Who is the person responsible for the processing of personal data?
Company name: BCN Congress, S.L.
Address: C / Alacant 16, Nave 4, 08940 de Cornellà de Llobregat (Barcelona)
How did we get your data?
You have provided them to us: either on-line or off-line, when you request our services in order to maintain the legal-commercial relationship with you or to send you information about our services and promotions.
When you provide us with personal data, you guarantee that you are entitled to provide this information and that it is true, accurate and up-to-date, that it is not confidential, that it does not violate any contractual restrictions or third party rights and that it undertakes not to impersonate other users.
We have obtained them automatically: if you have provided us with data through this website or any of its sub-domains and/or microsites, we collect information, for example, when you access the page, when you fill in any form with personal data, when you upload information or content (for example, on our blog), or when you communicate with us directly by email.
When you visit our website, data is sent from your browser to our server, to optimize our services and improve your user experience, for example, when you access the site or when you log in through third party services such as social networks. Such data may be collected and stored automatically by us or by third parties on our behalf. This data may include:
- the user’s IP address
- the date and time of the visit
- the URL of the site from which the user comes
- pages visited on our website
- information on the browser used (type and version of the browser, operating system, etc.)
In the event that our website has social network connectors, when you choose to interact with us through a social network, we cannot be responsible for the privacy settings chosen by the user. The social network may report your IP address or what page you are visiting on our website and may set a cookie to allow it to function properly. Your name will appear in the likes you give or in the comments you make on our social network page. If you do not want your personal data associated with those likes or comments to appear, you can configure your privacy to avoid this, for example by pseudonymising your data by giving yourself a nickname or alias that does not reveal your name.
If you log in to one of these social networks during your visit to our website, the social network will be able to add that information to your profile and that information will be transferred to the social network. If you do not want this data transfer to take place, please exit your social network session before entering our websites or mobile applications, as it is not in our power to influence this data collection and transfer through social connectors.
If as a user, through our official website in a social network, you decide to publish and/or share texts, photos, videos and other type of information and/or content you will be solely responsible for ensuring that this content complies with the corresponding legal regulations.
Social Networks are not directly hosted by our services. Your interactions with them are governed by their policies and not by ours. Please read the privacy policies of these social networks for details on the collection and transfer of personal data, your rights and your privacy settings.
How old do I have to be to use this website?
Whoever provides the data through the forms on this website and accepts its treatment declares to be over 14 years old, and access and use of the portal is forbidden to minors. If, at any time, we detect that a child under 14 has provided personal data, we will proceed to cancel the data. Likewise, parents or guardians may, in any case, contact BCN Congress, S.L. to block the access account of the minors in their charge who have registered by falsifying their identity.
What do you need to know before sharing third party data?
With respect to other people’s data, you should respect their privacy by taking special care when publishing your personal data. We remind you that, as a user, you only facilitate and consent to the processing of your personal data, but not that of third parties. If you provide us with the data of third parties, you are making a transfer of personal data, and it is your responsibility to have the prior and express consent of these third parties to use and provide us with this data, you are responsible for informing them of the inclusion of their data in our processing.
The publication of third party data without their consent may, in addition to data protection regulations, infringe the right to honour, privacy or one’s own image, rights whose protection is governed by the provisions of Organic Law 1/1982, of 5 May, on the civil protection of the right to honour, personal and family privacy and one’s own image.
What purposes do we give to the personal data we collect?
We may process the data for various purposes, for example:
- To answer your query in order to clarify your doubts and questions.
- To contact you by the means you have not indicated, e-mail, telephone, etc.
- In relation to the information automatically collected by the website, based on your navigation as a user, we create anonymous and aggregated information on your behaviour, segmentation effects and development of anonymous profiles.
This interaction helps us to: improve the performance of the website, promote a more personalised experience, measure and monitor the efficiency of the website, manage the website, so as to ensure that it becomes increasingly secure and transparent.
- Carry out opinion and/or satisfaction surveys and send you, by means of electronic communications, information about our activities, products and/or services (including advertising and/or commercial communications for the purposes of article 21 LSSICE 34/2002). If we already have a previous contractual relationship, we will send these communications on the basis of our legitimate interest (Art. 6 par. 1 letter f RGPD). If we do not have a previous contractual relationship, we will only send you this type of communication if you authorise us to do so by marking the option (opt-in) which is expressly included for this purpose in the corresponding forms (Art. 6 par. 1 letter a RGPD). The electronic communications that we send you will include, in the communication itself, the option to stop receiving them.
- We may take photographs and/or make videos of the activities or events that we organise and/or promote, in order to inform about them, document them and form part of the company’s photographic/video memory.
How long will we keep your personal data?
We will keep your personal data as long as you do not ask us to delete them. Even if you have requested it, we may keep it for the necessary time and limit its processing (blocking), only to comply with the legal/contractual obligations to which we are subject and/or during the legal periods foreseen for the prescription of any responsibilities on our part and/or the exercise or defence of claims derived from the relationship maintained.
What are the grounds for legitimizing the processing of your data?
The grounds for legitimacy are those that allow and enable us to process your personal data legally. There are different legal grounds that allow us to process your data in a legal and lawful way:
- This may be the existing legal-marketing relationship (contract, pre-contract, etc.) between the parties, in the case of a client or potential client.
- It can also be your consent if you have made a request to us through our website, or if you have attended one of our events. This consent is given unequivocally when you provide us with your data online or offline, and such provision is considered a clear affirmative act that manifests such consent. The provision of the requested data is obligatory as it is essential to meet your request; if you do not provide it, we will not be able to carry it out. You may withdraw this consent at any time by sending us an e-mail to that effect to firstname.lastname@example.org. Such withdrawal implies that we will not be able to provide you with the requested services or to attend to your consultations or requests.
- As set out in recital 47 of the GPRD (European General Regulation on Personal Data Protection 2016/679 of 27 April 2016), it also provides a legal basis for processing your data in our legitimate interest:
To inform you of our activities, products and/or services (including by means of electronic communications) or those of third parties with whom we have signed a collaboration agreement. If we already have a previous contractual relationship, we will send such communications on the basis of our legitimate interest. Otherwise, we will only send you such communications if you give us your consent by checking the option expressly included for this purpose in the corresponding forms. In any case, the electronic communications that we send you will include, in the communication itself, the option to stop receiving them in the future.
To whom may we communicate the personal data you provide?
Your personal data will not be transferred to third parties, except that:
- We have your express permission.
- The third parties are suppliers that provide us with products and services (processors) and the communication is a requirement to fulfil our obligations arising from a contract or pre-contract with you.
- A law or regulation with the status of a law requires us to communicate data to entities (AEAT, etc.)
How do we use corporate social media?
We reserve the right to remove from our social networks any information published by third parties that violates the law, incites others to do so or contains messages that violate the dignity of persons or institutions. We also reserve the right to block or denounce the author profile of these messages.
Do we carry out international transfers of your personal data?
An international transfer of data occurs when personal data that are processed by a data controller or processor in the European Economic Area (EU countries, Iceland, Liechtenstein and Norway) are sent to a third country or international organisation outside that territory.
Our suppliers who may have access to personal data, with the aim of providing services ancillary to our activity (hosting, housing, software as a service, remote backup, support services or computer maintenance, email managers, sending e-mails and e-mail marketing, file transfer etc …), have their data processing centres within the European Economic Area or in countries with the same level of adequacy as established by the European Commission and the European Data Protection Committee.
What rights can you exercise?
These are known as ARCO-POL rights, you can exercise them by sending an e-mail to: email@example.com
Right of access: You can ask us what personal data we are processing and even ask for a copy of it.
Right of rectification: You can ask us to rectify inaccurate personal data or to complete those that are incomplete, including by means of an additional declaration.
Right to delete (right to forget): You can ask us to delete your personal data when: they are not necessary for the purposes for which they were collected, you withdraw your consent, there has been an unlawful processing of them or for compliance with a legal obligation.
Right to limit processing: You may ask us to limit the processing of your data, in which case we will only keep them for the exercise or defence of claims.
Right to object: You may object to the processing of your data if such processing is based on the legitimate interest of the data controller or is for advertising purposes.
Once we have received any of the above requests we will respond within the legally established deadlines. You can complain to the Spanish Data Protection Agency. If you would like more information about the rights you can exercise and to request model forms for exercising your rights, you can visit the Spanish Data Protection Agency website, www.aepd.es
What categories of data do we process?
The RGPD establishes two categories of personal data, those known as identifying data and those known as special categories: ethnic or racial origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or health data, biometric data, data concerning life or sexual orientation.
The categories of data we process are identification data, we do not process data considered as special categories of data (genetic, biometric, etc.)