Data policy

"security & confidentiality are at the core of everything we do!"
…right people – right place – right time!

CIS Privacy Policy

CIS Electronics Engineering is the operating brand name for CIS-Spain Consulting SLU. We are a Professional Services Company offering a range of contracting services across the Electronics Engineering market. Hereinafter the term CIS shall be used to represent CIS–Spain Consulting SLU.

Candidates

A. Candidates Data Sources:

The term Candidate is used to define anyone with whom CIS has a legitimate interest in keeping their data on file for the purposes of contacting them in relation to our core activities in the Recruitment and Technical Consulting Markets.

CIS operates a comprehensive research program, sourcing candidates in a number of ways including the following:

  1. Direct Contact with potential candidates by phone email or other messaging services.

  2. Personal Meetings including conferences, exhibitions, presentations, roadshows, etc.

  3. Advertising online and printed press.

  4. Downloads from official third party websites.

  5. Referrals & Recommendations from third party individuals.

By providing your Personal Information to CIS, you are agreeing to the following:
CIS may use your information to contact you from time to time regarding Recruitment and Technical Consulting Services.

Please Note:
CIS subscribes to a number of official third party websites which provide the facility to download candidates’ personal information in the form of
Curriculum Vitaes or other similar profile documents. CIS collects and stores this information with a view to contacting the Candidates from time to time in relation to Recruitment and Technical Consulting Services. Anyone who requests to have their personal information erased from CIS’s database should be aware that CIS may acquire your personal information again in the future if you are registered with any such third party website.

B. Candidate Data Processing Policy:

CIS operates a comprehensive Data Protection Policy in accordance with the new EU GDPR Regulations, effective 25th May 2018. All Personal Information collected by CIS shall be treated in the following manner:

  1. All candidate Personal Information submitted or acquired by CIS shall be stored on our secure central candidate database for the sole purpose of informing candidates from time to time of possible opportunities in relation to Recruitment and Technical Consulting Services.

  2. All Candidate Personal Information sent to individual CIS Employees shall also be stored within the secure Cloud based Microsoft Outlook Account of the direct recipient.

  3. All Candidate Personal Information shall also be stored electronically in a secure remote location as a back-up of CIS’s Candidate Database for disaster recovery purposes.

  4. All Candidate Personal Information shall be stored electronically within CIS’s systems and no hard copy format shall be retained in our files.

  5. Candidate data may only be accessed by employees of CIS and occasionally by external parties contracted to provide Technical Support services to CIS under strict supervision by CIS employees.

  6. CIS will not distribute your personal information to any third party without your prior consent, other than where CIS has a legal obligation to do so. In no case shall your information be provided to any third party based on unreasonable requests. CIS does not distribute any personal information to any third parties for advertising purposes.

C. Consultant Data Processing Policy:

Once a Candidate enters into a formal commercial agreement with CIS the term ‘Consultant’ shall be used to define the person’s status for data processing purposes in the future.
Consultants may be required by CIS to provide additional Personal Information in order for CIS and the Consultant to be compliant with legal and regulatory requirements which may be in effect in any Country which may have jurisdiction over the agreement for whatsoever reason.

In certain instances, CIS may be required to retain some of the consultant’s personal information beyond the term of the commercial agreement in order to comply with legal or regulatory requirements as may be required.

D. Security:

CIS is committed to keeping your Personal Information safe and secure from unauthorised access, alterations, disclosure or destruction.

Our security measures include:

  • Restricting access to Candidate’s Personal Information to CIS Employees and to third party representatives who provide services to CIS, subject to contractual confidentiality and data processing obligations.

  • Having a comprehensive data security policy and internal training program.

  • Regular review of data collection, storage and processing practices including physical security measures as required.

  • Regular updates to all our software security architectures, network and processes.

E. Breach Reporting:

CIS shall inform and provide all the necessary reporting information in accordance with GDPR regulations to the supervisory authorities and where practicably possible to all affected parties.

F. Candidates Rights:

1. Right to Access:
Upon request, CIS will disclose all Personal and Private Information of any candidate or consultant who wishes to receive a copy of the data CIS retains on them. All such requests shall be processed as soon as practicably possible, not exceeding 4 weeks from the date of such request. If you wish to exercise this right, please contact us on
info@cis-ee.com with the words ‘Right to Access’ in the subject line.

2. Right to Rectification:
Upon request, CIS will rectify all Personal & Private Information retained on the candidate or consultant who so wishes. All such requests shall be processed as soon as practicably possible, not exceeding 4 weeks from the date of such request. If you wish to exercise this right, please contact us
on info@cis-ee.com with the words ‘Right to Rectification’ in the subject line.

3. Right to Erasure:
Upon request, CIS will erase all Personal & Private Information on the candidate or consultant from all CIS company records. All such requests shall be processed as soon as practicably possible, not exceeding 4 weeks from the date of such request. If you wish to exercise this right, please contact us on
erasure@cis-ee.com with the words ‘Right to Erasure’ in the subject line.

4. Right to Restrict Processing:
Upon request, CIS will restrict processing on the Personal Information retained on the candidate or consultant who so wishes. All such requests shall be processed as soon as practicably possible, not exceeding 4 weeks from the date of such request. If you wish to exercise this right, please contact us on
info@cis-ee.com with the words ‘Right to Rectification’ in the subject line.

5. Right to Object:
Upon request, CIS will acknowledge the candidate’s request to object to us processing their Personal Information. All such requests shall be processed as soon as practicably possible, not exceeding 1 week from the date of such request. If you wish to exercise this right, please contact us on
info@cis-ee.com with the words ‘Right to Object’ in the subject line.

2. Clients

A. Client Data Sources:

The term Client is used to define anyone who is exchanging information with CIS in relation to possible commercial cooperation at any point in the future.

CIS operates a comprehensive research program, sourcing potential clients in a number of ways, including the following:

  1. Personal Data we receive directly from you.

It is our mission to make sure you (the Client) have the best qualified engineers for your projects. To this end, we will receive data directly from you in two ways:

  • Where you contact us proactively, usually by phone or email.

  • Where we contact you, either by phone or email, or through our consultants’ business development activities.

  1. Personal data we receive from other sources.

  • By analysing the available information on online and offline media.

  • From other limited sources and third parties (for example from our candidates to the extent that they provide us with your details to act as a referee from them).

  • From professional networking sites, to which CIS subscribes.

B. Client Data Processing Policy:

CIS operates a comprehensive Data Protection Policy in accordance with the new EU GDPR Regulations, effective 25th May 2018. All Personal Information collected by CIS shall be treated in the following manner:

  1. All Client Personal Information submitted or acquired by CIS shall be stored on our secure central client database for the sole purpose of informing clients from time to time of potentially interesting technical profiles for their projects.

  2. All Client Personal Information sent to individual CIS Employees shall also be stored within the secure Cloud based Microsoft Outlook Account of the direct recipient.

  3. All Client Personal Information shall also be stored electronically in a secure remote location as a back-up of CIS’s Client Database for disaster recovery purposes.

  4. All Client Personal Information shall be stored electronically within CIS’s systems and no hard copy format shall be retained in our files.

  5. Client data may only be accessed by employees of CIS and occasionally by external parties contracted to provide Technical Support services to CIS under strict supervision by CIS employees.

  6. CIS will not distribute your personal information to any third parties without your prior consent, other than where CIS has a legal obligation to do so. In no case shall your information be provided to any third party based on unreasonable requests. CIS does not distribute any personal information to any third parties for advertising purposes.

Management of your data:

Any information provided shall be kept secure and will only be used for the following purposes:

  1. Informing you about services we believe you may be interested in.

  2. Managing relationship data in a way that can be used to optimise the efficiency of our relationship.

  3. For use in relation to requests for information by appropriate legal bodies.

C. Client Data Processing Policy:

Once a Client enters into a formal commercial agreement with CIS the term ‘Client’ shall be used to define the person’s status for data processing purposes in the future. Clients may be required by CIS to provide additional Personal Information in order for CIS and the Client to be compliant with legal and regulatory requirements which may be in effect in any Country which may have jurisdiction over the agreement for whatsoever reason.

In certain instances, CIS may be required to retain some of the Client’s personal information beyond the term of the commercial agreement in order to comply with legal or regulatory requirements as may be required.

CIS shall only collect and store information regarding you (the Client) in order to provide the best services possible. We believe this is a reasonable use of your data and completely in line with both parties’ best interests.

D. Security:

CIS is committed to keeping your Personal Information safe and secure from unauthorised access, alterations, disclosure or destruction.

Our security measures include:

  • Restricting access to Candidate’s Personal Information to CIS Employees and to third party representatives who provide services to CIS, subject to contractual confidentiality and data processing obligations.

  • Having a comprehensive data security policy and internal training program.

  • Regular review of data collection, storage and processing practices including physical security measures as required.

  • Regular updates to all our software security architectures, network and processes.

E. Breach Reporting:

CIS shall inform and provide all the necessary reporting information in accordance with GDPR regulations to the supervisory authorities and where practicably possible to all affected parties.

F. Clients Rights:

1. Right to Access:
Upon request, CIS will disclose all Personal and Private Information of any Client who wishes to receive a copy of the data CIS retains on them. All such requests shall be processed as soon as practicably possible, not exceeding 4 weeks from the date of such request. If you wish to exercise this right, please contact us on
info@cis-ee.com with the words ‘Right to Access’ in the subject line.

2. Right to Rectification:
Upon request, CIS will rectify all Personal and Private Information retained on the Client who so wishes. All such requests shall be processed as soon as practicably possible, not exceeding 4 weeks from the date of such request. If you wish to exercise this right, please contact us
on info@cis-ee.com with the words ‘Right to Rectification’ in the subject line.

3. Right to Erasure:
Upon request, CIS will erase all Personal and Private Information on the Client from all CIS company records. All such requests shall be processed as soon as practicably possible, not exceeding 4 weeks from the date of such request. If you wish to exercise this right, please contact us on
erasure@cis-ee.com with the words ‘Right to Erasure’ in the subject line.

4. Right to Restrict Processing:
Upon request, CIS will restrict processing on the Personal Information retained on the Client who so wishes. All such requests shall be processed as soon as practicably possible, not exceeding 4 weeks from the date of such request. If you wish to exercise this right, please contact us on
info@cis-ee.com with the words ‘Right to Rectification’ in the subject line.

5. Right to Object:
Upon request, CIS will acknowledge the Client’s request to object to us processing their Personal Information. All such requests shall be processed as soon as practicably possible, not exceeding 1 week from the date of such request. If you wish to exercise this right, please contact us on
info@cis-ee.com with the words ‘Right to Object’ in the subject line.