TABLE HEPTATHLON
Privacy Policy
Privacy Policy
This Privacy Policy informs you about the nature, scope, and purpose of the processing of personal data (hereinafter referred to as "data") within our online offering and the associated websites, functions, and content, as well as external online presences, such as our social media profiles (hereinafter collectively referred to as "Online Offering"). With regard to the terms used, such as "processing" or "controller," we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).
Controller
José Miguel Clavero Alarcón
Luis Vives 9, 2D
28002 Madrid
Email: JMiguel@heptatlondemesa.org
Data Protection Officer: José Miguel Clavero Alarcón (Contact details above)
Types of data processed:
- Inventory data (e.g., names, addresses).
- Contact details (e.g., email, telephone numbers).
- Content data (e.g., text entries, photographs, videos).
Categories of data subjects
Visitors and users of the online offering (hereinafter, we refer to the data subjects collectively as users).
Purpose of processing
- Provision of the online offering, its functions, and content.
- Responding to contact inquiries and communicating with users.
Terms used
-Personal data is all information relating to an identified or identifiable natural person (hereinafter, the data subject); A natural person is considered identifiable if he or she can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g., a cookie), or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
-Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means. The term is broad and covers virtually all data handling.
-Pseudonimization is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
-Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
-The controller is the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
-The processor is a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.
Relevant legal bases
In accordance with Art. 13 GDPR, we inform you of the legal basis for our data processing. If the legal basis is not stated in the privacy policy, the following applies: The legal basis for obtaining consent is Art. 6 (1) (a) and Art. 7 GDPR. The legal basis for processing to fulfill our services and implement contractual measures as well as to respond to inquiries is Art. 6 (1) (b) GDPR. The legal basis for processing to fulfill our legal obligations is Art. 6 (1) (c) GDPR. And the legal basis for processing to protect our legitimate interests is Art. 6 (1) (f) GDPR. In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 (1) (d) GDPR serves as the legal basis.
Security Measures
In accordance with Art. 32 GDPR, we take appropriate technical and organizational measures to ensure a level of security appropriate to the risk, taking into account the state of the art, implementation costs, and the nature, scope, circumstances, and purposes of processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons.
These measures include, in particular, safeguarding the confidentiality, integrity, and availability of data by controlling physical access to the data, as well as the access, input, and transfer of data, ensuring its availability, and segregation. Furthermore, we have established procedures that ensure the exercise of data subjects' rights, the deletion of data, and response to data threats. Furthermore, we consider the protection of personal data right from the development or selection of hardware, software, and processes, in accordance with the principle of data protection by design and by data protection-friendly default settings (Art. 25 GDPR).
Collaboration with processors and third parties
If, as part of our processing, we disclose data to other persons and companies (processors or third parties), transmit it to them, or otherwise grant them access to the data, this will only be done on the basis of legal permission (e.g., if the transfer of data to third parties, such as payment service providers, is necessary to fulfill the contract in accordance with Art. 6 (1) (b) GDPR), if you have consented, if a legal obligation requires this, or if it is based on our legitimate interests (e.g., when using agents, web hosts, etc.).
If we commission third parties to process data on the basis of a so-called contract processing agreement, this is done on the basis of Art. 28 GDPR.
Transfers to Third Countries
If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or if this occurs as part of the use of third-party services or the disclosure or transfer of data to third parties, this will only occur if it is necessary to fulfill our (pre-)contractual obligations, based on your consent, due to a legal obligation, or based on our legitimate interests. Subject to legal or contractual permissions, we will only process or have data processed in a third country if the special requirements of Art. 44 et seq. GDPR are met. This means that processing is carried out, for example, on the basis of special guarantees, such as the officially recognized determination of a data protection level equivalent to that of the EU (e.g., for the USA through the "Privacy Shield") or compliance with officially recognized specific contractual obligations (so-called standard contractual clauses).
Rights of data subjects
You have the right to request confirmation as to whether the data in question is being processed and to access this data, as well as further information and a copy of the data in accordance with Art. 15 GDPR.
You have the right, in accordance with Art. 16 GDPR, to request the completion of the data concerning you or the rectification of inaccurate data concerning you.
In accordance with Art. 17 GDPR, you have the right to request that the data in question be deleted immediately, or alternatively, in accordance with Art. 18 GDPR, to request that the processing of the data be restricted.
You have the right to receive the data concerning you that you have provided to us in accordance with Art. 20 GDPR and to request that it be transmitted to other responsible parties.
You also have the right to lodge a complaint with the competent supervisory authority in accordance with Art. 77 GDPR.
Right of withdrawal
You have the right to withdraw consent granted in accordance with Art. 7 (3) GDPR with future effect.
Right of Objection
You can object to the future processing of data concerning you at any time in accordance with Art. 21 GDPR. The objection can be made, in particular, against processing for direct marketing purposes.
Cookies and the Right to Object to Direct Marketing
Cookies are small files stored on users' computers. Various types of information can be stored within cookies. A cookie primarily serves to store information about a user (or the device on which the cookie is stored) during or after their visit to an online service. Temporary cookies, also known as session cookies or transient cookies, are cookies that are deleted after a user leaves an online service and closes their browser. Such a cookie can store, for example, the contents of a shopping cart in an online shop or a login status. Permanent or persistent cookies are cookies that remain stored even after the browser is closed. For example, the login status can be saved if users visit the site after several days. Likewise, such a cookie can store user interests, which are used for audience measurement or marketing purposes. Third-party cookies are cookies offered by providers other than the controller operating the online service (otherwise, if they are only their cookies, they are referred to as first-party cookies).
In the event of this site ever needing to store cookies on the user's computer, we would provide information about this in our privacy policy.
As a general rule, if users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in their browser's system settings. Stored cookies can be deleted in the browser's system settings.
A general objection to the use of cookies used for online marketing purposes can be declared for a variety of services, especially in the case of tracking, via the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/. Furthermore, the storage of cookies can be achieved by deactivating them in the browser settings.
Deletion of data
The data we process will be deleted or restricted in accordance with Articles 17 and 18 of the GDPR. Unless expressly stated in this privacy policy, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and there are no statutory retention periods that prevent deletion. If the data is not deleted because it is required for other legally permissible purposes, its processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons.
Participation in Affiliate Partner Programs
We do not operate affiliation systems.
Hosting and Email Delivery
The hosting services we use serve to provide the following services: infrastructure and platform services, computing capacity, storage space and database services, email delivery, security services, and technical maintenance services, which we use for the purpose of operating this online offering.
You can read about our hosting provider's privacy policy here: https://www.wix.com/about/privacy
Collection of access data and log files
We do not, collect data about every access to the server on which this service is located (so-called server log files).
Our hosting provider might do it according to their privacy policy: https://www.wix.com/about/privacy.
Online presence in social media
We might maintain online presences within social networks and platforms exclusively in order to promote this site.
Unless otherwise stated in our privacy policy, we process user data if they communicate with us within the social networks and platforms, e.g., by posting on our online presences or sending us messages.
Integration of third-party services and content
We use content or service offerings from third parties within our online offering based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering within the meaning of Art. 6 (1) (f) GDPR) to integrate their content and services, such as videos or fonts (hereinafter collectively referred to as "content").
This always requires that the third-party providers of this content perceive the user's IP address, as without the IP address they would not be able to send the content to their browser. The IP address is therefore required to display this content. We strive to only use content whose respective providers use the IP address solely to deliver the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. These "pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, visit time, and other information about the use of our online offering, as well as be linked to such information from other sources.
YouTube
We embed videos from the "YouTube" platform provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.