The direction / Governing body LESAN MANAGEMENT GROUP, S.L. (onwards, the controller), assumes maximum responsibility and commitment to the establishment, implementation and maintenance of this Policy Data Protection, ensuring the continuous improvement of the controller in order to achieve excellence in relation to compliance with Regulation (EU) 2016/679 European Parliament and Council, of 27 April 2016, on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the Directive repealing persons 95/46 / EC (General Data Protection Regulation) (THE GIFTED 119/1, 04-05-2016), and Spanish protection legislation personal data (Organic Law, specific sectoral legislation and its implementing rules).

Policy Data Protection LESAN MANAGEMENT GROUP, S.L. rests on the principle of proactive responsibility, according to which the controller is responsible for compliance with the regulatory framework and case law governing this Policy, and he is able to prove to the competent control authorities.

In this regard, the controller shall be governed by the following principles must serve all its staff as a guide and framework in the processing of personal data:

  1. Data protection from the design: the controller apply, both when determining the processing means and at the time of the treatment itself, appropriate technical and organizational measures, as pseudonymisation, designed to effectively implement the principles of data protection, such as data minimization, and integrate the necessary guarantees treatment.

  1. Default Data Protection: the controller will apply the appropriate technical and organizational measures to ensure that, default, are only processed personal data necessary for each of the specific purposes of treatment.

  1. Data protection in the lifecycle of information: measures to ensure the protection of personal data shall apply during the entire life cycle of information.

  1. legality, loyalty and transparency: personal data will be lawfully, fair and transparent in relation to the applicant.

  1. Purpose limitation: personal data will be collected for specified purposes, explicit and legitimate, and they will not be further processed in a manner inconsistent with those purposes.

  1. Data minimization: personal data must be adequate, relevant and limited to what is necessary in relation to the purposes for which they are treated.

  1. Accuracy: personal data must be accurate and, if necessary, updated; all reasonable steps to be deleted or corrected without delay personal data are inaccurate regarding the purpose for which shall be adopted treated.

  1. Limited term of conservation: personal data will be maintained to the identification of stakeholders allows for no longer than necessary for the purposes of processing of personal data.

  1. Integrity and confidentiality: personal data will be processed so that an adequate security of personal data is ensured, including protection against unauthorized or unlawful processing and against loss, destruction or accidental damage, by applying technical and organizational measures appropriate.

  1. Information and training: one of the keys to ensure the protection of personal data is the training and information to staff involved in the processing thereof is facilitated. During the life cycle of information, all staff with access to data will be properly trained and informed about their obligations regarding compliance with data protection rules.

Policy Data Protection LESAN MANAGEMENT GROUP, S.L. It is communicated to all staff of the controller and made available to all interested parties.

In consequence, this Policy Data Protection involves all staff of the controller, you must know and assume, considering it as own, each member being responsible for applying and verifying the data protection rules applicable to its activity, and identify and provide opportunities for improvement it deems appropriate in order to achieve excellence in relation to compliance.

This policy will be reviewed by the Directorate / Governing body LESAN MANAGEMENT GROUP, S.L., many times as deemed necessary, to suit, at all times, to the existing provisions on the protection of personal data.