“Golden Goose Events” informs users of the website about its policy regarding the treatment and protection of personal data of users and customers that may be collected by browsing, purchasing products or contracting services through its website. In this sense, “Golden Goose Events” guarantees compliance with current legislation on the protection of personal data, as reflected in Organic Law 15/1999 of December 13th on the Protection of Personal Data and in Royal Decree 1720/2007 of December 21st, approving the Regulations for the Development of the LOPD, and in the General Data Protection Regulations (RGPD) (EU) 2016/679.
In compliance with the current legislation on data protection, users are informed that the technical and organisational measures have been taken in accordance with the provisions of the aforementioned regulations at Golden Goose Events. The personal data collected on the forms are processed only by Golden Goose Events staff or by the persons responsible for processing them. The security measures appropriate to the data provided have been adopted and, in addition, all the technical means and measures available have been installed to prevent the loss, misuse, alteration, unauthorized access and theft of the data provided to us.
The Client or User declares that all the information provided by him/her is true and correct and undertakes to keep it up to date, notifying Golden Goose Events of any changes to it. The user will be responsible for the truthfulness of his or her data and will be solely responsible for any conflicts or disputes that may result from the falsity of the same. It is important that, in order for us to keep your personal information up to date, you inform Golden Goose Events whenever there has been a change in your personal information. Otherwise, we cannot be held responsible for its accuracy.
EXERCISE OF RIGHTS
The LOPD and the RGPD gives data subjects the possibility to exercise a range of rights related to the processing of their personal data. Insofar as the user’s data are processed by Golden Goose Events, they may exercise their rights. To do so, the user must provide documentation proving his identity (ID card or passport), by e-mail to firstname.lastname@example.org, or by written communication to the address given in our legal notice. Such communication must reflect the following information: Name and surname of the user, request for application, address and supporting data.
The user himself must carry out the exercise of rights. However, an authorised person as the authorised person’s legal representative may execute them. In this case, the documentation proving the representation of the interested party must be provided.
The user may request the exercise of the following rights:
- Right to request access to personal data.
- Right to request rectification (if incorrect) or deletion.
- Right to request limitation of their treatment, in which case they will only be retained by Golden Goose Events for the exercise or defence of claims.
- Right to oppose to processing: ‘Golden Goose Events’ will no longer process your data, unless for legitimate reasons or the exercise or defence of any claims must continue.
- Right to data portability: in case you want your data to be processed by another company, Golden Goose Events will provide your data portability to the new owner.
In the event that consent has been given for a specific purpose, the user has the right to withdraw consent at any time, without affecting the lawfulness of the processing based on the consent prior to its withdrawal.
If an user considers that there is a problem with the way in which “Golden Goose Events” is handling their data, they can address their complaints to the Security Officer or to the corresponding data protection authority, the Spanish Data Protection Agency being the one indicated in the case of Spain.
Disaggregated data shall be kept without a deadline for deletion. With respect to Customer data, the period of retention of personal data will vary depending on the service contracted by the Customer. In any case, it will be the minimum necessary, being able to be maintained until:
- 4 years: Law on Infringements and Sanctions in the Social Order (obligations regarding affiliation, registration, cancellation, contribution, payment of salaries…); Arts. 66 ff. General Tax Law (accounting books…)
- 5 years: Art. 1964 Civil Code (personal actions without special time limit)
- 6 years: Art. 30 Commercial Code (accounting books, invoices…)
- 10 years: Article 25 of the Prevention of Money Laundering and Financing of Terrorism Act.
Users of mailing lists or those uploaded by Golden Goose Events to RRSS pages or profiles will be retained until the user withdraws consent.
Candidate Data (C.V.), if available: In the event that the candidate is not selected, Golden Goose Events may keep his or her CV stored for a maximum of two years to be included in future calls for applications, unless the candidate indicates otherwise.
DATA COLLECTION AND PROCESSING
“Golden Goose Events” has the duty to inform the users of its website about the collection of personal data that may be carried out, either by sending e-mail or by completing the forms included on the website. In this sense, “Golden Goose Events” will be held responsible for the data collected by the means described above.
Golden Goose Events” informs users that the purpose of the processing of the data collected is to deal with requests made by users, to include them in the agenda of contacts, to provide products or services and to manage the business relationship. The operations, formalities and technical procedures that are carried out in an automated or non-automated manner and that make possible the collection, storage, modification, transfer and other actions on personal data, are considered as the Processing of personal data.
The Golden Goose Events Web Site is SSL encrypted, which allows the User to securely submit personal information via the contact forms on the Web Site.
“Golden Goose Events” makes available to users a series of telematics mechanisms for the collection and processing of their personal data, for the purposes set out above. The personal data provided in a telematics way, either through email, the contact forms on this website or online contracting will be used for the commercial and administrative management of the company’s customers and users. These data will be processed through servers managed by https://www.siteground.es/, which is also the company that provides e-mail services, and which will be considered as the Data Processor.
As established by the LSSICE, “Golden Goose Events” undertakes not to send commercial communications without identifying them as such. For these purposes, information sent to customers for the maintenance of the existing contractual relationship will not be considered as commercial communication.
In any case, only the necessary data will be obtained to be able to carry out the contracted service, or to be able to respond adequately to the request for information made by the user.
Occasionally, personal data will be provided through links to third party websites. In this case, at no time will Golden Goose Events’ staff have access to the personal data that the Customer provides to such third parties.
“Golden Goose Events” has a profile on the main social networks on the Internet (Facebook, Twitter, LinkedIn, Instagram, Google+), recognizing itself in all cases as responsible for processing the data of its followers, fans, subscribers, commentators and other user profiles (hereinafter, followers) published by “Golden Goose Events”. Golden Goose Events” will process such data within each of the aforementioned networks as the social network allows for corporate profiles.
“Golden Goose Events” will be able to inform its followers, when the law does not prohibit it, by any means that the social network allows on its activities and offers, as well as provide personalized customer service. Under no circumstances will Golden Goose Events extract data from social networks, unless the user’s express consent to do so has been obtained (e.g. for the holding of a contest).
DISCLOSURE OF INFORMATION TO THIRD PARTIES
“Golden Goose Events” will not transfer or communicate your data to any third party, except in the cases provided for by law or when the provision of a service involves the need for a contractual relationship with a data processor, and always in accordance with the general conditions approved by the user prior to contracting it. Thus, when contracting our services, the user accepts that some of them may be totally or partially subcontracted to other people or companies, which will be considered as Treatment Managers, with whom the corresponding confidentiality agreement has been agreed, or adhered to their privacy policies, established in their respective web pages. You also accept that some of the personal data collected may be provided to these Data Processors, when necessary for the effective performance of the contracted service. The user may refuse to transfer his/her data to the Data Processors, by written request, by any of the aforementioned means.
The information provided by the client will in any case be considered confidential and may not be used for purposes other than those related to the services contracted or products purchased from “Golden Goose Events”. “Golden Goose Events” undertakes not to disclose or reveal information about the client’s claims, the reasons for the advice requested or the duration of its relationship with the client.
This privacy and data protection policy has been drafted by EXPERTOS LOPD®, data protection company, on June 6, 2018, and may vary depending on the changes in regulations and case law that occur, the holder of the data being responsible for reading the updated document, in order to know their rights and obligations in this regard at any time.