In compliance with the provisions of the General Data Protection Regulation 2016/679 (GDPR) and the Organic Law on Data Protection and Guarantee of Digital Rights (LOPDGDD) of December 2018, we inform you:
DATA CONTROLLER
Identity: Youth With A Mission Santiago de Compostela, with CIF R 1500448 D, hereinafter referred to as “the Controller”
Address: Ramón Baltar, 33; 15702; SANTIAGO DE COMPOSTELA – A CORUÑA
Email: hola@ywamsantiago.com
PURPOSE OF DATA PROCESSING
We inform you that the data you provide us will be processed for the following purposes: to attend to and respond to contact and/or information requests received, as well as to facilitate, expedite, and fulfill the commitments established between the Controller and the User, and to maintain the established relationship.
In accordance with the GDPR, a record of processing activities is maintained specifying, by purpose, the processing activities carried out and other circumstances established by the GDPR.
Personal information may not be used for purposes other than those related to the contracted services or purchased products. No automated decisions will be made based on said profile.
LEGAL BASIS FOR DATA PROCESSING
The legal basis for the processing is:
- The consent given by the User by accepting this Policy and the corresponding checkbox.
- The User has provided their personal data within the framework of a contractual or pre-contractual relationship for the purpose of handling their request and/or inquiry; therefore, the processing is necessary for maintaining said relationship.
- Legal obligations applicable to the Controller that require the processing of personal data in accordance with the services provided, such as tax-related matters.
The User may revoke their consent for the processing of their personal data at any time. In no case will the withdrawal of consent condition the provision of the service and/or the execution of contracts with the Controller.
PERSONAL DATA PROCESSED AND ORIGIN
The personal data we process have been provided by the User through the contact form, email communications, or use of features offered on the website.
Using the contact sections, forms, and/or features offered on the website is voluntary. However, completing certain fields or using certain features is necessary to handle your request properly. Refusal to provide the required information may prevent the Controller from handling the request appropriately.
The User guarantees that the data provided are true, accurate, and complete. Data will be deleted, erased, or blocked if they are found to be inaccurate, incomplete, or no longer necessary or relevant according to current legislation.
If the personal data provided belongs to a third party, the User guarantees they have informed said party of this Privacy Policy and obtained their authorization to provide their data for the stated purposes. Likewise, the User guarantees the data is accurate and up to date and is responsible for any direct or indirect damage resulting from non-compliance with this obligation. The User commits to keeping the data updated and accurate.
LINK POLICY
This website may include links to third-party sites. These websites have not been reviewed or are not controlled by this portal. The Controller is present on Instagram and Facebook to inform about its services and other activities or information for promotional purposes. No personal data from users interacting on those platforms will be collected unless expressly authorized.
The Controller is not responsible for the content of these sites or their privacy and personal data handling policies. It is recommended to read the terms of use and privacy policies of these websites carefully.
If you are interested in linking to this site, you must notify the Controller and obtain express consent. The Controller reserves the right to oppose the activation of links to its website.
DATA RETENTION PERIOD
Personal data provided by the User will be kept as long as the user remains registered for the service, the business relationship continues, the User does not request deletion, or for the legally established period.
Data may also be retained if necessary to comply with a legal obligation or for the establishment, exercise, or defense of legal claims.
If the User revokes consent or exercises rights of objection or deletion, the data will be blocked and made available to the legal authorities during the legally established periods to address any potential responsibilities arising from processing. This will not affect the provision of the service or execution of contracts with the Controller.
DATA SECURITY AND CONFIDENTIALITY
The Controller commits to adopting the necessary technical and organizational measures, according to the appropriate level of security based on the risk, to ensure the security of personal data and prevent their accidental or unlawful destruction, loss, alteration, or unauthorized access or disclosure.
Personal data will be treated confidentially by the Controller, who will ensure that confidentiality is maintained by employees, partners, and any other persons to whom the data is accessible, through legal or contractual obligations.
DISCLOSURE AND RECIPIENTS OF PERSONAL DATA
Data will not be disclosed to third parties, except where legally required or when necessary to fulfill the purposes of processing.
USER RIGHTS
What rights do you have when you provide us with your data?
The User has the right to:
- Confirm whether we are processing their personal data.
- Access their personal data.
- Request correction of inaccurate data.
- Request deletion when data is no longer necessary for the purposes for which it was collected.
- Request limitation of processing under certain circumstances.
- Object to processing based on personal circumstances, in which case processing will cease unless there are compelling legitimate grounds or legal claims.
- Data portability, where legally applicable, meaning the right to receive personal data in a structured, commonly used, machine-readable format and transmit it to another controller.
You can exercise these rights by contacting Youth With A Mission Santiago de Compostela with a written request accompanied by a copy of your ID, referencing “RGPD Rights,” at the address Ramón Baltar, 33; 15702; SANTIAGO DE COMPOSTELA – A CORUÑA, or by email to: hola@ywamsantiago.com
You may also file a complaint with the Spanish Data Protection Agency www.agpd.es, the Supervisory Authority in Spain.
