“Golden Goose Events” is deeply committed to the fulfillment of the Spanish and European regulations on the protection of personal data, and guarantees the complete fulfillment of the obligations set forth, as well as the implementation of the security measures set forth in the General Data Protection Regulation (RGPD) (EU) 2016/679 and in Organic Law 3/2018, of December 5, on data protection and digital rights (LOPD and GDD, hereinafter LOPD).

In accordance with these regulations, we inform you that the use of our website may require you to provide certain personal data through contact forms, or by sending emails, and that these will be processed by “Golden Goose Events”, the data controller, whose details are

– Company Name: Golden Goose Events S.L.
– CIF: B66540535
– Registered Address: C/ Monturiol, 40-44 – 1º 4 – Esc 1 – 08018 Barcelona
– Telephone: +34 937 308 146
– eMail: [email protected]

 

Obtaining and Processing of Personal Data
A personal data is any information concerning a person: name, email, address, telephone, NIF/NIE… Additionally, when a User visits our website, certain information is automatically stored for technical reasons, such as the IP address assigned by his or her Internet access provider.

“Golden Goose Events”, as responsible for the processing, has the duty to inform the Users of its website about the collection of personal data that can be carried out, either by sending an e-mail or by filling in the forms included in the website.

Only the data necessary to carry out the service contracted, or to be able to respond adequately to the request for information made by the User, will be obtained. The data collected are identifying and correspond to a reasonable minimum to be able to carry out the activity performed. In particular, no specially protected data is collected at any time. Under no circumstances will the data be used for any other purpose than that for which it was collected.

Contact forms/email
Purpose: To answer your request for information made through our contact form(s).
Legitimation: The legal basis for this treatment is the consent of the user, who may revoke it at any time.
Data transfer: The personal data will be processed through servers managed by Siteground, which will be considered the Data Processor.

User registration forms
Purposes:
– Manage your user registration on our website.
– Sending communications via email and/or telephone, in order to inform the User of possible incidents, errors, etc.
Legitimation: The legal basis for this treatment is the consent of the User, who may revoke it at any time.
Data transfer: The personal data will be processed through servers managed by Siteground, which will be considered the Data Processor.

Underage people
This website may only be used by persons over 14 years of age. As required by the LOPD and GDD, in the case of minors under 14 years of age, the consent of their parents or guardians will be a mandatory condition for us to process their personal data.

User Registration
When the User registers through the corresponding form, the information we collect includes:
– First and last name
– Email
– IP
– Username/password

In addition, the User must validate a captcha (anti-bots) system and accept the terms and conditions.

Passwords are at the User’s discretion with the following conditional: minimum 6 characters, maximum 20 characters. They do not expire. To recover the password the User must go to the specific form and enter his email.

You will receive a recovery email in that email account with a unique link that you must click. When accessing it you will have a form in which you must specify the new password twice (the second time is to confirm it and avoid typographical errors by the User). From that moment on, the new password will be valid and the previous one will be invalidated.

To validate the account and finish the registration process, the User receives an email with a unique hyperlink that he must click on to confirm his identity. This system (double opt-in) will be understood for all purposes as the provision of express and unequivocal consent by the User to the processing of personal data in the terms set out in this document.

The User, once registered, has access to a private panel, where he/she can see certain contents, register of comments made, etc. You can also manage your account options, such as a password or user data.

In “Golden Goose Events” we will block a User account if he commits suspicious or fraudulent actions. User accounts are not deleted for lack of use. To delete an account, the User must request it through their User panel, or by contacting us.

Security Measures
Users of the “Golden Goose Events” website are informed that the technical, organizational and security measures available to us have been adopted to prevent the loss, misuse, alteration, unauthorized access and theft of data, and thus guarantee the confidentiality, integrity, and quality of the information contained therein, in accordance with the provisions of current legislation on data protection. The personal data collected in the forms are processed only by the personnel of “Golden Goose Events” or the designated Data Processors.

The website of “Golden Goose Events” also has a SSL encryption, which allows the user to send safely his personal data through the contact forms of the website.

Accuracy of data
The User declares that all the data provided by him/her is true and correct and undertakes to keep it updated. The User will be responsible for the veracity of his or her data and will be the only party responsible for any conflicts or litigation that may result from the falsity of such data. It is important that, so that we can keep the personal data updated, the User informs “Golden Goose Events” whenever there has been any modification in the data.

Data transfer
“Golden Goose Events” will not transfer or communicate your data to any third party, except in the cases provided for by law or when the provision of a service implies the need for a contractual relationship with a data processor. Thus, the User accepts that some of the personal data collected will be provided to these Data Processors (payment platforms, management companies, intermediaries, etc.), when it is necessary for the effective performance of a contracted service or acquired product. The User also accepts that, in the event of services being provided, these may be subcontracted, either totally or partially, to other persons or companies, who will be considered as Data Processors, with whom the corresponding confidentiality contract has been agreed upon, or who adhere to their privacy policies, established on their respective websites. The User may refuse the transfer of his/her data to the Data Processors, by means of a written request, by any of the aforementioned means.

In addition, in those cases where it is necessary, the data of Clients may be transferred to certain bodies, in compliance with a legal obligation: Spanish Tax Agency, banks, Labour Inspectorate, etc.

Exercise of User Rights
The LOPD and the RGPD grant the interested parties the possibility of exercising a series of rights related to the processing of their personal data. To do so, the User must contact us, providing documentation that proves his or her identity (ID card or passport), by e-mail to [email protected], or by written communication to the address that appears in our Legal Notice. This communication must contain the following information: the User’s name and surname(s), the request for the application, the address, and the supporting data.

The exercise of rights must be made by the User himself/herself. However, they may be carried out by a person authorized as the User’s legal representative, providing the documentation that accredits such representation.

The User may request the exercise of the following rights:
– The right to request access to personal data.
– The right to request their rectification (in case they are incorrect) or deletion.
– The right to request the limitation of their treatment, in which case they will only be kept by “Golden Goose Events” for the exercise or defense of claims.
– Right to object to the processing: “Golden Goose Events” will stop processing your data, unless for legitimate reasons or for the exercise or defense of possible claims it is necessary to continue processing.
– Right to the portability of the data: in case you want your data to be processed by another company, “Golden Goose Events” will provide you with the portability of your data in exportable format.

In the event that consent has been given for a specific purpose, the User has the right to withdraw consent at any time, without affecting the lawfulness of the processing based on the prior consent to the withdrawal.

If a User considers that there is a problem with the way “Golden Goose Events” is handling his data, he can address his claims to the Security Manager or to the corresponding data protection authority, being the Spanish Data Protection Agency the one indicated in the case of Spain.

Data retention
The personal data of Users who use the contact form or who send us an email requesting information will be treated for the time strictly necessary to meet the request for information, or until the consent given is revoked.

The personal data of the Clients will be treated until the end of the contractual relationship. The period of conservation of personal data will be the minimum necessary and may be maintained until:
– 4 years: Law on Infractions and Penalties in the Social Order (obligations regarding affiliation, registrations, cancellations, contributions, payment of salaries…); Arts. 66 and the following. General Tax Law (accounting books…)
– 5 years: Art. 1964 Civil Code (personal actions without special term)
– 6 years: Art. 30 Commercial Code (accounting books, invoices…)
– 10 years: Art. 25 Law on the Prevention of Money Laundering and Financing of Terrorism
– No time limit: disaggregated and anonymous data.

In the case of data processing of candidates (C.V.), “Golden Goose Events” may keep its curriculum stored for a maximum of two years to incorporate it into future calls, unless the candidate states otherwise.

Social networking
“Golden Goose Events” has a profile on some of the main social networks on the Internet (Facebook, Twitter, LinkedIn, Google+, Instagram), and is in all cases responsible for processing the data of its followers, fans, subscribers, commentators and other user profiles (hereinafter referred to as followers) published by “Golden Goose Events”.

The purpose of the data processing by “Golden Goose Events”, when not prohibited by law, will be to inform its followers about its activities and offers, by any means that the social network allows, as well as to provide personalized customer service. The legal basis that legitimates this treatment will be the consent of the interested party, which can be revoked at any time.

Under no circumstances will “Golden Goose Events” extract data from the social networks, unless the User’s consent to do so was obtained specifically and punctually (for example, to hold a competition).

 

Selection of personnel
The applicant that sends electronic communications to “Golden Goose Events”, with the purpose of accessing the personnel selection processes of the person in charge, authorizes us to analyze: the documents sent (for example, the C.V.), all the content that is directly accessible through Internet search engines (for example, Google), the profiles that you maintain in professional social networks (for example, LinkedIn), the data obtained in the access tests, and the information that you reveal in the job interview; with the purpose of evaluating your application and being able, if necessary, to offer you a job. In case the candidate is not selected, “Golden Goose Events” may keep his C.V. stored for a maximum of two years, in order to incorporate it to future calls, unless the candidate states otherwise. The legal basis that legitimates this treatment will be the consent of the interested party, who will be able to revoke it at any time.

Confidentiality
The information provided by the client will, in any case, be considered confidential and may not be used for any other purpose than those described here. “Golden Goose Events” undertakes not to disclose or reveal information about the User’s claims, the reasons for the advice requested, or the duration of the relationship with the User.

Validity
This privacy and data protection policy has been drawn up by ExpertosLOPD®, a data protection company, on 22 January 2020, and may vary depending on changes in regulations and jurisprudence that may occur. It is the responsibility of the owner of the data to read the updated document, in order to know their rights and obligations in this regard at all times.