Privacy Policy
DATA PRIVACY POLICY
In compliance with the provisions of the General Data Protection Regulation 2016/679 (GDPR) and Organic Law 3/2018 on Data Protection and Guarantee of Digital Rights (LOPDGDD) of December 5, 2018, we inform you:
DATA CONTROLLER
Identity: FUNDACIÓN ALMATERRA IBIZA, hereinafter “the Holder”
CIF: G21920145
Postal Address: Carretera San Carlos km 10; 07800; Ibiza – Balearic Islands
Email Contact: administracion@fundacionalmaterra.org
PURPOSE OF DATA PROCESSING
The Holder will process the personal data of interested parties in accordance with the following purposes, depending on the relationship established with the Holder:
a) Users of the website and contact forms:
-To attend to and respond to contact requests, requests for information or queries received.
b) Donors:
-Manage the economic contribution made.
-Issue the corresponding supporting documents or tax certificates.
-Keep you informed about the destination of the donations made to the Foundation as well as send you information about future projects and/or activities of the Foundation.
c) Members of the Foundation:
-Process registration as a member, management of fees and participation in activities.
-Provide institutional information and communications about the different activities and projects of the Foundation.
d) Collaborating companies and professionals:
-Attend to your contact request together with the proposals and initiatives raised, in order to formalize, maintain and execute collaboration agreements.
e) Newsletter subscribers:
-Periodically send information about news, campaigns, activities and projects of the Foundation.
In accordance with the provisions of the GDPR, a record of processing activities is maintained that specifies, according to its purposes, the processing activities carried out and the other circumstances established in the GDPR.
Personal information will not be used for purposes other than those related to the contracted services or products purchased. No automated decisions will be made based on said profile.
LEGITIMACY FOR DATA PROCESSING
The legal basis for the processing carried out is based on:
- The consent granted by marking the corresponding box/es.
- The execution of a contract and/or service in which the User is a party and therefore has provided their personal data within the framework of a contractual or pre-contractual relationship for the attention of their request and/or query, the processing being necessary for the maintenance of said relationship.
- The legal obligations applicable to the Holder that require the processing of personal data in accordance with the services provided or those related to tax issues, complying with the provisions of the applicable regulations (commercial, fiscal, tax, money laundering).
PERSONAL DATA THAT IS PROCESSED AND ORIGIN
Depending on the type of relationship that the interested party maintains with the Foundation, we may process the following categories of personal data:
A. Users of the website and contact forms:
-Identification data (name and surname).
-Contact information (email, telephone).
-Any information freely included in the consultation message.
-Navigation data obtained through cookies or similar technologies (according to the Cookies Policy).
B. Donors:
-Identification data (name, surname, NIF).
-Contact information (email, telephone, address).
-Bank and payment details.
C. Members of the Foundation:
-Identification data (name and surname, NIF)
-Contact information (email, telephone, address)
-Bank details for fee management.
D. Collaborating companies and professionals:
-Identification and contact data of their representatives.
E. Newsletter Subscribers:
-Basic identification data (name)
-Email address.
The data collected is provided by the user themselves, when contacting the Holder, by completing the corresponding form(s) or other functionalities offered on the website.
The use of the contact sections, completion of forms and/or functionalities offered on the website is voluntary. However, the completion of certain fields of the form or its provision through the use of other functionalities are necessary to correctly attend to and manage your request, so the User’s refusal to provide the required information will prevent the Holder from attending to and managing it correctly.
The User guarantees that the data provided to us is true, accurate and complete. The data will be canceled, deleted or blocked when it is inaccurate, incomplete or no longer necessary or relevant for its purpose in accordance with current legislation. If the personal data provided belongs to a third party, the User guarantees that they have informed them of the Privacy Policy and have obtained their authorization to provide their data for the purposes indicated above. Likewise, they guarantee that the data provided is accurate and up-to-date, being responsible for any damage or loss, direct or indirect, that may occur as a result of the breach of such obligation. The User undertakes and is responsible for the veracity and correctness of the data provided to us, undertaking to keep them duly updated.
COMMERCIAL COMMUNICATIONS BY ELECTRONIC MEANS
The Owner does not send commercial communications by electronic means without identifying them as such in accordance with the provisions of Law 34/2002 on Services of the Information Society and Electronic Commerce. In the event of sending this type of communication, it will be done with the express consent that you have granted us.
The User may oppose the processing of their data for promotional purposes by sending an email to the address indicated in point 1, their consent being revoked, at any time, simply by notifying their will to revoke it. Information that is sent whose purpose is the maintenance of the existing contractual relationship between the User and the Owner; as well as the performance of information tasks and other activities of the service that the User may contract with the company will not be considered as commercial communication.
PROTECTION OF MINORS’ DATA
It is reported that, according to the provisions of current data protection regulations, only people over 14 years of age may grant their consent for the processing of their personal data lawfully. In the case of people under 14 years of age, the consent of their parents or guardians will be a mandatory condition in order to process their personal data.
LINKS AND SOCIAL NETWORKS POLICY
The website may include links to third-party sites such as social networks in which the Holder is present. The aforementioned third-party websites have not been reviewed nor are they subject to controls over them by the website itself or its owner. The Holder will not be responsible for the content that the user has freely published. The User must bear in mind that their publications will be known by other users, so they themselves are primarily responsible for their privacy.
PERSONAL DATA RETENTION PERIODS
The personal data provided by the User will be kept while they remain registered in the service, while the business relationship is maintained, while the User does not request its deletion, or during the legally established period. Likewise, they may be kept when they are necessary for compliance with a legal obligation or for the formulation, exercise and defense of claims.
If the User withdraws their consent or exercises the rights of opposition or deletion, their data will be kept blocked at the disposal of the Administration of Justice during the legally established periods to address possible liabilities arising from the processing of personal data. In no case will it condition the provision of the service, and/or the execution of contracts with the Holder.
The withdrawal of consent will not affect the legality of the treatment based on the consent prior to its withdrawal.
SECRECY AND SECURITY OF PERSONAL DATA
The Holder undertakes to adopt the necessary technical and organizational measures, according to the level of security appropriate to the risk of the data collected, in such a way that the security of personal data is guaranteed and the accidental or unlawful destruction, loss or alteration of personal data transmitted, stored or otherwise processed, or the unauthorized communication or access to said data is avoided.
Personal data will be treated as confidential by the Holder, who undertakes to inform and guarantee through a legal or contractual obligation that said confidentiality is respected by its employees, associates, and any person to whom the information is made accessible.
TRANSFERS AND RECIPIENTS OF PERSONAL DATA
Your personal data may be transferred to third parties in those cases in which the applicable legislation expressly requires it, as well as when the transfer is necessary for compliance with legal obligations enforceable on the Holder.
Likewise, your data may be communicated to service providers who act as data processors, with whom the Holder has signed the corresponding contracts in accordance with article 28 of the GDPR, guaranteeing at all times the security and confidentiality of the information.
RIGHTS OF USERS
What are your Rights when You Provide Us with your Data?
The User has the right to obtain confirmation about whether or not we are processing personal data that concerns them. The User has the right to access their personal data, as well as to request the rectification of inaccurate data or, where appropriate, request its deletion when, among other reasons, the data is no longer necessary for the purposes for which it was collected.
In certain circumstances, the User may request the limitation of the processing of their data, in which case we will only keep them for the exercise or defense of claims. In certain circumstances and for reasons related to their particular situation, the User may object to the processing of their data, so the data controller will stop processing the data, except for compelling legitimate reasons, or the exercise or defense of possible claims.
In those cases in which legally appropriate, you will have the right to data portability, which implies that you have the right to receive the personal data related to your person that we are processing and store them on your own device.
You can exercise before the Holder, in case they are applicable, the rights of access, rectification, opposition, deletion, limitation of treatment, portability and to oppose being subject to automated individual decisions by written communication accompanied by a photocopy of the D.N.I. to prove your identity, with the reference “Derechos RGPD” addressed to the email address administracion@fundacionalmaterra.org.
Likewise, we inform you that you can address any type of claim regarding the protection of personal data to the Spanish Agency for Data Protection www.agpd.es, Control Authority of Spain.