Privacy policy

1. USER INFORMATION

The Asociacion MTB Kingdoms Pyrenees, hereinafter RESPONSIBLE, is the party responsible for the processing of the User’s personal data and informs you that this data will be processed in accordance with the provisions of the regulations in force on personal data protection, Regulation (EU) 2016/679 of 27 April 2016 (GDPR) on the protection of natural persons with regard to the processing of personal data and the free movement of such data, and Organic Law 3/2018 of 5 December (LOPDGDD), for which you are provided with the following processing information:

Purpose of processing: to maintain a commercial relationship with the User. The operations envisaged to carry out the processing are:

  • Sending commercial advertising communications, provided that prior authorisation has been given, by email, fax, SMS, MMS, social communities or any other electronic or physical means, present or future, that enable commercial communications to be made. These communications will be made by the RESPONSIBLE and will be related to its products and services, or those of its partners or suppliers with whom it has reached a promotional agreement. In this case, third parties will never have access to personal data.
  • Conduct statistical studies.
  • To process orders, requests or any type of request made by the user through any of the forms of contact made available to them.
  • Send out the website newsletter.

Legal basis for processing: consent of the data subject.

Data retention criteria: data shall be retained for as long as there is a mutual interest in maintaining the purpose of the processing and when no longer required for that purpose, they shall be deleted with appropriate security measures to ensure pseudonymisation of the data or total destruction of the data.

Communication of data: Data will not be communicated to third parties, unless legally obliged to do so.

Rights of the User:

  • Right to withdraw consent at any time.
  • The right of access, rectification, portability and deletion of your data and the right to limit or oppose its processing.
  • The right to lodge a complaint with the supervisory authority (agpd.es) if you consider that the processing does not comply with the regulations in force.

Contact details for exercising your rights:

Asociación MTB Kingdoms Pyrenees
Avda Ordesa, 5.22330 Ainsa-Sobrarbe (Huesca)
info@mtbkingdoms.com

2. MANDATORY OR OPTIONAL NATURE OF THE INFORMATION PROVIDED BY THE USER

Users, by ticking the corresponding boxes and entering data in the fields marked with an asterisk (*)in the contact form or presented in download forms, expressly and freely and unequivocally accept that their data are necessary for the provider to deal with their request, the inclusion of data in the remaining fields being voluntary. The User guarantees that the personal data provided to the RESPONSIBLE is true and is responsible for communicating any modification of the same.

The RESPONSIBLE expressly informs and guarantees users that their personal data will not be transferred under any circumstances to third parties, and that whenever any type of transfer of personal data is carried out, the express, informed and unequivocal consent of the Users will be requested beforehand. All data requested through the website are mandatory, as they are necessary for the provision of an optimal service to the User. If not all data is provided, there is no guarantee that the information and services provided will be completely tailored to your needs.

3. SECURITY MEASURES

That in accordance with the provisions of the current regulations on personal data protection, the RESPONSIBLE is complying with all the provisions of the GDPR regulations for the processing of personal data under its responsibility, and manifestly with the principles described in Article 5 of the GDPR, whereby they are processed lawfully, fairly and transparently in relation to the data subject and are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.

The RESPONSIBLE warrants that it has implemented appropriate technical and organisational policies to implement the security measures set out in the GDPR to protect the rights and freedoms of Users and has communicated appropriate information to Users to enable them to exercise these rights and freedoms.