Privacy Policy

We comply with the provisions of the obligations under the second paragraph of Article 22 of Law 34/2002 of 11 July, of Information Society Services and Electronic Commerce (hereinafter, LSSI), in relation to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, General Data Protection (hereinafter, GDP) and the Organic Law 3/2018 of 5 December, on Data Protection and Guarantee of Digital Rights (hereinafter, OLDPGDR).

Through this privacy policy, we provide you with information about the processing of the personal data that you provide or will provide while browsing, should you choose to continue. It also encompasses our data protection policy for instances where explicit reference is made to it.

 

1. PERSON RESPONSIBLE FOR PROCESSING

The entity in charge of processing and the owner of the domain www.legadoandalusi.es (hereinafter referred to as the Website) is FUNDACIÓN PÚBLICA ANDALUZA EL LEGADO ANDALUSÍ with registered offices in C/ MARIANA PINEDA, S/N – EDIFICIO CORRAL DEL CARBÓN. 18009 GRANADA (Spain), with Vat No.: G-18.411.975.

Contact details:

  • Telephone: (+34) 958 225 995
  • E-mail: info@legadoandalusi.es
  • We have a Data Protection Officer . who holds the authority granted by law regarding the protection of personal data. You can reach out to him/her by sending a communication to the following email address: dpd.legado@juntadeandalucia.es​

2. PURPOSE OF PROCESSING AND LEGITIMACY

The purpose of the data you provide us with is:

a) To send you the information requested and to resolve any queries you make to us through the contact section made available to you on the website. The basis of legitimacy is the consent given.
b) Respond to the queries you make in relation to the exercise of the rights about which we inform you below. The basis of legitimacy is the fulfilment of legal obligations on our part. In the fulfilment of these obligations, we may communicate your data to the Public Administrations and courts, provided that such information is required in accordance with the established legal processes.
c) By sending us your curriculum you authorize us to analyze the data and documents contained therein. They will be kept for a maximum period of one year, unless you tell us otherwise. The basis of legitimacy is the consent given. The basis of legitimacy is the consent given.
d) Data collected through the forms to promote establishments or services, activities, news, cultural events, have the purpose explicitly stated therein. The basis of legitimacy is the consent given.
e) If you expressly authorize us to do so, we may send you information related to our activity, by any electronic means, including the sending of newsletters. This information will be kept as long as you do not request its deletion. The basis of legitimacy is the consent given.
f) The data collected through banners / forms or data requests to participate in our activities, have the purpose explicitly stated therein. The basis of legitimacy is the consent given.
g) If there are services or applications available, they will have their own specific terms and conditions regarding the protection of personal data. It is crucial to read and agree to these terms before requesting the respective service.

Additional information: You can consult the additional and detailed information on Data Protection of our Treatment Registers in the following link: https://www.legadoandalusi.es/wp-content/uploads/2022/05/TABLA-REGISTROS-R3-2022.pdf

3. DATA RETENTION PERIOD.

The data you provide will be kept as long as there is a mutual interest to maintain the purpose of processing. They will be blocked when they are no longer necessary for the purpose for which they were collected or when you have exercised your right of deletion, cancellation and / or limitation of treatment. Once this period has elapsed, the data will be deleted in accordance with the provisions of the data protection regulations, which implies its blocking. During the period of prescription, the data will remain solely accessible to judges, courts, the Public Prosecutor’s Office, and the competent administrative authorities, particularly the Data Protection Authority, for addressing responsibilities arising from data processing. Upon the expiration of this period, the data will be securely destroyed to ensure complete elimination.

In addition to the general treatment of the previous point, the conservation period of four years will be observed (Art. 66 and following of the General Tax Law), and six years for accounting books and invoices (Art. 30 of the Commercial Code).

4. YOUR RIGHTS

Data protection regulations give you the following rights in relation to the processing of personal data:

  • Right of access: right of access to your personal data to know which are being processed and the processing operations carried out with them.
  • Right of rectification: To be able to request the modification of your data for being inaccurate or not truthful.
  • Right of portability: To be able to obtain a copy in an interoperable format of the data being processed.
  • Right to limitation of processing, in the cases set forth in the Law.
  • Right to erasure: To request the erasure of your data when the processing is no longer necessary.
  • Right of opposition: To request the cessation of the sending of commercial communications in the terms indicated.
  • Right to revoke the consent given.


To exercise these rights, you must send an express request, together with a copy of your ID card or equivalent valid accreditation document, by the following means:

  • E-MAIL addressed to dpd.legado@juntadeandalucia.es with subject Data Protection and right to exercise. This should be sent from the e-mail address included in the form. Otherwise, they will not be shown to you, as we do not consider your identity to be sufficiently proven.
  • BY POSTAL MAIL: Addressed to: C/ MARIANA PINEDA, S/N – EDIFICIO CORRAL DEL CARBÓN. 18009 GRANADA (Spain)

If you do not receive a reply in due time and form from the Provider, or if you do not find the reply satisfactory, you are informed that the competent supervisory authority is the Spanish Data Protection Agency (www.aepd.es ). On its website you can find a series of models that will help you to exercise your rights.

5. NON-TRANSFER OF DATA

Users are expressly informed that their personal data will not be transferred to third parties under any circumstances, unless legally obliged to do so. Any exception to this rule will require your prior express, informed and unequivocal consent.

6. SECURITY MEASURES

In accordance with the provisions of the regulations in force on personal data protection (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 and Organic Law 3/2018 of 5 December on the Protection of Personal Data and Guarantee of Digital Rights), the Provider complies with all the provisions of the GDP and OLDPGDR regulations for the processing of personal data under its responsibility, and manifestly with the principles described in Article 5 of the GDP, whereby they are processed lawfully, fairly and transparently in relation to the data subject and in a manner that is adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.

Appropriate technical and organisational policies are in place to protect your rights and freedoms, providing you with all the information necessary for you to exercise your rights. However, you should be aware that security measures on the Internet are not impregnable.
This website uses HTTPS (secure connection). This is a security protocol that makes your data travel in an integral and secure manner, i.e. the transmission of data between a server and web user, and in feedback, is fully encrypted.

7. MINORS

Minors under the age of 14 are not permitted to utilize the services offered on the website without prior authorization from their parents, guardians, or legal representatives. The aforementioned individuals will bear sole responsibility for all activities conducted by the minors under their care on the website, including the submission of forms containing the minors’ personal data and any associated checkboxes. We do not assume responsibility for the accuracy and truthfulness of the information provided.

The collection of personal data from minors must be based on their consent only if they are 14 years of age or older. Exceptions to this rule apply in cases where the law mandates the involvement of parents or legal guardians for the completion of an act or legal transaction, which is the context in which consent for data processing is being sought.

The processing of data of minors under 14 years of age, based on consent, shall only be lawful if the consent of the holder of parental authority or guardianship is given, to the extent determined by the holders of parental authority or guardianship.

8. DURATION AND MODIFICATION OF THE PRIVACY POLICY

The Provider reserves the right to modify this Privacy Policy, in whole or in part, by publishing the changes on the Website Likewise, the Provider may change, delete or add, without prior notice, both the content and services provided, as well as the way in which they are presented. Consequently, the Policies that are published at the time of access will be understood to be in force, so you should read them periodically.

Regardless of the foregoing, access to the website’s contents may be terminated, suspended, or interrupted at any time without prior notice, and the user will not be entitled to claim any form of compensation.

Subscribe to our Newsletter

Subscribe to our Newsletter

Join the e-mail list of El legado andalusí to receive the last news on the Foundation.

Thanks for subscribing!

Share This