Events & More

Contact
+34657819313
[email protected]

Privacy Policy

Pursuant to current legislation on personal data protection, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR), and Organic Law 3/2018 of 5 December on the Protection of Data and Guarantee of Digital Rights (LOPD-GDD), users are hereby informed that in accordance with Articles 13 GDPR and 11 LOPD-GDD:

I. DATA CONTROLLER

Who is the data controller?

  • Company name: ESVIE Global S.L.U.
  • CIF [Tax ID Code]: ESB09778317
  • Address: Calle Om 23 08810 St Pere de Ribes, Barcelona, Spain 
  • Email: [email protected]
  • Website: esvie-global.com
  • Companies Register details:  

II. PURPOSE

For what purpose do we process your data?

ESVIE Global S.L.U. Processes your information to:

  1. Maintain the commercial relationship and provide the services contracted.
  1. Create a quote adapted to your needs.
  1. Manage email communications with data subjects.
  1. Conduct company recruitment processes.
  1. Manage company employees and human resources.
  1. Send commercial information related with our sector:  EVENTS
  1. Medical or healthcare assistance, which includes processing health data to provide the services contracted.
  1. Facility security control (video surveillance).
  1. Training activity management.

How long will we store your data?

The personal data you provide will be stored during the commercial relationship. However, for maximum transparency, please note that the general periods we work with are:

  • Generic identification data (email, full name, telephone, etc.): during the commercial relationship or until you revoke consent. In any case, data will be deleted when they will no longer be used for the purpose for which they were collected.
  • Social Violations and Penalties Act (obligations regarding affiliation, registration, deregistration, contributions, salary payments, etc.); Art. 66 et seq. General Tax Act (accounting ledgers, etc.): four (4) years.
  • Personal actions with no special period (Article 1964 Civil Code): five (5) years.
  • Accounting, tax and labour (Article 30 Code of Commerce – accounting ledgers, invoices, etc.): six (6) years.
  • Labour: contracts, working hour logs, payslips and contribution receipts, identification documents, four (4) years; in the case of occupational risk prevention reports, illness or accident reports, prevention service contracts, five (5) years.
  • Data subject to the Prevention of Money Laundering and Financing of Terrorism Act (Article 25): ten (10) years.
  • Recruitment processes: two (2) years from receipt of the curriculum vitae.
  • Health: five (5) years from discharge of each healthcare process.
  • Video surveillance: thirty (30) days unless a violation and/or crime is recorded.
  • As commercial information is sent, even after the end of the relationship between the parties, the controller will continue to store your information to send

newsletters related to our products and services[1]. You can always exercise your rights according to current legislation by contacting us through the channel you find most convenient.

  • Disaggregated and anonymised data: no deadline.

Despite these general periods, please note that we will regularly review our systems to delete data that are not legally necessary.

III. LEGITIMATION

What is the legitimate basis for the processing of your data?

Depending on the purposes for collecting data, your data must be processed to:

  1. Manage the commercial relationship signed and contracted with us.
    1. Contract performance (according to Article 6.1.b GDPR)
    2. Data subject consent (according to Article 6.1.a GDPR).
  1. Create a quote adapted to your needs.
    1. Contract performance and/or pre-contractual relationship (according to Article 6.1.b GDPR)
  1. Manage email communications with data subjects.
    1. Data subject consent (according to Article 6.1.a GDPR).
    2. Legitimate interest (according to Article 6.1.f GDPR)
  1. Conduct company recruitment processes.
    1. Data subject consent (according to Article 6.1.a GDPR).
  1. Manage company employees and internal human resources.
    1. Contract performance (Article 6.1.b GDPR).
  1. Send commercial communications.
    1. Data subject consent (according to Article 6.1. GDPR)
    2. Data subject consent (according to Article 20 LSSICE)
    3. Legitimate interest (according to Article 6.1.f GDPR and 21.2 LSSICE)
  1. Medical or healthcare assistance.
  1. Data subject consent (according to Article 6.1.a GDPR).
  1. Facility security control (video surveillance).
    1. Legitimate interest (according to Article 6.1.f GDPR)
  1. Training activity management.
    1. Contract performance (according to Article 6.1.b GDPR)
    2. Data subject consent (according to Article 6.1.a GDPR).

Furthermore, all data collected are necessary to provide the service. However, data marked with an asterisk (*) are required. If required data are not provided, the controller will not be able to provide the service contracted.

Finally, only persons over the age of 14 may provide personal data on this website. In the case of persons under 14, the LOPDGDD requires consent from parents or guardians so that we can process their personal data.

Only persons over the age of 18 may contract our services. In the case of persons under 18, consent from parents or guardians is required for us to provide the services offered unless the minor is emancipated.

IV. DATA SUBJECT RIGHTS

What are my data protection rights?

As provided in Articles 13 GDPR and 11.2.c) LOPDGDD, you may exercise any of the following rights by contacting us at Calle Om 23 08810 St Pere de Ribes, Barcelona, Spain or by email to [email protected]. In any case, in accordance with current regulations, you have the following rights recognised under the provisions of Articles 15 GDPR and 12 to 18 LOPDGDD: 

  • Right to request access to personal data related to the data subject.
  • Right to request their rectification or erasure.
  • Right to request restriction of processing.
  • Right to oppose processing.
  • Right to portability.

You may request forms to exercise your rights from the Controller by sending an email to the address indicated in the controller data. You may also file a complaint with the Spanish Data Protection Agency (AEPD). More information in Section VII of this document.

V. RECIPIENTS

What recipients will receive your data?

You will always be informed and, where applicable, your express consent requested, to transfer your personal data or for international transfers in accordance with current regulations (Arts. 13.1.e) and 44 GDPR, as well as Arts. 11.1 and 40 LOPDGDD 3/2018). Please note that the third parties working with the Controller have services in the EU, EEA or Switzerland and have adequate security measures to guarantee adequate and confidential data processing.

Outside the above cases and unless required by law, your data will not be transferred or disclosed to any third party except where set out in the law or when strictly necessary to provide the service. Generically, data may be transferred to:

  • Technology service providers.
  • Payment service providers.
  • Courier and carrier companies.
  • Third parties or intermediary service providers operating under our name (management company, consultancy, self-employed collaborators, etc.).
  • Third-party data processors, partners or with a close commercial relationship with the controller for the sole purpose of providing our services.

Data transfers will be strictly confidential, using the necessary means such as signing non-disclosure agreements or adherence to privacy policies set out on their respective websites. The User may refuse to have their data transferred to Data Processors in writing by any of the means described above.The controller will not transfer or disclose your data to any third parties, except in the cases provided for by the law or when providing a service entails the need for a contractual relationship with a Data Processor. The User therefore accepts that some of the personal data collected will be provided to these Data Processors (payment platforms,

management companies, intermediaries, etc.) when necessary to effectively provide a service contracted or product purchased. The User also accepts that services provided be fully or partially outsourced to other individuals or companies who will be considered Data Processors, with the relevant non-disclosure agreement in place or adhering to the privacy policies on their respective websites. The User may refuse to have their data transferred to Data Processors in writing by any of the means described above.

VI. SOURCE OF DATA

How have we obtained your data?

Personal data used by ESVIE Global S.L.U. come from the data subject, thus complying with the provisions of Articles 13 GDPR and 11 LOPDGDD indicated above, or from group companies or partners. More information is available on the latter by sending an email to [email protected] or writing to the Controller’s office at the postal address indicated in this document.

What categories of data do we process?

The personal data categories processed are:

Identification data

Name

Surname(s)

ID / Passport or equivalent document

Postal addresses

Email addresses

Sex

Date of birth

Place of birth

Contact telephone (mobile / landline)

Commercial information: internal or from third parties

Economic data

Bank account number

Credit card number

Curriculum vitae

Academic data

Qualifications

Hobbies

Membership of associations or clubs

Video surveillance

Image

Sensitive data will be processed in accordance with the provisions of Article 9 GDPR and 9 LOPDGDD; in any case, the data subject will be informed of which data the controller will use.

VII. ADDITIONAL INFORMATION

  • Security measures: Website Users are informed that the controller has adopted the security, technical and organisational measures at our disposal to prevent the loss, misuse, alteration, unauthorised access and theft of data. These measures thus guarantee the confidentiality, integrity and quality of the information contained in accordance with the provisions of current data protection regulations. Personal data collected on forms are only processed by the personnel of the controller or Data Processors appointed. The Website also has SSL encryption so the User can securely send their personal data on the website contact or registration forms.
  • Social Media: the data controller has profiles on some of the main online social networks (Facebook, Instagram) and is recognised as the Data Controller of all the data of its followers, fans, subscribers, commenters and other User profiles (followers) posted by the controller.

The purpose of processing data when not prohibited by the law will be to inform followers of activities and offers by any means permitted on the social network, as well as to provide personalized service to the User. The legal basis for legitimate processing will be data subject consent, which may be revoked at any time.

In no case will the controller extract data from the social networks except with express and specific consent from the User (e.g. to run a competition).

  • Confidentiality: Information provided by the User will be considered confidential and may not be used for purposes other than those described. The controller undertakes to not disclose or reveal information on the User’s intentions, reasons for requesting advice or duration of the relationship.
  • Veracity of data: The User declares that all data provided are true and correct, undertaking to keep them updated. The User will be liable for the veracity of their data and will be the only party liable for any disputes or legal actions arising from providing false data. In order to keep personal data updated, it is important that the User informs the controller whenever they change.
  • Documentation prepared by LegalDPO (https://legaldpo.es/) based on information provided by the Data Controller. The content adapts to regulations in force in February 2023 and may vary according to changes in legislation or case law criteria. The owner is responsible for verifying the validity of regulations at all times.

VIII. CONTROL AUTHORITY

We make every effort to comply with data protection regulations as data are our most valuable asset. However, if you believe that your rights have been violated, you may file a complaint with the Spanish Data Protection Agency (AEPD) at C/ Jorge Juan, 6. 28001 – Madrid. More information on the AEPD. http://www.agpd.es/. Documentation prepared by LegalDPO. https://legaldpo.es/