Confidentiality and Data Protection Policy
Promoesport Group (Promoesport Asociados 2011, S.L., Promoafrica 2009, S.L., Promoesport Andalucia, S.L., Promoesport Madrid 2014, S.L., Promoesport Norte 2012, S.L., Grupo Polari 2009, S.L. and Lorlind, S.L.), is committed with due diligence and compliance with the Data Protection regulations. As an axis of this duty and commitment, the Data Protection Channel has been incorporated (DATAPROTECT line) which includes the fundamental elements of Data Protection, all managed, supervised and accredited by BONET consulting, a specialized firm and leader in Regulatory Compliance and Data Protection.
The detailed information on the confidentiality policy and Protection of Personal Data in compliance with the provisions of Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27 of 2016, concerning the protection of physical people regarding the processing of personal data and the free circulation of this data.
(General Regulation of Data Protection or RGPD).
Data of the Responsible for the processing and contact of the Responsible/ Delegate for Data Protection (RPD / DPD):
Identity: Sara Hernando López
- Direction/C. P: C/ Frederic Mompou nº 4B 4º 1ª (08960) Sant Just Desvern, Barcelona
- Phone: 93-4776556
- E-mail: email@example.com
- RPD/DPD Contact details: Sara.firstname.lastname@example.org
- Data Protection Channel: www.dataprotect-line.com/promoesport-associated
The entity will handle information provided by people which are interested with the following criteria:
-Manage their attention, visit and meeting in our facilities, as well as the management and delivery of hired products/services
-Manage any type of request, suggestion or petition about our professional services which are formulated by interested people
-Informational and commercial communications: processing of their data in order to inform them about activities, articles of interest and general information related to our activity and the products/services which are hired
-Manage data provided by candidates to a job through the Curriculum Vitae (CV) for the purpose of recruitment and selection process.
For the right purpose and development of their attention and management of the above principles, the person gives consent to the processing of his data, all under the strictest compliance of the Data Protection regulations and the policy that we are configurating. At all times a person can exercise their own rights (see specific section).
Data conservation criteria
Management of hired products/services from the Entity: the personal data provided in the contracts, offers and / or proposal of services, as well as those of the rest of people whose intervention is necessary, will be conserved during the time that the hired services are valid. At the end of the provision of the hired service (s), the personal data will be kept in the assumptions that could lead responsibilities with the Entity and / or in compliance with other regulatory frameworks that apply to the Entity or a norm with legal rank that requires the conservation of these. Personal data will be kept and maintained in a way that allows the identification and the exercise of the rights of those affected and, under the legal and organizational technical measures that are necessary to guarantee the confidentiality and integrity of these.
Curriculum Vitae management: The Entity, as a rule, keeps its Curriculum Vitae for a maximum period of one year; Once this period has ended, it will be automatically destroyed, in compliance with the data quality principle.
Others: The rest of the data and information provided by the user by any measure, will be preserved for as long as necessary to fulfil the purpose for which they were collected.
The legal basis that enables the Entity to deal with the personal data of users, customers, potential customers under the following titles:
The consent of the interested people for the processing and management of any request of information or consultation about our services and products.
The consent given by the candidates to a job for the purpose of selection and recruitment.
The framework of provision and / or hiring of services/products with the Entity.
The legitimate interest to send informational, commercial communications and / or promotional offers related to the activity of the Entity and the services/products hired through email or any other means.
Personal data is not transferred to third parties, aside legal disposition.
Personal data is obtained directly from interested people and our collaborators. The categories of personal data that our collaborators provide us are the following:
-Electronic or postal addresses
-Data facilitated and / or consented by interested parties related and necessary for the management and delivery of the requested service/product
Right of Access, Rectification and Suppression: People who are interested have the right to obtain confirmation on whether the Entity is treating personal data that concerns them, or not. Interested people have the right to access their own personal data, as well as to request the rectification of inaccurate data or request its deletion when, among other reasons, the data is no longer necessary for the purposes that were collected.
Right to Limitation and Opposition: In certain circumstances, the interested ones may request the limitation of the of the processing of their data, in which case we will only keep them for the exercise or defense of complaints. In certain circumstances and for reasons related to their particular situation, the interested ones may stand against the processing of their personal data. The Entity will stop processing the data in this case, except for legitimate compelling reasons, or for the exercise or defense of possible complaints.
These rights may be applied in our Data Protection Channel, see specific section.
Data Protection Channel / DATAPROTECT – line
The entity has implemented a Data Protection Channel, contemplating the highest commitment, rigor and professionalism in terms of security, experience, independence and knowledge in the processing of the communications received.
The Data Protection Channel has been implemented through a web platform, developed and managed by an independent external expert, to provide and guarantee our previous commitments.
Through the Data Protection Channel, people will be able to communicate and process the exercise of their rights (see previous section) and communicate any indication or knowledge that they may possess of a possible security breach and / or possible breaches or irregularities in the regulations of Data Protection or the present policy of the Entity. The data access to the Data Protection Channel is detailed at the beginning of this policy.
Attention and Support
People that are interested may communicate to the Entity any doubt about the process of their personal data or interpretation of our policy, by contacting the Data Protection Manager (RPD) at the address indicated at the beginning of this policy.