DATA PROTECTION POLICY
Responsible for your data: Identity: Asociación Amigos del Tambor CIF: G02469609 and postal address: C/ Asunción, nº8. CP:02500. Tobarra. Albacete. Telephone: 698933940 E-mail: administracion@amigosdeltambor.org. Contact DPD/SECURITY RESPONSIBLE: administracion@amigosdeltambor.org
The Management / Governing Body of Asociación Amigos del Tambor (hereinafter, the controller), assumes the utmost responsibility and commitment to the establishment, implementation and maintenance of this Data Protection Policy, ensuring the continuous improvement of the controller with the aim of achieving excellence in relation to compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (OJEU L 119/1, 04-05-2016), and Spanish personal data protection regulations (Organic Law, specific sectoral legislation and its implementing rules).
The Data Protection Policy of Asociación Amigos del Tambor is based on the principle of proactive responsibility, according to which the data controller is responsible for compliance with the regulatory and jurisprudential framework that governs said Policy, and is able to demonstrate this to the competent control authorities.
In this regard, the controller shall be governed by the following principles which should serve as a guide and frame of reference for all its staff in the processing of personal data:
Data protection by designThe controller shall implement, both at the time of the determination of the means of processing and at the time of the processing itself, appropriate technical and organisational measures, such as pseudonymisation, designed to implement effectively data protection principles, such as data minimisation, and to integrate the necessary safeguards into the processing.
2. Data protection by defaultThe controller shall implement appropriate technical and organisational measures with a view to ensuring that, by default, only personal data which are necessary for each of the specific purposes of the processing are processed.
3. Data protection in the information lifecycleThe measures ensuring the protection of personal data shall be applicable throughout the entire life cycle of the information.
4. Fairness, loyalty and transparencyPersonal data shall be processed in a lawful, fair and transparent manner in relation to the data subject.
5. Purpose limitationPersonal data shall be collected for specified, explicit and legitimate purposes and shall not be further processed in a way incompatible with those purposes.
6. Data minimisationPersonal data shall be adequate, relevant and limited to what is necessary for the purposes for which they are processed.
7. AccuracyPersonal data shall be accurate and, where necessary, kept up to date; all reasonable steps shall be taken to ensure that personal data which are inaccurate in relation to the purposes for which they are processed are erased or rectified without delay.
8. Limitation of the retention periodPersonal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
9. Integrity and confidentialityPersonal data shall be processed in such a way as to ensure appropriate security of personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, by implementing appropriate technical or organisational measures.
10. Information and trainingOne of the keys to ensuring the protection of personal data is the training and information provided to staff involved in the processing of personal data. During the life cycle of the information, all staff with access to the data shall be properly trained and informed about their obligations in relation to compliance with data protection regulations.
11. Exercise of rights: You have the right to exercise, at any time, your rights of access, rectification, suppression, opposition, oblivion and portability of data, by writing to: Asociación Amigos del Tambor with address at C/ Asunción, nº8. CP:02500. Tobarra. Albacete or administracion@amigosdeltambor.org, enclosing a photocopy of your Identity Document. You may also exercise this right before the Control Authority by contacting the SPANISH DATA PROTECTION AGENCY. CALLE JORGE JUAN, N16. CP: 28001- MADRID.
The Data Protection Policy of Asociación Amigos del Tambor is communicated to all staff of the data controller and made available to all interested parties.
Consequently, this Data Protection Policy involves all the staff of the Data Controller, who must know and accept it, considering it as their own, with each member being responsible for applying it and verifying the data protection regulations applicable to their activity, as well as identifying and providing the opportunities for improvement that they consider appropriate with the aim of achieving excellence in relation to compliance with it.
This Policy will be reviewed by the Management / Governing Body of Asociación Amigos del Tambor, as many times as deemed necessary, in order to adapt, at all times, to the provisions in force regarding the protection of personal data.
What personal data do we need?
From the moment you contact Asociación Amigos del Tambor, either because you request information about our products or services or because you wish to become our partner, we need to process your personal data. In general, we will need to process your identification, contact, location and other data necessary to carry out the purposes described in this clause.
The data that we request from you are obligatory, so that refusal to provide or transfer them, if necessary, would make it impossible for us to provide you with the services that you have requested or contracted. Likewise, your personal data must be truthful, complete, accurate and up to date, so any change in them must be communicated without delay. We inform you that Asociación Amigos del Tambor will use your mobile phone number, email and address to inform you about any aspect related to the contracted service.
How do we obtain your personal data?
You will have provided them directly or we will have accessed them as a result of your enquiries, requests or contracting of the products and services of Asociación Amigos del Tambor.
.
Who is responsible for your personal data?
Asociación Amigos del Tambor with CIF: G02469609 and postal address: C/ Asunción, nº8. CP:02500. Tobarra. Albacete. Telephone: 698933940 E-mail: administracion@amigosdeltambor.org.
Why do we process your personal data and on what basis?
We process your identification and contact data in order to proceed to the collection of the annual fee and issuance of the membership card or respond to the questions you ask us through our contact forms and comments. Asociación Amigos del Tambor will only access data of minors, when the representative of the minor provides them in order to register them in the Association. The processing of this data is necessary to respond to your request for information or, where appropriate, for the necessary management of the requested contracting and provision of the corresponding services.
How long will we keep your personal data?
We will keep your data for as long as the purpose for which they have been collected is maintained. When it is no longer necessary for this purpose, we will keep blocked those data that may be necessary during the legally established periods to deal with any question relating to their treatment, remaining at the exclusive disposal of Judges and Courts, the Public Prosecutor's Office or the competent Public Administrations. Once the aforementioned period has elapsed, Asociación Amigos del Tambor will delete your data.
On what basis do we process your data?
We rely on the provisions of Article 6 of the GDPR.
With whom do we share your personal data?
Your data will be transferred or communicated to third party companies or service providers in all those cases in which it is necessary for the development, compliance and control for the provision of the requested service or in cases where there is a legal obligation. In this sense, your data may be transferred, without limitation or exclusion, to the bodies of the Public Administration whose transfer is necessary for the provision of services arising from the business relationship.
Will data be transferred internationally?
No international transfers will be made.
What security measures do we employ?
The personal data communicated by the user to the website may be stored in automated or non-automated databases, the ownership of which corresponds exclusively to the website, which assumes all the technical, organisational and security measures that guarantee the confidentiality, integrity and quality of the information contained therein in accordance with the provisions of current data protection legislation.
Communication between users and the website uses a secure channel, and the data transmitted is encrypted using HTTPS protocols. We therefore guarantee the best security conditions so that the confidentiality of users is guaranteed.
What rights do you have when providing your data and how can you exercise them?
In addition to the right to be informed in the way we are informing you in this clause, you have the following rights:- Right of access to know what data of yours are being processed, for what purposes, the origin of the same and whether we communicate or have communicated them to third parties;- Right to modify your data when they are incomplete or inaccurate;- Right to delete your data if the purpose for which you provided them has disappeared, the processing is not lawful, or you revoke your consent and other assumptions provided by law;- Right of opposition to prevent us from processing your data for certain purposes, or request that we stop doing so, although it is only possible in the cases established by law; - Right to request the limitation of processing while the accuracy of the data is being challenged, or you understand that the processing is unlawful and you oppose the deletion of the data, or Asociación Amigos del Tambor no longer needs the data but you need them for the formulation, exercise or defence of claims, or you have opposed the processing of the data for the satisfaction of a legitimate interest while the existence of said interest and its prevalence over your own is being verified;- The right to portability in order to receive your data in a structured and commonly used electronic format and to be able to transmit them to another data controller; - The right not to be subject to automated individual decisions so that we do not make a decision about you based solely on the processing of your data that produces legal effects in your personal sphere or affects you in a similar way.
To exercise any of these rights, please write to: Asociación Amigos del Tambor with address at C/ Asunción, nº8. CP:02500. Tobarra. Albacete or administracion@amigosdeltambor.org, enclosing a photocopy of your Identity Document. You may also exercise this right before the Control Authority by contacting the SPANISH DATA PROTECTION AGENCY. CALLE JORGE JUAN, Nº16. CP: 28001- MADRID.