. When it is not possible to attend the consultation within this term, the interested party will be informed, expressing the reasons for the delay and indicating the date when the consultation will be attended, which in no case may exceed five (5) working days after the expiration of the first term.

 

Transfers to third countries.

In accordance with Article 26 of Law 1581 of 2012, on the protection of personal data and Article 24 of Decree 1377 of 2013, which regulates the Law on the Protection of Personal Data, you are informed that your personal data will be communicated to the company belonging to the Group, Asesores y Gestores de Telecomunicación S.A., located in Madrid, Spain, a country with an adequate level of security regarding the protection of personal data.

Likewise, your identification, professional and academic data will be communicated to the Client companies, for which you are applying for a job vacancy, provided that your express and unequivocal consent has been obtained.

 

Revocation of authorization and/or deletion of data

You may, at any time, request the person in charge to delete your personal data and/or revoke the authorization granted for the processing of such data, by submitting a complaint, in accordance with the provisions of Article 15 of Law 1581 of 2012. The procedure for revocation and/or suppression of the data may be requested at the following e-mail address: dataprotection@asesoresygestores.net

The request for deletion of information and revocation of authorization will not proceed when you have a legal or contractual duty to remain in the database.

If, upon expiration of the respective legal term, the Controller and/or the person in charge, as the case may be, has not deleted the personal data, you shall be entitled to request the Superintendence of Industry and Commerce to order the revocation of the authorization and/or the deletion of the personal data.


Changes to the Privacy Notice

This Privacy Notice may change due to new legal requirements, our own needs for the services we offer, our privacy practices, changes in our business model, or other causes. Asesores y Gestores is committed to keeping you informed, either through our website www.asesoresygestores.net or, if applicable, by sending you the last email registered in our database. In the event that you do not express your refusal, it will be understood as consented.

 

Means to limit the use or disclosure of personal data

In order for you to limit the use or disclosure of your data, other than the exercise of the rights of the holders, or revocation of your consent, Asesores y Gestores, offers you the following e-mail: dataprotection@asesoresygestores.net in order not to receive communications or reports of job vacancies.

 

Request for sensitive data

You are informed that, in certain job vacancies, handicap data will be requested, considered as sensitive data, and therefore your express authorization will be required for the processing of such data.

ASESORES Y GESTORES INTERNATIONAL RECRUITMENT GROUP, S.A.S.