Data Protection

Data Protection and Privacy

Regulation (EU) 2016/679 of April 27, 2016 regarding the protection of natural persons with regard to the processing of personal data and the free circulation of these data and Law 3/2018 of December 5 LOPDGDD

Version 2.0 Enero 2020

ANTEA is aware of the importance of the privacy of personal data and, therefore, has implemented a data processing policy aimed at promoting maximum security in the use and collection thereof, guaranteeing compliance with current regulations in the matter and configuring said policy as one of the basic pillars in the entity's lines of action. We are committed to the ethical treatment of personal data and we apply the principles of legality, loyalty and transparency to all our procedures.

To perform our services we need data, both billing, and the workers of our client companies (to comply with the Law on Prevention of Occupational Risks) therefore it is possible that personal data may be requested through different forms provided to the effect. Said data will form part of the pertinent treatments based on the determined and specific purpose that motivates collecting them. In this case, the purpose is to comply with our prevention contract (training for workers, communication with our clients, making appointments and carrying out technical documentation including medical examinations for workers). The personal data you provide will be kept for the minimum time necessary for the correct provision of the service offered, as well as to meet the responsibilities that may arise from it and any other legal requirement.

Subsequently we proceed to block it by applying computer security measures. In the cases of Health Surveillance, we act as Responsible for the treatment and the conservation periods are set by the Patient Law and the Royal Decrees that affect the Prevention of Occupational Risks.

In this way, the particular information of each data processing will be provided together with the forms, the data controller being common to all of them: ANTEA.

You can browse our page without providing any personal data.

In the event that you provide your data through an email message, it will be part of a treatment whose purpose will be to manage the request or comment that you make to us, the rest of the points indicated in the previous paragraph being applicable. If you are not a client, the mail will be kept for the shortest possible time to respond to your request

ANTEA has implemented the necessary technical and organizational measures to avoid the loss, misuse, alteration, unauthorized access and theft of the Personal Data that the interested parties could facilitate as a result of accessing the different sections, applying the security measures contemplated in the General Data Protection Regulation.

Why we request your personal data?

We ask that you share your personal data with us for purposes including, but not limited to, the following:

  • Carry out technical documentation on prevention.
  • Being able to communicate by email or telephone to resolve your doubts.
  • Carry out the training diploma corresponding to their workers or their medical examinations.
  • Medical certificate.
  • Commercial communications with our clients.

The processing of your personal data is carried out only for the purposes that have been communicated to your company. If they are used for other (closely related) purposes, additional data protection measures will be adopted if required by law and will be unequivocally communicated.

Types of personal data we collect

When you work with ANTEA, the data that are necessary are the following:

  • Your basic data (Name, DN, bank).
  • Your e-mail adress.
  • Telephone.
  • The data of its workers to comply with the Prevention Law.

Also while browsing our pages:

  • Your IP address
  • ID cookie

How the data is collected

Your data is collected in the following way:

  • Provided by your company when making the technical visit to your facilities (formalized by means of an occupational risk prevention contract).
  • Delivered by your company to carry out the service.
  • Registered by the user himself directly (via form)

The data is provided by customers through the contract for the prevention of occupational hazards.

Forms on the page anteaprevención:

En caso de cumplimentar el formulario de contacto,el de presupuesto o el de empleo, sus datos solo serán tratados si nos dá su consentimiento expreso. Los plazos de conservación de los datos se especifican en la primera capa informativa del propio formulario. En todo caso puede ejercer sus derechos en cualquier momento en el correo protecciondedatos@anteaspa.es donde nuestro DPD le atenderá personalmente.

El formulario de contacto y Empleo disponen de primera capa informando sobre su finalidad concreta, el de Presupuestos recaba datos exclusivamente corporativos, puede rellenarlo sin aportar datos que identifiquen a una persona física.

As a user, you agree to make good use of our forms and provide accurate information at all times.

Legitimacy for this treatment: The legitimacy in the forms on our website is the express consent of the user, by clicking the acceptance box.

Information on the Medical Examinations Area (if accessed by user password):

If you have carried out a medical examination with Antea, you can access your report at any time (once it has been validated by the healthcare professional) through our website. The validation of your recognition has a certain period of time, if you have any problem in its visualization contact us. Your data was collected directly in our centers during the medical tests, the contact or identification data (name, ID and job position) have been delivered directly by your company under the contract signed in terms of risk prevention work, or by the Main or Collaborating Prevention Service, if applicable, in cases where there are collaboration agreements between Prevention Services by virtue of Royal Decree 843/2011, of June 17.

The purpose of processing your data is to comply with the Occupational Health Surveillance (art. 22 Law 31/1995 PRL), manage your appointments and your documentation.

Antea will not transfer the data provided by you to third parties except legal obligation. In case of requirement we will inform the worker.

In some cases the Authorities may require information:

  • To the health authorities (Public Health Administrations).
  • Providers of services that are necessary for the provision of Health Surveillance, such as clinical analyzes or complementary tests in order to correctly complete their medical reports. In these cases, the service providers are in charge of the treatment and act with direct instructions from Antea. Antea is the Responsible for said treatment and audits its suppliers in this matter in compliance with its proactive privacy policy.
  • In cases where the Own Prevention Service or Antea establish a collaborative relationship and always in accordance with Royal Decree 843/2011, of June 17, which establishes the basic criteria on the organization of resources to develop the health activity of the prevention services.
  • In health inspection tasks, the rights of the patient, their ethical treatment or any other obligation of medical clinics in relation to patients or users.

In no case are the tests, analyzes or medical records reported to the employer or client company. According to section 3 of article 22, "The results of the surveillance referred to in the previous section will be communicated to the affected workers."

The second paragraph of article 22.4 of Law 31/1995 establishes that “Access to personal medical information will be limited to medical personnel and health authorities that carry out monitoring of the health of workers, without being able to facilitate to the employer or to other persons without the express consent of the worker ”, adding the third paragraph that“ Notwithstanding the foregoing, the employer and the persons or bodies with responsibility for prevention will be informed of the conclusions derived from the examinations carried out in relation to with the worker's aptitude to perform the job or with the need to introduce or improve protection and prevention measures, so that they can correctly carry out their preventive functions ”.

Sharing of personal data with third parties
Your data is not shared with third parties except in cases where it is legally required, that is, it is only shared with the control authorities, in this case, the Labor Authority, Fundae in subsidized courses, the Construction Labor Foundation and the Metal Labor Foundation. (only if applicable, for taking metal or construction Convention courses). For exclusive tasks of time control and completion of the course.

Treatment safety:

At ANTEA we apply the principles of data minimization and we have an internal management system in terms of privacy, the data remains encrypted on our own server at all times. We have a cybersecurity officer and a Data Protection Officer to audit the entire process.

Rights
Once you provide us with your personal data, you can access it and exercise your rights contacting us.

You can exercise your rights of access, rectification of your data, limitation when processing them, deletion of them, opposition and no longer be subject to automated decisions at any time, we have a Data Protection Delegate in the email protecciondedatos@anteaspa.es happy to assist you.

If you consider that we have not attended you correctly or that your request has not been answered, you have the right to file a claim with the Spanish Agency for Data Protection on the page www.aepd.es or at the postal address C / Jorge Juan nº6 CP 28001 Madrid.

For the exercise of your rights and freedoms, the documentation is centralized in ANTEA PREVENCIÓN DE RIESGOS LABORALES, S.L, CIF: B-90113754, with registered office at C / Innovación 2, Pol.Pisa, Mairena del Aljarafe (Seville).

Options:
If you do not want to receive emails or calls, you can notify data protection@anteaspa.es
ANTEA takes privacy very seriously, and strives for transparency in all aspects of personal data. Please note that emails are sent under a signed contract and due to an existing business relationship. ANTEA never and under no circumstances performs SPAM.

Social networks:
Social network data is not linked or shared under any circumstances. Our social networks are managed directly by us, respecting current legislation at all times.

Cloud and Servers:
ANTEA stores your personal data in the cloud and its own server. In order to maintain the availability of the information and maintain its integrity, we have of an internal backup policy. We implement high information security measures to ensure the confidentiality of the data. Due to ANTEA 's proactive policy, data is only stored on secure servers located in the European Union. We have our own server located in PISA c / Innovación number 2 CP: 41927.

Information protection:
ANTEA uses different security technologies and organizational procedures to protect your personal data. For example, we implement access controls, use secure servers and firewalls, and encrypt certain types of data as sensitive data (especially Health and Special Category Data). We have a procedure for the elimination of the paper format and it is immediately destroyed after being processed and digitized. We have a document destruction procedure (with a certified company) and an internal document disposal policy. All workers are trained in the protection of personal data and are audited in this regard.

Changes to this Privacy Notice:
ANTEA reserves the right to change this Privacy Notice or to make additions from time to time, and we will post all important revisions on our websites.

We will post a prominent notice on our privacy notice page to notify you of any significant changes to this Privacy Notice, and we will indicate at the top of the notice the most recent update date. We recommend that you check the site frequently to check for the latest version.