PRIVACY POLICY
Latest update: October 2020
AseBio, as the owner of this website sets out the following Privacy Policy that shall govern the processing of personal data.
1. Who is the Data controller?
The Data Controller of this website is Asociación Española de Bioempresas (AseBio), with tax number G82643453, registered office in C/ Diego de León, nº 49, 1º izquierda, C.P. 28006 Madrid, and email address secretariageneral@asebio.com.
2. What are the purpose of personal data processing?
Personal data provided voluntarily through any means made available by AseBio will be treated for the following purposes:
- Manage and respond to all requests of information, queries or any other type of request made through any means determined by AseBio.
- Manage the registration and attendance process to the event, until its completion.
- When you expressly have given your consent for this purpose, to send you commercial communications about any future event.
You guarantee the authenticity of all personal data provided and assume the corresponding liability deriving from the lack of its veracity or accuracy, including the damage caused to AseBio or third parties for these reasons.
3. Which is the legal basis for the data processing?
We process your personal data on the legal basis of the consent you provide by pressing the “send” button of the corresponding data collection form or through any other means, such as, when appropriate, the performance of a contract.
We inform you about the right you have to withdraw at any moment the abovementioned consent, without affecting the legality of the processing based on the consent prior to its withdrawal.
Additionally, the consents obtained for the purposes mentioned are independent so the user may revoke only one of them not affecting the others.
4. Which is the period of personal data preservation?
Your personal data will be stored as long as they are necessary for the purpose for which they were collected and, in any case, for as long as the data subject do not object to the processing or request its suppression.
Notwithstanding the foregoing, your personal data will be stored, properly blocked, during the statutory limitation periods to address any possible legal liability that may arise from the processing of personal data.
5. To whom do we communicate your personal information?
Among others, data relating to credit or debit cards will be requested. They will be communicated through the company that owns the payment platform (Redsys) to the financial entity that manages the charge. This communication of data responds to the free and legitimate acceptance of the legal relationship in which the development, compliance and control necessarily implies the connection of this processing with third parties.
Likewise, personal data may be communicated to any other third party to AseBio has entrusted any service related to the purpose of the processing, always complying with the requirements established by current legislation. These providers include the accreditation provider, the technical secretary and the partnering provider.
In this sense, for sending commercial communications by electronic means, AseBio has resorted to the service provider Mailchimp/The Rocket Science Group, a provider of mailing list management and email campaigns located in the United States, so that the use of their services involves the international data transfer outside the European Union. However, Mailchimp has joined the EU-US Privacy Shield and has therefore been recognised by the European Commission as having an adequate level of data protection. The EU-US Privacy Shield guarantees that Mailchimp undertakes to comply with the minimum security requirements required by European personal data protection legislation. For further details, please refer to Mailchimp’s privacy policy [http://mailchimp.com/legal/privacy/].
6. What rights do you have regarding the processing of your data?
As the owner of your personal data, you may exercise with the exceptions and limits established in the applicable legislation on data protection the following rights:
• Right to withdraw your consent at any moment;
• Right of access to your personal information, as well as to obtain a copy of them;
• Right to rectification of your data, if they are inaccurate or incomplete;
• Right to erasure allows data to be deleted and no longer processed by AseBio, unless there is a legal obligation to retain them and/or other legitimate reasons for processing do not prevail;
• Right to restriction of processing; under the legally established conditions, this right allows to suspend the processing of your data by AseBio, keeping them only for exercise or defense of legal claims;
• Right not to be subject to a decision based solely on automated processing, including profiling;
• Right to object to the processing of your data under certain circumstances relating to your particular situation. AseBio will no longer process the data except when compelling legitimate reasons, or for the exercise or defense of possible claims.
• Right to data portability: you have the right to receive your personal data, which you have provided to us in a structured, commonly used and machine-readable format, or to transmit those data to another data controller.
You may contact to the Data Controller, attaching a photocopy of your national identity card and indicating the right you are exercising.
The written request shall be submitted to the postal address: C/ Diego de León, nº 49, 1º izquierda, C.P. 28006 de Madrid; or to the e-mail address secretariageneral@asebio.com
You may also have the possibility of revoke your consent to receive commercial communications at any time. To do so, you may write to the e-mail address secretariageneral@asebio.com, indicating in the subject of the email: “Unsubscribe to commercial communications”.
In addition, you have the right to file a claim with the Spanish Data Protection Authority (www.aepd.es), if you consider that you have not obtained satisfaction from AseBio in the exercise of your data protection rights or when you consider that the processing does not comply with current data protection regulations.