DATA PROTECTION POLICY
This DATA PROTECTION POLICY is an integral part of the Legal Notice and Terms and Conditions of Use of the COLLABORABRANDS, S.A. website, located at URL www.collaborabrands.com (hereinafter, the “Website”).
In compliance with the provisions of the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016, on the protection of natural persons concerning the processing of personal data and on the free movement of such data (hereinafter, “GDPR”) and of Spanish Organic Law 3/2018, of December 5, 2018, on the Protection of Personal Data and guarantee of digital rights (hereinafter, “LOPDGDD”), COLLABORABRANDS, S.A. (hereinafter, the “Company”) informs you that:
1.- WEBSITE’S CONTROLLER NAME AND CONTACT DATA
• COLLABORABRANDS, S.A.
• Tax number: A-63.681.159
• Postal address: 28004 Madrid – Calle Hortaleza, 108, 2º
• Telephone: +34 932 138 369
• Email address: firstname.lastname@example.org
2.- PURPOSES AND LEGAL BASIS OF THE DATA TREATMENT
The Company may process your personal data for the following purposes, depending on why you provided them to us:
I Data treatment purpose: To manage registration, download and sending of information related to events, workshops, courses and publications by various means, concerning the Company, its activities, services, special offers and promotions, and documentation of different kinds. Data treatment legal basis: The express consent of the interested party (art. 6.1.a GDPR).
II Data treatment purpose: To carry out all those actions that may be necessary to manage users’ queries received by way of the Website, through the Website’s “Contact form” by its users or by email. Data treatment legal basis: The express consent of the interested party (art. 6.1.a GDPR) and the satisfaction of legitimate interests pursued by the person responsible for handling the data (art. 6.1.f GDPR) in responding to requests for information about the Company.
Concerning express consent, it should be noted that the interested party has the right to withdraw consent at any time, without this affecting the lawfulness of the treatment based on the consent prior to its withdrawal.
Data treatment legal basisUnder no circumstances will the Company process your data in order to generate automated decision making, including profiling.
In accordance with the provisions of Law 34/2002 of July 11, 2002, on services of the information society and electronic commerce, if the User of the Website who is also Company’s Client should no longer wish to receive commercial communications from the Company, this decision can be communicated by sending an email to the email address email@example.com with the subject ‘unsubscribe’.
The User guarantees that the information provided is true, accurate, complete and up-to-date and assumes full responsibility for any damage, direct or indirect, resulting from a breach of this obligation. If the data provided should belong to a third party, the User guarantees that the said third party has been informed of this document’s entire contents and has authorized the provision of their data to the Company for the purposes indicated.
Where personal data is collected through a form, the User must complete, at least, those fields marked with an asterisk: if this is not done, the Company will be unable to accept and manage the service request or the query made.
In accordance with the Company’s concern to ensure the security and confidentiality of the data it handles, the required levels of personal data protection have been adopted, and the technical means at its disposal have been installed to prevent any unauthorized access to or loss, misuse, alteration or theft of personal data supplied by way of this Website.
3.- SHARING AND DATA TRANSFERS
Your data will be shared with those Company departments that require it for the performance with their functions, who will ensure the privacy of these data and protect them to prevent any unauthorized access, loss, misuse, alteration or theft.
By default, user data will not be shared with third parties unless there is a legal obligation to do so, and there will be no international transfer of data.
Besides, the Website includes links to and functional operations of third parties, such as social networks or online communication systems, and the Company is not responsible for the data collected and processed by said third parties, in that by accessing their portals, the User will be understood to have accepted the corresponding data protection policies and legal conditions in each case.
4.- DATA STORAGE
Your personal data will be stored for a certain period of time, depending on the type of use of this Website you select. Note, in this regard:
I Data treatment purpose: To manage registration, download and sending of information related to events, workshops, courses and publications by various means, concerning the Company, its activities, services, special offers and promotions, and documentation of different kinds. Legal retention period: These data will be retained indefinitely until, according to the particular circumstances, the subscribed User expresses a wish to delete the stored data.
II Data treatment purpose: To carry out all those actions that may be necessary to manage users’ queries received by way of the Website, through the Website’s “Contact form” by its users or by email. Legal retention period: These data will be kept for the time required to respond to the users’ queries, up to a maximum of twelve (12) months, unless some other relationship with the Foundation should derive from them
5.- EXERCISE OF RIGHTS.
Users may exercise at any time their rights of access to their personal data, to rectify inaccurate data, to delete data that are no longer necessary and for any of the other purposes provided for by the GDPR, to oppose their treatment for reasons related to their particular circumstances, as well as the limitation and portability, and the right not to be subject to a decision based solely on automated processing, including profiling, at any time to processing of personal data concerning him or her by the conditions detailed in the GDPR and the LOPDGDD, by sending a written communication indicating the reason for the request together with a copy of their ID or passport to the address in section 1) of this Policy.
If the User considers that their request has not been dealt with in a satisfactory manner, they have the right to file a claim with the Spanish Agency for Data Protection (https://www.aepd.es/).