Privacy Policy

BASIC INFORMATION ON DATA PROTECTION – 1st LAYER
Data controller FUNDACIÓN KONECTA
Purpose Manage the queries and requests made to us through the different means of contact provided and the issues arising from them.
Legitimisation Execution of the legal relationship that arises from contacting us via the contact methods provided.
Recipients Your personal data will not be disclosed or transferred internationally, unless legally obliged to do so.
Rights Access, rectify and delete data, as well as other rights that you can consult in the Additional information.
Additional information You can consult below all the additional information on the processing of your personal data.

 

 

PRIVACY POLICY

 

Who is responsible for the processing of the users’ personal data?

Identity: FUNDACIÓN KONECTA

Tax Identification Number: G84227313

Address: Calle Serrano, 41-2nd floor – P.C. 28001 Madrid

Phone number: +34 902 193 106

E-mail: fundacion@fundacionkonecta.org

Data Protection Officer: Yes, a DPO has been appointed in the entity

DPO contact details: dpd@konecta-group.com

For what purpose does FUNDACIÓN KONECTA process the users’ personal data?

At FUNDACIÓN KONECTA we process your personal data with the utmost respect and compliance with the applicable regulations on personal data protection.

We process the personal data provided to us by users through the different contact channels we have set up to manage the queries and requests made to us by interested parties and the issues arising from them on behalf of the company.

For its part, in relation to the social networks where we have a presence, we will use the personal data of users to interact with them, mainly by responding to comments they make to the publications we make.

We inform you that we will only process your personal data for the aforementioned purposes and that under no circumstances will automated decisions be taken based on your profile.

How long do we keep your personal data?

In the case of enquiries or requests that we receive, we will process the personal data for as long as it is necessary to resolve them and deal with them and, subsequently, for as long as it is necessary to comply with legal requirements.

With regard to the personal data of our followers on social networks, we will keep them on the respective social network until they stop following us.

In other cases, we will process your data for the time necessary to process your request and/or service.

What is the legitimisation to carry out the processing of the users’ personal data?

The legal basis that legitimises the processing of users’ personal data is their necessity for the execution of the legal relationship that arises from filling in the form and sending the query or request. That is to say, it is necessary to manage the queries or requests they make.

With respect to the personal data of our followers on social networks, the legal basis that legitimises their processing is the consent they give when they follow us on them, although they may stop doing so at any time.

What obligations does FUNDACIÓN KONECTA fulfil with regard to the personal data it processes?

FUNDACIÓN KONECTA complies with each and every one of the principles required by both the General Data Protection Regulation and the LOPDGDD. Below, we include a brief summary of all of them in order to understand exactly what they entail. No obstante, However, we will be happy to clarify any doubts you may have in this regard by sending an e-mail to dpd@konecta-group.com

In this regard, the General Data Protection Regulation and the LOPDGDD establish a series of principles – that is, obligations for FUNDACIÓN KONECTA and all its staff – that FUNDACIÓN KONECTA will take into account during all phases, processing and actions to which it submits the personal data for which it is responsible.

These principles are regulated in articles 5 and 6 of the General Data Protection Regulation and those are:

–       Principle of lawfulness, fairness and transparency which implies, as its name indicates, that FUNDACIÓN KONECTA shall solely have the right to process data in a “lawful, fair and transparent way in relation with the data subject”.

–       Principle of purpose limitation. This principle requires that FUNDACIÓN KONECTA shall only process data collected for ‘specified, explicit and legitimate purposes’. This principle also implies that FUNDACIÓN KONECTA may not further process such data ‘in a manner incompatible with those purposes’.

The prohibition of processing for incompatible purposes, as provided for in Article 89.1 of the General Data Protection Regulation, does not apply to the processing of such data for the purposes of ‘archiving in the public interest, scientific and historical research purposes or statistical purposes’.

Principle of data minimisation. This obligation implies the duty of FUNDACIÓN KONECTA, as data controller, and of all staff working for FUNDACIÓN KONECTA of solely processing data that are ‘adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed’.

–       Principle of accuracy. This principle is embodied in the need for FUNDACIÓN KONECTA to process personal data that is accurate and therefore up-to-date. In this regard, the General Data Protection Regulation requires FUNDACIÓN KONECTA, as controller, to take ‘all reasonable steps to ensure that personal data which are inaccurate in relation to the purposes for which they are processed are erased or rectified without delay’.  We therefore ask you, should you have changed any personal data from the data you provided to us at the beginning of the relationship, to please let us know as soon as possible so that we can only process personal data that is up to date and current.

The principle of accuracy requires – and FUNDACIÓN KONECTA will do so – that FUNDACIÓN KONECTA, from time to time, take steps to verify – to the extent possible and using reasonable efforts – that the personal data it processes are accurate and up to date.

Principle of storage limitation. This principle requires that FUNDACIÓN KONECTA only retains the personal data it processes – in a manner that allows identification of data subjects – for no longer than is necessary for the purposes of the processing of the personal data.

The General Data Protection Regulation allows personal data to be retained for longer periods ‘provided that they are processed exclusively for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes’, in accordance with Article 89(1), without prejudice to the implementation of appropriate technical and organisational measures imposed by the General Data Protection Regulation in order to protect the rights and freedoms of the data subject.

– Principle of integrity and confidentiality. This obligation implies the adoption by FUNDACIÓN KONECTA of all measures – technical, organisational or otherwise – that are necessary to ensure ‘adequate security of personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage.

–        Accountability principle. This principle is one of the new obligations incorporated in the General Data Protection Regulation and which implies a change of attitude and mentality, as far as personal data protection and security are concerned, on the part of FUNDACIÓN KONECTA and, therefore, of all its staff.

Compliance, in practice, with this duty of Accountability (also known as active responsibility) means that FUNDACIÓN KONECTA and all its staff must have an active and preventive – and not reactive – attitude towards possible risks, threats and/or inadequate processing of personal data from the beginning at all the stages of the processing.

For this reason, all FUNDACIÓN KONECTA staff are aware of the importance of this principle of Accountability, which entails the adoption of preventive measures, attitudes and proactive actions to the benefit, at all times, of the maximum respect for the holder’s fundamental right to the protection of personal data.

This principle of Accountability involves extensive documentary work that allows traceability of all the actions that have been taken to comply with this active responsibility by all FUNDACIÓN KONECTA staff.

Principle of lawfulness of processing. The General Data Protection Regulation requires, as could not be otherwise, that any processing of personal data carried out be lawful and, in this regard, includes six legal bases that make the processing of personal data lawful.

These six bases are regulated in Article 6 of the General Data Protection Regulation and are made up of the following factual assumptions:

  1. a) the data subject consented to the processing of his or her personal data for one or more specified purposes;
  2. b) the processing is necessary for the performance of a contract to which the data subject is party or for the implementation at his or her request of pre-contractual measures;
  3. c) processing is necessary for compliance with a legal obligation applicable to the controller;
  4. d) processing is necessary for the protection of the vital interests of the data subject or of another natural person;
  5. e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
  6. f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, provided that such interests are not overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data, in particular where the data subject is a child.

You can also consult the full text of the General Data Protection Regulation and the LOPDGDD.

And, if you have any doubts or questions related to personal data protection, you can contact our data protection officer at dpd@konecta-group.com

To which recipients will users’ personal data be communicated?

FUNDACIÓN KONECTA will not transfer or make international transfers of your personal data. It will only transfer your personal data in the event that it is required to do so by law.

However, we also inform you that FUNDACIÓN KONECTA works with several entities that provide a service that requires access to personal data, being, therefore, these entities in charge of FUNDACIÓN KONECTA’s data processing.

What security measures has FUNDACIÓN KONECTA adopted to protect your data?

At FUNDACIÓN KONECTA we take all the measures in our power to guarantee the security and confidentiality of all the personal data we process. These measures are both physical and logical, of a technical and organisational nature, and are necessary depending on the data we process. Of course, the measures are adopted with the aim of guaranteeing the security, confidentiality and integrity of all the personal data we process in order to avoid their alteration, loss, processing and/or unauthorised access, taking into account the state of technology, the nature of the data stored and the risks to which they are exposed, whether from human action or from the physical or natural environment.

Likewise, FUNDACIÓN KONECTA has an updated Security Document (following the recommendations of the Spanish Data Protection Agency) on its conservation and adaptation to the requirements of the GDPR and the LOPDGDD.

Among the security measures (by way of summary) that we adopt are: constant training of all our employees, use of secure passwords and their frequent change, backup copies, encryption of personal data, control of access to personal data according to needs, security audit, hiring of data processors who offer the necessary security and strict compliance with data protection regulations, physical security measures for access control (keys, padlocks, etc.), paper shredder, use of official programmes that guarantee security in the processing of personal data and, of course, all those offered by technique and technology and which are consistent with the risks identified for the processing of personal data carried out by FUNDACIÓN KONECTA.

In the same vein, we ask you to do everything in your power to prevent becoming a victim of any of the attacks that, unfortunately, take place on the Internet. To this end, we remind you not to click on any link that you are not sure of its origin, not to provide bank details or passwords electronically or by telephone, to use a secure password (combining letters, numbers and special characters) and to change it frequently (at least once a year). Likewise, if you have any doubts about FUNDACIÓN KONECTA requesting data and/or any other type of action, please, before taking any action, consult FUNDACIÓN KONECTA by e-mail at dpd@konecta-group.com

What rights do users have as data holders?

You, as personal data holder, either on your own behalf or through a representative –legal or voluntary- may exercise the rights to access, rectification, limitation of processing, deletion, opposition, as well as the right to data portability.

We explain briefly what each of the rights consists of:

  • Right of access: you have the right to know which of your personal data FUNDACIÓN KONECTA is processing.
  • Right to rectification: you have the right to have your data rectified by FUNDACIÓN KONECTA if it is inaccurate or it has not been updated (for example: change in the e-mail, error in the contact phone number, change in the postal address or in the account number).
  • Right to deletion: you have the right to request that FUNDACIÓN KONECTA deletes personal data concerning you. However, if there is a reason that prevents this (contractual relationship, legal requirements, etc.), FUNDACIÓN KONECTA will inform you upon receipt of your request whether it can positively respond to your right to deletion or not.
  • Right to limitation of processing: you have the right to request that FUNDACIÓN KONECTA cease a specific processing of personal data that it is carrying out. However, as with the right to deletion, in the event that there is justified cause not to positively respond to your right, FUNDACIÓN KONECTA will let you know in a clear, simple and transparent manner.
  • Right to data portability: you have the right to request a copy of the personal data that FUNDACIÓN KONECTA is processing about you, provided that this data has been provided by you and is in a structured, commonly used and machine-readable format. You may also choose whether you want such data to be provided to you or to another data controller.
  • Right to opposition: you may exercise this right to object to a specific processing of personal data being carried out by FUNDACIÓN KONECTA. However, as with the right to erasure and restriction, if there are legitimate reasons that require the processing and/or legal obligations, FUNDACIÓN KONECTA will inform you of this in a simple and transparent manner.
  • Right not to be object of automated decision-making: you have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or significantly affects you in a similar manner.

To exercise these rights, you should contact us by e-mail at dpd@konecta-group.com, indicating “Data Protection Rights” in the subject line or, if you prefer, by post to FUNDACIÓN KONECTA at the address Calle Serrano, 41-2nd floor – P.C. 28001 Madrid, specifying which right you wish to exercise. We may ask you for a copy of your ID card if proof of identity is required.

You will receive a reply from us within a maximum period of 30 days from receipt of your request, and we will make every effort and use all the means at our disposal to reduce this period as much as possible. If you are not satisfied, you may apply to the Spanish Data Protection Agency to request the protection of your rights.

However, prior to filing such a complaint, you may (and we ask that you do so) refer such complaint to our DPO, who will be happy to resolve your problem as soon as possible. You may contact our DPO at the following e-mail address dpd@konecta-group.com

How did we obtain your personal data?

The personal data we process at FUNDACIÓN KONECTA have been collected through the means of contact provided.

As there are no forms, no specific categories of personal data are collected, beyond the e-mail address. Therefore, we ask users not to provide personal data if it is not necessary to carry out their queries or requests and, if it is necessary, to provide us with the minimum necessary to deal with them.

We do not process data that the General Data Protection Regulation classifies as ‘special categories of data’ (health data, religion, ideology, trade union membership, etc.).

Which body can I lodge a data protection complaint with?

We inform you that you can file a data protection complaint with the Spanish Data Protection Agency. All the information is available on their webpage: www.aepd.es.

However, prior to filing such a complaint, you may (and we ask you to do so) refer the complaint to our DPO who will be happy to solve your problem as soon as possible. You may contact our DPO at the following e-mail address: dpd@konecta-group.com

In accordance to the Personal Data Protection regulations, we proceed to inform you about the processing of personal data that we carry out:

Who is responsible for the processing of your personal data?

The data controller is KONECTA FOUNDATION (hereinafter, “KONECTA”) with Tax Identification Number G- -84227313 and address at Calle Serrano 41 28001 Madrid (Spain).

This Privacy Policy regulates the access and the use of the Website www.fundacionkonecta.org (hereinafter, the «Website») that KONECTA makes available to Internet users (hereinafter, the «Users») interested in the contents and services (hereinafter, the «Services») offered by KONECTA on the Website.

‍You can contact the Data Protection Delegate at the following e-mail address: dpd@grupokonecta.com


What data does KONECTA collect through the Website?

For the correct functioning of the Website, KONECTA may have access to the following data provided, where applicable, by the User:

(i)        Identification data

(ii)       Contact details

(iii)      Financial data

(iv)      Academic and/or professional data

 For what purpose does KONECTA process your personal data?

‍At KONECTA we process your personal data with the utmost respect and compliance with the applicable regulations on personal data protection.

We process your data in connection with your request for information about the services we provide, our professional and business activities, your attendance at our offices, at an event or seminar organised by KONECTA or its business partners and to contact and inform you in the context of our professional and business activities.

‍Your personal data collected by KONECTA may be used for the following purposes, according to the consent given in the relevant registration form:

(i)        To enable the Website to fulfil its function of providing the requested services.

(ii)       To manage, process and respond to requests, applications, incidents or queries from the User.

(iii)      Sending newsletters, Christmas greetings or similar, receiving by telephone, e-mail, SMS/MMS, or by other equivalent means of electronic communication, communications or information about KONECTA’s activity.

(iv)      To manage your candidacy in personnel selection processes.

(v)       To manage your participation in the internal call for social projects Konecta Foundation, paddle tennis tournament or any other event or project organised by Konecta.

We inform you that we will only process your personal data, in each case, for the aforementioned purposes.

‍We inform you that, under no circumstances, will automated decisions be taken on the basis of your profile.

How long do we keep your personal data?

‍Protecting the privacy and personal data of Users is very important for KONECTA. Therefore, KONECTA makes every effort to prevent the User’s data from being used inappropriately. Only authorised personnel have access to the User’s data.

The User’s personal data will be kept for the duration of the purpose for which they were collected or as long as the User has not revoked his or her consent, exercising any of his or her rights under applicable law or requested the deletion of certain personal data.

Subsequently, if necessary, KONECTA will keep the information blocked for the legally established periods.

KONECTA undertakes to comply with its obligation of secrecy and confidentiality of personal data in accordance with the provisions of the applicable legislation.

What is the legitimisation to carry out the processing of my personal data?

‍We inform you that the legitimisation for the processing of your data is that the treatment is the consent you have given us by providing personal data, as well as marking the box/boxes of Acceptance of the Privacy Policy enabled for this purpose.

To which recipients will your data be disclosed?

‍Your personal data may be disclosed to entities of the KONECTA Group.

These entities are located in the European Economic Area (EEA), as well as outside the EEA territory. In the event that you request Services that require the collaboration of entities located in counties outside the EEA, we inform you that your data will be transferred to such entities with the guarantees required by the GDPR, either to receiving entities that are located in a territory that has an adequacy decision declared by the European Commission or, in the absence of an adequacy decision, by providing adequate guarantees through the subscription of Standard Data Protection Clauses (SDPC) or required certification mechanisms.

Furthermore, we also inform you that KONECTA works with several entities that provide a service that requires access to personal data, being, therefore, these entities in charge of the processing of KONECTA. In this regard, we inform you that these entities, as processors, may have access to your personal data, but under no circumstances will the data be transferred for the purposes of these entities.

 What rights do you have as data holder?

‍You, as data holder, either on your own behalf or through a representative –legal or voluntary– may exercise the rights of access, rectification, limitation of processing, deletion, opposition, as well as the right to data portability and not to be subject to decisions based solely on automated data processing.

To exercise these rights, you should contact us by e-mail at dpd@grupokonecta.com, indicating “Data Protection Rights” in the subject line or, if you prefer, by post to KONECTA, at the address Calle Serrano 41 28001 Madrid, specifying which right you wish to exercise and identifying and authenticating yourself correctly.

You will receive a reply from us within a maximum period of 30 days from receipt of your request, and we will make every effort and use all the means at our disposal to reduce this period as much as possible. If you are not satisfied, you may lodge a complaint with a supervisory authority, in particular in the State in which you have your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of your personal data is not lawful and if you are not satisfied with the exercise of your rights. The supervisory authority to which the complaint has been lodged shall inform the complainant about the course and outcome of the complaint.

Which body can I lodge a data protection complaint with?

Please note that you can lodge a data protection complaint with a supervisory authority, in particular in the State where you have your habitual residence, place of work or place of the alleged infringement. In Spain, the Spanish Data Protection Agency whose contact details are: telephone 900 293 183; postal address C/Jorge Juan 6, 28001 Madrid; electronic office https://sedeagpd.gob.es/sede-electronica-web/ and Application www.aepd.es

The User declares to have been informed of the conditions on personal data protection, accepting and consenting to their processing by KONECTA, in the manner and for the purposes indicated in this Privacy Policy.