TERMS OF BUSINESS:
GENERAL TERMS AND CONDITIONS
- A draft of fees will always be prepared before carrying out any other matter not contemplated in this fee schedule, which will be charged separately. In any case, if for any reason such a draft cannot be drawn up, the standard hourly rate of the firm is €160/hour (excluding VAT). The senior hourly rate of the firm is €220/hour (excluding VAT) which would be applied when the professional attending you is a senior team member.
- When the upper limits of this ongoing contract are exceeded or the time spent is greater than expected, the client will be informed in order for the ongoing contract to be adjusted accordingly or for an additional compensatory bill to be issued.
- For unforeseen matters, our rates will be applied, which are in accordance with the guidelines of the Barcelona Bar Association, 2010 edition, and otherwise, the 2005 edition.
- The fees would be revised taking into account the variation of the I.P.C. Cataluña Sector Servicios increased by two points, the volume of queries raised and the number of workers in the company, establishing the present offer for a renewable annual period. Depending on the volume and difficulty of the work entrusted we can consider an annual increase of up to IPC plus 3 points.
- The firm will not assume the cost of any third-party expenses in the event that funds have not been previously provided for the payment thereof. Likewise, expenses generated by couriers, photocopies, telephone, per diem and transport, external collaborators, translators, etc., which are not included in the fees shall be charged separately.
- The bank return for unpaid bills will generate an additional charge of €15 per bill.
- The fees will be modified in the event that the client adds new actions or new professional services not initially foreseen. Any change, revision or modification will be subject to additional charges.
- The firm reserves the right to interrupt the commissioned work, should the client fail to pay the amounts of this ongoing contract, as well as if they have any outstanding debts, in compliance with the applicable legislation and ethical standards.
- The physical documentation relating to any given matter shall be kept in safe custody until the completion of that matter or until the termination of the legal representation. Subsequently, the physical documentation may be returned to the client upon their request immediately after the termination of the contract. Otherwise, should no credible request be received within one month, the documentation will be destroyed, unless the client engages this firm specifically for the safekeeping and custody of the documentation.
- Should the client entrust us with their digital certificate, the client authorises Conesa Legal to transfer it, as well as the password, to companies that operate as digital certificate management platforms in order to comply with greater data protection and digital security standards as regards the management of that certificate.
- In the case of unpaid fees, the firm does not necessarily have to prepare the accounts or any other work related to the unpaid fees. No documentation can therefore be demanded from the firm.
- These conditions shall not prevent further specific conditions from being agreed as part of the professional assignment, subject to prior communication to the client.
- In accordance with Regulation (EU) 2016/679 of the European Parliament, we inform you that your data will be included in a file owned by Conesa Legal, S.L.P.U., in order to be able to offer you the consultancy service stipulated in this agreement and to send you commercial information about the services that may be linked to it. This data will be treated as confidential, will not be transferred to third parties except under legal obligation, and will remain in our files for the duration of the business relationship or for the years necessary to comply with legal obligations. At any time, you may exercise your rights of access, rectification, erasure and objection, restrict the processing of your data, directly oppose the processing, or exercise your right to data portability. You may do so in writing, accompanied by a copy of an official ID document, sent to the Data Controller, Conesa Legal, S.L.P.U., AV DIAGONAL, 467 6º 1ª - 08036 BARCELONA (Barcelona). Email: datos@conesalegal.com. Should you disagree with the processing, you also have the right to file a complaint with the Spanish Data Protection Agency (Agencia Española de Protección de Datos).
- The client authorises Conesa Legal to file with any Public Administration their tax and/or fiscal declarations and settlements, or any other documentation necessary to attend to labour law matters, or anything necessary to comply with accounting and insurance obligations, as well as any other formalities in the field of consultancy. It also authorises Conesa Legal to:
- Submit documentation to the Administration by means of any authorised procedure, including online. Receive notifications and process registrations and deregistrations from the Tax Authorities and Social Security.
- Download the digital certificate (electronic signature) for use on your behalf. Act as a representative before the AEAT for the presentation of the documentation referred to in this document.
- This agreement shall remain in force until Conesa Legal is notified in writing of its revocation.
- The professionals of this firm will address the people that the company expressly or tacitly designates, and therefore we waive all liability in the exchange of communications in the event that the company includes third parties in the professional relationship between Conesa Legal and the client, either by the use of CC, or by any other means that does not concern Conesa Legal.
- The client undertakes not to hire any of the firm’s registered professionals or employees who are performing their own consultancy or legal services during the term of this contract until a period of nine months after the end of the professional assignment. Failure to comply with this clause shall entail compensation of at least twelve months' gross annual salary of the employee involved.
TAX-ACCOUNTING:
- In the event that the client has not been with this firm for a full fiscal year, there will be no obligation to prepare annual taxes, summaries or accounts for the client, unless expressly agreed. In the event that an annual tax return is entrusted to us, an additional fee may be charged. Likewise, if you register as a client with Conesa Legal, you are required to provide all the information on all the tax returns filed in the previous and current financial year, as well as the tax returns yet to be filed, exempting Conesa Legal from any liability in the event that this information is incomplete.
- The client undertakes to deliver the accounting documentation on a monthly basis and the documentation necessary for the preparation of tax returns at least 10 days before the deadline, and undertakes to review all taxes prepared by the firm prior to their submission. Any mistakes will only be considered to be the firm’s when this deadline has been met. And the client is obliged to correctly provide the necessary information on time, releasing Conesa Legal from any subsequent changes that could lead to changes in the tax returns to be filed. The firm will therefore not be liable in any case for any penalty, complementary settlement or surcharge incurred if the Tax Authorities consider that the taxpayer has the intention to defraud, and only upon a final decision will the firm notify its civil liability policy if, in accordance with this clause, it is found to be responsible for this liability. In the event that there is an obligation to make monthly returns or immediate supply of information (SII), the client undertakes to provide all the information to Conesa Legal on the day following the day of issue in the case of invoices issued and within 10 days of receipt for invoices received, releasing Conesa Legal from any errors made in the event of delays in providing this information, causing urgent conditions regarding tax returns. Any overtime required due to non-compliance with this clause will result in the initial agreed fee being increased by between 5% and 15% at each renewal or in our issuing of an additional invoice in accordance with our hourly rate.
- The client undertakes to provide truthful and legal information to Conesa Legal and therefore exempts Conesa Legal from any accounting or tax irregularities that the client may commit or wish to commit. Both parties therefore understand that Conesa Legal will submit the tax settlements with the information provided by the client, in the file format required by Conesa Legal, and within the indicated time frame and, unless Conesa Legal is under a legal obligation to inform the authorities of the commission of an offence and can thus identify it without any doubt, we limit ourselves to processing and managing the settlement that the client decides to submit and it is the client who assumes the consequences of such filings. All of the above is without prejudice to Conesa Legal warning and advising the client of any possible errors made by the client.
- Conesa Legal will submit the documentation in due time, and therefore the client is obliged to review the forms and returns to be submitted to the administration before the end of the submission period, and, in the event of a mistake, assumes responsibility had they not requested the completed documents from Conesa Legal before the end of the submission period.
ELECTRONIC MAILBOX:
- In the event that the client engages us to manage their electronic mailbox, it is the client who must have it set up to receive notifications, assuming full responsibility for the content and deadlines of their notifications.
PROCESSING OF PERSONAL DATA PROVIDED TO CONESA LEGAL
By accepting these Conditions you agree to the following Data Processing Agreement under which we process, as Data Processor, the personal data that you provide to us in relation to the services of this contract. Said data may be processed in a database or file that meets the security requirements established by the applicable, current legislation, and may be transferred to the corresponding public bodies (TGSS, INSS, INEM, Tax Agency, Commercial Registry, notaries, etc.) in accordance with the provision of the services contracted herein.
For more information about how we process personal data, what data we collect, what we use it for and how you can exercise your rights, please see our Privacy Policy.
Data Processing Agreement between Controller and Processor
- Object, Nature, Purpose and Duration of the Processing
1.1 CONESA LEGAL, S.L.P.U. (the Data Processor, hereinafter ‘PROCESSOR’) shall process the personal data provided to it by the CLIENT (the Controller, hereinafter ‘CONTROLLER’) for the purpose of providing the service that is the object of this contract. The duration of the processing will be linked to the time period established in this contract.
1.2 The authorised processing operations will be those strictly necessary to achieve the purpose of the assignment.
1.3 The location of the processing will be at the premises of the PROCESSOR, in Spain, with the authorisation of the CONTROLLER to incorporate the data into its systems.
1.4 The duty to inform the data subject of the processing is the sole responsibility of the CONTROLLER.
- Type of Personal Data and Category of Data Subjects
2.1 The PROCESSOR will have access to the personal data that are included in the files that the CONTROLLER makes available to them in order to be able to provide the service of this contract, including, if necessary:
- Type of data:
- Identifying data: Name, surname(s), NIF / DNI, address, social security number, e-mail.
- Personal characteristics: Marital status, date and place of birth, age, sex, nationality, percentage of disability.
- Academic and professional data: Employment record, educational qualifications, trade union affiliation.
- Bank details: IBAN / Bank account.
- Categories of data subjects:
- Employees: Persons who work for the CONTROLLER.
- Suppliers: Persons who have a business relationship with the CONTROLLER as suppliers of products and/or services.
- Clients: Persons who have a business relationship with the CONTROLLER as clients.
- Potential clients: Persons who seek to maintain a business relationship with the CONTROLLER as clients.
- Candidates: Persons who wish to work for the CONTROLLER.
2.2 The CONTROLLER guarantees that the data provided to the PROCESSOR have been lawfully obtained and that they are appropriate, relevant and limited to the purposes of the processing.
2.3 The CONTROLLER shall make available to the PROCESSOR any and all information that may be necessary for the execution of the services that are the subject of the assignment.
- Confidentiality
3.1 The PROCESSOR undertakes to maintain the confidentiality of the personal data to which it has access by virtue of this contract.
3.2 The PROCESSOR shall ensure that the persons authorised to process the personal data undertake, expressly and in writing, to respect confidentiality and to comply with the corresponding security measures.
- Subcontracting
4.1 The PROCESSOR is granted a general authorisation to subcontract personal data processing activities, provided that they inform the CONTROLLER of any planned changes in the appointment or replacement of sub-processors, thereby giving the CONTROLLER the opportunity to object to such changes.
4.2 The updated list of authorised sub-processors is available via this link, and includes the name, address and description of the services provided by each sub-processor.
4.3 In the event of subcontracting, the PROCESSOR shall ensure that the sub-processor complies with the same data protection obligations as those set out in this contract, by means of a contract reflecting such obligations.
4.4 The PROCESSOR shall remain fully liable to the CONTROLLER with regard to the fulfilment of the obligations of the sub-processor.
- Data Security
5.1 The PROCESSOR shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including, but not limited to, pseudonymisation and encryption of personal data.
5.2 The PROCESSOR shall periodically review and update the security measures to adapt them to technological developments and emerging risks.
- Rights of data subjects
6.1 The PROCESSOR shall, wherever possible and taking into account the nature of the processing, through appropriate technical and organisational measures, assist the CONTROLLER to enable the them to comply with their obligation to respond to requests from data subjects to exercise their rights, such as their rights of access, rectification, erasure, restriction of processing, data portability and objection.
6.2 The PROCESSOR will, without undue delay, notify the CONTROLLER of any request received from data subjects.
- Assisting the Data Controller
In addition to the PROCESSOR's obligation to assist the CONTROLLER in accordance with clause 6.1., the PROCESSOR will also assist the CONTROLLER in ensuring compliance with the following obligations, taking into account the nature of the processing and the information available to the PROCESSOR:
- The obligation to carry out a data protection impact assessment of processing operations (‘impact assessment’) where a particular type of processing is likely to result in a high risk to the rights and freedoms of natural persons.
- The obligation to consult the competent supervisory authorities prior to carrying out the processing where a data protection impact assessment indicates that the processing would result in a high risk in the absence of measures taken by the CONTROLLER to mitigate the risk.
- The obligation to notify the competent supervisory authorities of personal data breaches without undue delay upon becoming aware of them, if applicable (unless such a personal data breach is unlikely to constitute a risk to the rights and freedoms of natural persons) and the obligation to communicate the personal data breach to the data subject without undue delay where the breach is likely to result in a high risk to the rights and freedoms of natural persons.
- The obligation to ensure that personal data is accurate and up to date by informing the CONTROLLER without delay if the PROCESSOR discovers that the personal data it is processing are inaccurate or out of date.
- The obligations referred to in Article 32 of the GDPR.
8. Audits and Supervision
8.1 The PROCESSOR shall allow for and contribute to audits, including inspections, conducted by the CONTROLLER or another auditor mandated by the CONTROLLER.
8.2 The PROCESSOR shall make available to the CONTROLLER all information necessary to demonstrate compliance with the obligations laid down in this contract and in the GDPR.
- Notification of Personal Data Breaches
9.1 The PROCESSOR shall notify the CONTROLLER of any personal data breach without undue delay and, in any event, no later than 24 hours after becoming aware of the breach.
9.2 The notification shall include, at least, the nature of the breach, the categories and approximate number of data subjects concerned, the likely consequences of the breach, and the measures taken or proposed to be taken to mitigate its effects.
- International Transfers
10.1 Transfers of data to a third country or to an international organisation by the PROCESSOR may only be carried out on the documented instructions of the CONTROLLER or pursuant to an express requirement of the law of the Union or of the Member State to which the PROCESSOR is subject; they shall be carried out in accordance with Chapter V of the GDPR.
10.2 The CONTROLLER agrees that, where the PROCESSOR uses a sub-processor in accordance with clause 4.1. to carry out specific processing activities (on behalf of the CONTROLLER) and such activities entail a transfer of personal data within the meaning of Chapter V of the GDPR, they may ensure compliance with Chapter V of the GDPR on the basis of an adequacy decision pursuant to Article 45(1) of the GDPR, or by using standard contractual clauses adopted by the Commission, pursuant to Article 46(2) of the GDPR, provided that the conditions for the use of such standard contractual clauses are fulfilled.
- Return and Deletion of Data
The PROCESSOR shall, at the choice of the CONTROLLER, delete or return all personal data upon termination of the provision of the processing services, and delete existing copies unless the retention of personal data is required by the law of the Union or of the Member States.
- Compliance with Instructions
The PROCESSOR shall immediately inform the CONTROLLER if, in its opinion, an instruction infringes the GDPR or any other data protection provisions of the Union or of the Member States.