THE DATA CONTROLLER

THE PEOPLE FOUNDATION, holder of Company Tax Number G47627906, whose headqurters is Valladolid, Calle Pilar Miró, núm. 1, telepone number +34 983 225 125, is the owner of the website  https://fundacionpersonas.es and responsible for the personal data processed therein.

The People Foundation hereby undertakes to guarantee the security of personal data and to process them in a lawful, fair and transparent manner in accordance with legislation currently in force (EU Regulation 2016/679, of 27 April, of the Parliament and of the Council, and Organic Law 3/2018, of 5 December, on the Protection of Personal Data and Guarantee of Digital Rights).

By providing your personal data and/or using this website, The People Foundation shall assume that you have read   and understood the information set out in this Privacy Policy.

Minors may not use the services available through the website without the prior authorisation of their parents, guardians or legal representatives, who shall be responsible for all actions carried out on the website by the minors under their responsibility (filling out forms with personal data).

People with disabilities who provide personal data should do so with due regard to their personal circumstances and support needs in each case.

INFORMATION ABOUT THE DIFFERENT TYPES OF PROCESSING

Purpose: Sending the Newsletter  and PEOPLE FOUNDATION Magazine. Maintenance, development and control of the relationship between subscribers.

Legal Basis: The contractual relationship that binds the parties by virtue of the service requested, even if it is free of charge [GDPR: art. 6.1(b)].

Recipients: Data shall not be transferred to third parties, except where there is a legal obligation to do so.

Retention: The data shall be processed as long as the user does not unsubscribe from the service and shall subsequently be retained for three years after they have unsubscribed.

Purpose: Respond to the information requested by the user.

Legal Basis: Legitimate interest of the Data Controller [GDPR: art. 6.1f)].

Recipients: Data shall not be transferred to third parties, except where there is a legal obligation to do so.

Retention: The data shall be processed for the time necessary to fulfil the purpose for which they were collected and shall be retained for three years from the last interaction with the Foundation.

Purpose: Manage the process of taking on volunteers.

Legal Basis: Execution of pre-contractual measures [GDPR: art. 6.1(b)].

Recipients: Data shall not be transferred to third parties, except where there is a legal obligation to do so.

Retention: The data shall be processed for the time necessary to fulfil the purpose for which they were collected. They shall then be retained for three years in accordance with legal obligations until the subsequent blocking and deletion thereof.

Purposes: Maintain, develop, control and manage the relationship entered into between the Foundation and the donors. Compliance with legal obligations.  Administrative and tax formalities: Collect dues/donations, registration, control, issuing of receipts and donation certificates.

Legal Basis: Execution of a contract   [GDPR: art. 6.1b)].

Recipients: Data shall not be transferred to third parties, except where there is a legal obligation to do so.

Retention: The data shall be processed for the time necessary to fulfil the purpose for which they were collected. They shall then be retained for three years in accordance with legal obligations until the subsequent blocking and deletion thereof.

Purposes: Maintain, develop, control and manage the relationship entered into between the Foundation and people who want to sponsor a project or share an idea.

Legal Basis: Legitimate interest of the Data Controller [GDPR: art. 6.1f)].

Recipients: Data shall not be transferred to third parties, except where there is a legal obligation to do so.

Retention: The data shall be processed for the time necessary to fulfil the purpose for which they were collected. They shall then be retained for three years in accordance with legal obligations until the subsequent blocking and deletion thereof.

Purpose: Manage the application for membership in one of the PEOPLE FOUNDATION’S founding associations (ADECAS, ASPROSUB, APADEFIM, ASPANIS, ASPRONA and ASPROSUB).

Legal Basis: Pre-contractual measures [GDPR: art. 6.1(b)].

Recipients: The application to become an associate member of one of the PEOPLE FOUNDATION’S founding associations shall be communicated to the association chosen by the interested party.

Retention: The data shall be processed for as long as you remain a member of the chosen association. Once the relationship with the Association comes to an end, the data shall be retained for a period of five years with a view to complying with legal obligations and to lodge, exercise or defend claims, after which they shall remain blocked until the subsequent deletion thereof.

Purpose: To deal with complaints and suggestions. Maintain, develop and control the relationship between users.

Legal Basis: Legitimate interest of the Data Controller  [GDPR: art. 6.1f)].

Recipients: Data shall not be transferred to third parties, except where there is a legal obligation to do so.

Retention: The data shall be processed for the time necessary to fulfil the purpose for which they were collected and   shall be retained for three years from the last interaction with the Foundation.

Purpose: Manage the applicant’s participation in the selection process for a job or his/her registration in the job bank.

Legal Basis: Pre-contractual measures [GDPR: art. 6.1b)],  and  Consent [GDPR: art. 6.1a)].

Recipients: The CVs of those interested in a job offer or registered in the job bank shall be communicated to the Group companies (Special Employment Centres): Grupo Lince Asprona, S.L. and Apadefim 2000, S.L.).

Retention The data shall be processed for the period   required to fulfil the purpose for which they are collected unless the consent given has been withdrawn. They shall subsequently be retained in accordance with legal obligations until the subsequent blocking and deletion thereof.

Purpose: Manage the application for a place in one of the Foundation’s centres.

Legal Basis: Pre-contractual measures [GDPR: art. 6.1(b)].

Recipients: There is no provision for communicating data in the pre-contractual phase.

Retention: The data shall be processed for as long as the purpose for which they were collected is maintained. In the event that the application is unsuccessful due to a place being unavailable, your data shall be retained for a period of one year for the purpose of filling a place, after which the data shall be blocked until the subsequent destruction thereof. If, after carrying out an assessment, it is deemed that no centre is the right match for an applicant, the data shall be deleted directly after complying with the blocking obligation set forth by law.

Purpose: Process of publishing on the website and social networks.  Files and video montages to inform and publicise the organisation’s services and activities.

Legal Basis: Consent [GDPR: art. 6.1a)]

Recipients: They shall not be transferred to third parties but the very nature of the digital environment implies such a transfer.

Retention: The images shall be processed for the time necessary to fulfil the purpose for which they were collected unless the consent given is withdrawn, which shall not affect the lawfulness of the processing based on the consent given beforehand.

SECURITY MEASURES

The People Foundation has adopted the technical and organisational measures necessary to guarantee the security of the Data and prevent their alteration, loss, process or unauthorised access, bearing in mind the state of the art, the nature of the data stored and the risks to which they are exposed.

The People Foundation does its utmost to safeguard security as far as possible, bearing in mind that online security is vulnerable and that malicious activity by third parties are possible.

RIGHTS

The user may exercise the rights of Access, Rectification, Deletion, Opposition, Limitation and   Portability, in accordance with the terms set forth in articles 15 to 23 of the EU Regulation 2016/679 (GDPR). A request must be sent to the Data Protection Officer (DPD), stating your identity (DNI or equivalent document): by e-mail: protecciondatos@fundacionpersonas.es

The data subject may   make a prior telephone   enquiry and request all the information he/she may require, including application forms in order to exercise his/her rights. Tel: +34 983 225 125

The user may revoke the consent provided at any time.

The data subject may also file a complaint before the Spanish Data Protection Agency, in particular if they feel their rights have not been duly exercised: https://www.aepd.es/

THE PEOPLE FOUNDATION CORPORATE WEBPAGES ON SOCIAL NETWORKS

The People Foundation runs corporate webpages on social networks with a view to disseminating the Foundation’s services and activities. The User (“friend” or “follower”) who has a profile on the same Social Network, decides, where appropriate, to join the page created by The People Foundation, thereby giving their consent to the personal data published on their profile being processed.

Followers may give their opinions, share experiences, make suggestions or comments, with the limit of respecting the rights of the rest of the followers. In order to publish data, information or any content that affects the rights of third parties, the follower must have obtained the consent of those third parties. The People Foundation shall accept no liability for the content a User has freely published.

The People Foundation shall only used the information obtained with a view to making comments, posting news or events and responding to comments or requests by the User directly on the corporate website. The data shall not be used for other purposes, nor shall data be communicated to third parties, nor shall private messages be sent, except to reply privately to a message previously sent by the User.

The People Foundation reserves the right to delete comments or any content published that may be offensive, contrary to the law or the policies of the social network and those publications that have advertising or commercial content with a view to preventing other users from being harmed. Illicit or fraudulent uses of the website shall have consequences and responsibilities. The People Foundation reserves the right to block the user and, in those cases where it is considered and technically possible, to take any legal action that may correspond thereto.

The People Foundation shall have access to and process the User’s public information, in particular, the User’s contact name only within the Social Network itself.  The only data to be retained by The People Foundation, as the party responsible for the file, shall be the communications sent by the social network to the e-mail address, as a result of participating in the different types of users on the social network page. In the event that other information is included in The People Foundation’s systems, the User (“shall be duly informed with a view to obtaining consent to the processing of the data outside the social network.

The People Foundation shall be held harmless with regard to the consequences that the voluntary exhibition by the user of their photographs or images and those of their family environment may entail for themselves, their family, friends and/or relatives, or other third parties, or for the dissemination or publication thereof by themselves or by third parties, or the reproduction thereof, with the person publishing the information being solely responsible for their own actions.

Last update: 23/08/2023