Identity of the Data Controller
MARIO LOSANTOS DEL CAMPO FOUNDATION (hereinafter, “FMLC”)
Avda. España, 17 (C.E. La Gran Manzana), 2nd Floor, 28100 Alcobendas (Madrid)
Contact email: firstname.lastname@example.org
Data Protection Officer contact details
Interested parties may contact the Data Protection Officer (DPO) through the following email address: email@example.com
Targeted data for processing purposes
FMLC will compile and process the data provided by users, such as name, surname, email, etc., through the different channels enabled on the web or sent through the available email addresses. Likewise, the data will be treated confidentially and appropriate security measures will be adopted in accordance with current data protection regulations.
Objectives and legitimacy of the data processing
FMLC will process your personal data for the following objectives:
Manage requests pertaining to the need for more information, as well as enquiries received through the enabled channels, such as email or contact forms present on the website. This data processing is legitimised by the consent granted by the interested party through its referral.
Issuing informative notifications regarding the Foundation’s activities, events and projects, legitimised by the consent displayed by subscribing to the newsletter. If you have a previous relationship with the Foundation, sending such communications will be centred on FMLC’s legitimate interest in keeping you informed.
Keeping you posted on our Blog’s activity and sending published articles, legitimised in the consent displayed by your subscription.
Acquiescing registered students and interested parties to register and access the Virtual Classroom. This process is legitimised by the contract execution and the relationship established between the parties.
Assisting and processing donations and contributions that have been carried out. Said process is legitimised in the correct execution and management of the donation, as well as in the fulfillment of all legal obligations.
Failure to provide the requested data, when established as mandatory through the website’s forms, could lead to our failure in achieving the previously described objectives.
The personal data provided by users will be stored for the length of time deemed necessary to effectively fulfill the previously established objectives.
Explicitly, FMLC will process your personal data during the following periods in order to be able to address possible responsibilities and required legal obligations:
Information obtained through our contact form: 1 year since its referral.
Information compiled to issue informative notifications and our Blog’s activity: 3 years since the user cancels their subscription.
Information regarding student’s and other participants of the Foundation’s courses: 5 years since conclusion.
Information regarding donations and donors: 10 years since the contribution date.
Information pertaining to patients undergoing therapy: 5 years since the end of the relationship.
With regard to the information retention associated with browsing data and cookies, you may attain further information through our Cookies Policy (enlace).
Data recipients and international transfers
FMLC will not share user’s personal data with third parties, nor will they be subject to international transfer, except in cases involving legal obligation or when they are required for performance of the contract and the relationship established between the parties.
The foregoing, without prejudice to the fact that the information compiled by third-party cookies is subject to this type of operation. You may attain further information regarding these transfers through our Cookies Policy. (enlace)
With regards to donations and contributions, we may be required to notify the Tax Agency and the Executive Service of the Commission for the Prevention of Money Laundering and Monetary Offenses (SEPBLAC, Spanish acronym) the interested party’s data in order to conform to pertinent legal obligations.
In the event that it is deemed necessary to perform an international transfer of data, FMLC is compelled to comply with the required technical and organisational measures, without prejudice to the responsibilities derived from existing regulations regarding data protection.
Your rights under GDPR
At any given moment, users may exercise the following rights that are recognised by the existing data protection regulations:
Right of Access: allows the user to know what information is stored, from where it has been obtained, to whom it has been provided and with what uses it has been employed.
Right to Rectification: allows the user to rectify any erroneous or outdated data.
Right to Erasure: allows the user to request that their data be erased.
Right of Restriction: allows the user to restrict the processing of their data, but in such a way that they are stored for some later purpose (a legal claim, for example).
Right to Data Portability: allows the user to obtain a copy of their data in electronic form and, under certain circumstances, request that they are notified to another service provider.
Right to Object: allows the user to oppose the legitimate interest of FMLC to request the conclusion of the processing of their data.
Right to Withdraw Consent, at any time, regarding the processing of your personal data, without affecting its legality.
We shall reply to your requests as soon as possible and, notwithstanding, within one month of receiving your request, extendable for another two months if required, with FMLC appropriately notifying of said circumstance.
You can exercise these rights through the following email address: firstname.lastname@example.org, noting which right you wish to exercise and providing your ID or a similar identification document. In addition, you may contact our DPO by emailing: email@example.com.
If you have not obtained a satisfactory response, you may file a complaint to the Spanish Agency for Data Protection, at its website.
FMLC has adopted all the relevant technical and organisational measures designed to guarantee an appropriate level of security towards all the personal data it processes and has implemented other means and additional technical measures within its reach to prevent the loss, alteration, processing or unauthorised access to its users’ personal data.
Last updated: July 2020