EXTENDED INFORMATION ABOUT DATA PROCESSING BY EMAIL
In accordance with the provisions of both the General Data Protection Regulation (“GDPR”) and Spanish Organic Law 3/2018, of 5 December, on the Protection of Personal Data and the guarantee of digital rights, we hereby inform you of the following aspects regarding the processing of your data:
- Data Controller:
Depending on who you are in contact with, or for what purpose, or with which Entity you want to communicate, the controller of the processing of your data will be:
- Hayf Sports S.L., with Tax ID Number B-85903730 and registered office in C/ Milanos 8, 28320, Pinto, Madrid, Spain.
- Club Deportivo Ciclista Alberto Contador, with Tax ID Number G-40250409 and registered office in C/ Milanos, 8, 28320, Pinto, Madrid, Spain.
- The Alberto Contador Foundation, with Tax ID Number G-85935310 and registered office in C/ Zurbano 73, 28010, Madrid, Spain.
The reason of this is that the members of the three entities use the same domain for their email addresses, and therefore, both the first and second layers of their footer are shared. However, each entity uses the data separately, although with the same processing characteristics. Hereinafter and collectively, they will be referred to as “the Entities”.
- Purpose of the processing:
The Entity concerned will process your data in order to maintain the professional relationship with you or the company you represent.
- Lawfulness of the processing:
The data processing is based on the legitimate interest of the Entity concerned or the need to process them for the performance of the contractual relationship or the establishment of precontractual measures between both parties. It may also be based on the unequivocal consent of the data subject, in the event that he or she contacts such Entity for the first time in order to enter into a professional or commercial relationship.
- Communications of the information:
No communication of personal data is foreseen, unless it is necessary to fulfill the purpose for which they are processed, for which the three Entities may communicate such data to each other as well as to third parties that collaborate with them, if necessary, or to comply with any legal obligation. No international data transfers are foreseen.
- Data retention period:
We will keep the data for the duration of the contractual or professional relationship. Subsequently, we will keep them duly blocked for the legally established period of time in order to defend the interests of the concerned Entity against claims or legal obligations.
- Data subject rights:
You can exercise your rights of access, rectification, erasure and portability of your data, of restriction and opposition to their processing, as well as the right not to be subject to decisions based solely on the automated processing of your data before the data controller, by sending an e-mail to email@example.com.
- Right to file a complaint:
In the event that you do not agree with the processing that the concerned Entity has carried out on your data or its action in response to requests to your exercise of rights, you can file a complaint with the Spanish Data Protection Authority (www.aepd.es).
The data that you decide to provide us through any of the means provided, you provide them freely and accept that these personal data are subject to the corresponding processing in each case, depending on the legitimate basis and the purpose for which you have provided them to us.
The Entities reserve the right to modify this text to adapt it to future legislative or jurisprudential developments, as well as industry practices.
In compliance with our obligation of secrecy regarding the personal data collected, as well as our duty to protect them, we undertake to adopt the necessary security measures to prevent its modification, alteration, loss, unauthorized access or processing, in accordance with the provisions of the GDPR.
We recognize and take very seriously our responsibility to protect your personal data. That is why we maintain security levels of personal data protection in accordance with the GDPR and we have established all the technical means at our disposal to prevent the loss, misuse, alteration, unauthorized access and theft of the data you have provided, without prejudice to inform you that Internet security measures are not 100% impregnable.
Last modified on November 2021.