PRIVACY POLICY

Tant la privadesa de les dades com la confidencialitat de la informació són aspectes importants per a Sitges Grup Independent (Sitges GI). Per això, i segons s’estableix en el Reglament general de protecció de dades, Reglament (UE) 2016/679 del Parlament Europeu i del Consell del 27 d’abril del 2016 relatiu a la protecció de les persones físiques pel que fa al tractament de dades personals i a la lliure circulació d’aquestes dades, amb aquesta política de protecció de dades s’estableix la manera en què es tracten les dades de caràcter personal obtingudes pel Partit.

This policy may change over time due to possible changes in legislation, jurisprudence or the criteria used by the Spanish Data Protection Agency and / or the competent authority at all times. That is why the Party reserves the right to amend this policy to adapt to new legislation or case law that are applicable at all times

Date of last update: March 18, 2019.

Who is the owner responsible for processing your data?

The owner responsible for the data processing is:
INDEPENDENT GROUP Sitges (Sitges GI)
CIF: G65037103
C/ santiago Rusiñol, 11 1r 1a
08870 Sitges (Barcelona)
Managing data protection: info@sitgesgi.cat

For which purposes we treat your data? What is the legitimacy to be able to treat them? To those who communicate? And how long the store?

Affiliate data

Aims of treatment: personal data collected during join the Party will be treated for the following purposes:

  • The administrative and organizational own party.
  • The management of the collection of fees militants.
  • The management of the periodic activities of the Party, both electronically and by mail.
  • Special categories of data: political views are considered especially sensitive data can be treated only with the consent of the owner. Due to join the party is allowing the processing of these sensitive data.
    Legitimacy: The legal basis for the said treatment is consent is considered granted affiliation with the Party.
    Terms of preservation: Keep personal data while it is registered as an affiliate. Once their relationship with the party, the data will be blocked and guarded statistical purposes, applying technical and organizational measures to ensure the principle of data minimization. In any case, may exercise their rights as outlined in this policy.
    Recipients of data: data will be communicated to members of the PSOE, as provided in the protocol unit of the Catalan socialism.
    They may also be communicated to a legal obligation, at the request of judges or courts in the context of a criminal investigation and / or police.
  • Image: the right to self-image is recognized in the art. 18.1 of the Spanish Constitution and is regulated by Law 1/1982 on the protection of the right to honor, personal and family privacy and personal image as well as the rules for the protection of personal data.
    It is increasingly common to capture images using video or audio recordings on the occasion of activities and conferences organized by the Party.
    In order to be able to capture, use and disseminate these images with the aim of illustrating Party publications and materials, as well as publication on the Internet, either on the corporate website itself or on social networks and other portals. for dissemination, the relevant authorization will be requested when the owner of the image is clearly identifiable, unless as established in LO 1/1982 (art. 18.2.c) reference is made to graphic information about an event. audience and the image of a person appears incidentally.
    Legitimation: the legal basis for the treatment is the consent of the holder, which will be requested in the legally established cases. This consent will not be necessary, as established in LO 1/1982 on the protection of the right to honor, personal and family privacy and one's own image, in the event of graphic information about an event. audience and the image of a person appears incidentally.
    Retention periods: the data will be kept in the Party until its deletion is requested. Deleting images will have no retroactive effect.
    Recipients of the data: the images will be disseminated to third parties via the Internet and social networks.

International data transfer is not planned.

Contacts Data Providers and Professionals

Purposes of processing: the data of professional contacts and suppliers of the Party are processed in order to manage the established commercial, contractual and professional relations.
Legitimation: the legal basis for processing is consent, which is considered granted with the voluntary delivery of your data to the party, the existence of a contractual relationship and / or the legitimate interest of the party in maintaining professional relations .
In any case, the rights indicated in this policy may be exercised at any time.
Retention periods: the data will be kept in the Party until the holder requests its termination.
Recipients of the data: the data will not be communicated to third parties except for a legal obligation, at the request of judges or courts in the framework of a judicial and / or police investigation.
International data transfer is not planned.

Data Entities, Public and / or Private Bodies

Purposes of treatment: Sitges Grup Independent (Sitges GI) has a database of contacts of entities, public and / or private bodies in order to publicize the activities of the Party by electronic means.
Legitimation: The legal basis for such treatment is the consent and legitimate interest of the party in carrying out communications about its activities. In any case, each communication that is sent will facilitate the possibility of unsubscribing. In addition, you may exercise your rights at any time, as set forth in this policy.
Retention periods: the data will be kept in the Party until the user requests its withdrawal.
Recipients of the data: the data will not be communicated to third parties except for a legal obligation, at the request of judges or courts in the framework of a judicial and / or police investigation.
International data transfer is not planned.

Candidate Data that facilitate their cv party

Purposes of processing: the data of the candidates who provide their curricular data to the Party will be processed by:

  1. The selection of personnel during the processes convened by the Party.
  2. Maintain an archive with curricular information if the required profile of the candidate fits the characteristics and needs of the entity.

Legitimation: The legal basis for these treatments is consent, which is considered granted with the voluntary sending of your CV to the party.
Retention periods: In order to comply with the principle of accuracy and limitation of the retention period, curricular data will be deleted within a maximum period of one year from its collection.
Recipients of the data: the data will not be communicated to third parties except for a legal obligation, at the request of judges or courts in the framework of a judicial and / or police investigation.

International data transfer is not planned.

Because curriculum data is easily variable over time, we ask that you keep us informed of any changes or modifications that may occur in order to keep your data current, accurate and up to date.

contacts Campaigns

Purposes of treatment: gathering contacts to make communications about a specific campaign, act or event of the party.
Legitimation: The legal basis for the treatment is your consent that you give at the time of subscribing to your federation / group.
Retention periods: the data will be stored for the duration of the campaign, for the time necessary to comply with legal obligations or its deletion is requested by the interested party.
Recipients of the data: the data will not be communicated to third parties except for a legal obligation, at the request of judges or courts in the framework of a judicial and / or police investigation.

International data transfer is not planned.

Web forms

Purposes of processing: at Sitges Grup Independent (Sitges GI) we process the personal data of our users who leave their data via the Web for the following purposes: “Contact us” form and “Affiliate” form to attend the requests you send us.

Legitimation: The legal basis for the processing is consent, which is considered granted by accepting this data protection policy.
Retention periods: the data will be deleted once your request has been accepted.
If you have signed up for the party's Whatsapp system or sectoral commissions, your data will remain active until you unsubscribe.
Recipients of the data: the data will not be communicated to third parties except for a legal obligation, at the request of judges or courts in the framework of a judicial and / or police investigation.

No international data transfers are expected.

Mailbox DPT

Purposes of processing: to attend to queries, complaints and requests from data holders.
Legitimation: the legal basis for the treatment is your consent which is considered granted at the time you send your query or request to the DPD.
Retention periods: the data are deleted once the legal limitation periods have expired before the data protection authority (3 years).
Recipients of the data: the data will not be communicated to third parties except for a legal obligation, at the request of the data protection authority, by judges or courts in the framework of a judicial and / or police investigation.

International data transfer is not planned.

Information on data quality

Holders of personal data are informed that the data collected by the PSC are processed in a lawful, fair and transparent manner in relation to the data subject, for specific, explicit and legitimate purposes, as set out in the previous section, and will not be further treated in a manner incompatible with these purposes.
The data collected are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (“data minimization”).

What are your data protection rights and how to exercise them?

  • Right of access, rectification and deletion: the data owner will have the right to access their personal data, as well as to request the rectification of inaccurate data or, where appropriate, to request its deletion when, between for other reasons, the data are no longer necessary for the purposes for which they were collected.
  • Limitation of processing: in certain circumstances, the limitation of the processing of your data may be requested, in which case they will only be kept for the exercise or defense of claims.
  • Right of opposition: in certain circumstances and for reasons related to their particular situation, the data owner may object to the processing of their data. The entity will stop dealing with them, except for compelling legitimate reasons, or the exercise or defense of possible claims.
  • Right to data portability: the data owner will have the right to receive the personal data incumbent on him, which he has provided in a structured format, commonly used and machine readable when: a) the processing is based on consent or in a contract, and b) the processing is carried out by automated means.

We inform you of your right to lodge a complaint with the supervisory authority (AEPD.-www.agpd.es- APDCAT.-www.apd.cat) in the event that you have not been satisfied with the exercise of your rights set forth herein.

To exercise these rights, you can contact the Data Protection Officer by mail info@sitgesgi.cat , identifying the following information in your request:

  1. Details of the applicant (name and surnames)
  2. ID number
  3. Contact Address
  4. Right you wish to exercise
  5. Specific information on what made his request

Within a maximum period of one month, we will resolve your request through the same means as you initially used.

SAFETY IN THE TREATMENT

Taking into account the state of the art, the costs of application, and the nature, scope, context and purposes of the treatment, as well as the risks of variable probability and severity for the rights and freedoms of individuals , the Party shall apply appropriate technical and organizational measures to ensure a level of security appropriate to the risk, which prevents the destruction, loss or accidental or unlawful alteration of personal data transmitted, stored or otherwise processed, or the communication or unauthorized access to this data.