Privacy policy

DATA CONTROLLER.

The WORLD BLIDNESS SUMMIT MADRID 2021 website (hereinafter, "the Website") is owned by the ORGANIZACIÓN NACIONAL DE CIEGOS ESPAÑOLES (hereinafter, "ONCE"), with registered office at calle José Ortega y Gasset, 18, 28006, Madrid and tax identification number (NIF) Q2866004A. ONCE is the entity responsible for processing the personal data of Users who register on this Website (hereinafter, the "User" or "Users").

The collection of personal data, processing and its subsequent use by ONCE, as Data Controller, shall be carried out in full compliance with the legislation in force in Spain on data protection, consisting of Regulation (EU) 2016/679, of the European Parliament and of the Council, of 27 April on the protection of natural persons with regard to personal data processing and the free movement of such data (hereinafter, the "GDPR"), Organic Law 3/2018, of 5 December, on Personal Data Protection and Guarantee of Digital Rights (hereinafter, "LOPDGDDD") and its complementary regulations.

ONCE shall only be responsible for and guarantee the confidentiality and security of personal data collected directly from Users via the Website. If Users do not wish ONCE to process their personal data, they should refrain from filling in the forms on the Website. ONCE has appointed a Data Protection Officer who can be contacted for any issue related to your personal data at the following e-mail address dpdatos@once.es and/or at the address of calle Prado, 24, 28014 Madrid.

This Policy provides users with all the information required on the processing of their personal data by ONCE through the Website. Also, the Cookies Policy provides relevant information on the cookies that are installed on this website, their type, purpose and how to disable them.

DATA COLLECTION PROCEDURE.

The collection of personal data may be carried out, mainly, through the completion by the User of the data request form relating to their registration as a participant in the event, by completing the form on the Website. ONCE informs Users that the online event will use platforms such as zoom for webinars and Microsoft 365 (teams) for corporate work. The events’ sessions may be recorded for institutional and participation reasons. ONCE shall not be held responsible for the processing and subsequent use of personal data carried out by other third parties on data not collected by ONCE.

TYPES OF DATA SUBJECT TO PROCESSING.

The categories of personal data collected through the forms provided on the Website for which the User gives consent for the indicated processing purposes are:

  • Personal identification data (name and surname)).
  • Contact details (telephone number, e-mail).
  • Personal data (date of birth).
  • Professional data (position in the company).
  • Image or voice.

PURPOSE OF THE PROCESSING.

The personal data provided by the Website’s Users will be processed for the purposes particularly established in this Privacy Policy and, where appropriate, in the different data forms provided in the Website. Particularly, the purposes of processing will be that arising from the application for participation in the event voluntarily made by the User and the preferences expressly selected thereby, that is, all those required to comply with their participation and any applicable regulatory aspects, including the management of personal data and image rights.

LEGITIMATION FOR THE DATA PROCESSING.

The legal basis for processing data lies in the unequivocal, express and informed consent given by the User who owns and voluntarily provides his or her data through the corresponding forms provided through this website.

DATA CONSERVATION PERIOD.

The data will be kept by ONCE for the duration of the relationship and for the time required to comply with the legal obligations arising therefrom.

In any case, when personal data are no longer necessary for the processing purposes for which they were collected, ONCE will block them, and they will be available only to the competent authorities for the possible accountability of liabilities during their processing, always in accordance with applicable law, and may not be used for any other purposes. Once the corresponding legal periods have elapsed, if there is a blocking, such personal data will be deleted in accordance with the applicable regulations, and they may also, where appropriate, be securely anonymised by ONCE.

CONSEQUENCES OF NOT PROVIDING THE DATA.

Failure by the User to provide personal data may result in the impossibility of being able to: 1) browse correctly through the Website; 2) access certain content or services; 3) process your request.

In any case, the User undertakes to ensure that the information and personal data provided to ONCE, as the case may be, must be: 1) sufficient, although adapted, limited and proportionate to the Website’s forms; 2) accurate, updated and truthful, to verify your identity appropriately and to access the Website’s services.

Users shall be fully responsible for the personal data and information they provide to ONCE within the framework of this website.

INFORMING DATA TO THIRD PARTIES.

The data processed will not be informed to third parties, except to the Bodies of the organising entities, together with ONCE, of the event: the World Blind Union (WBU) and the International Council for Education of People with Visual Impairment (ICEVI).

Particularly, if the User participates in the event in person, his/her data may also be informed to the Public Administrations that are competent to manage their respective roles and services, to Mapfre España, S.A. as the insurer of the event, and to the service providers hired by the Organisers to cover the needs associated with the event. Such providers will be considered as data processors and will operate under a service contract under the terms, conditions and guarantees laid down in Article 28 of the GDPR.

Nor are international transfers of data planned unless Users have been previously informed and their express consent has been obtained. In any case, sufficient legal bases and guarantees will be provided in the event of assigning or transferring personal data to any other third party in accordance with the applicable regulations.

USER RIGHTS AND HOW TO EXERCISE THEM.

Users may revoke consent for the processing of their data at any time, including the management and processing of their image rights, and they may exercise their rights of access, rectification, deletion, limitation or opposition to data processing and data portability, by sending a written communication to the following address: ONCE General Management; C/ Prado, 24, 28014 Madrid or to the e-mail address dpdatos@once.es. These rights shall be exercised personally, so only users themselves, directly or through a legal representative or volunteer, may exercise these rights with regard to the personal data legitimately owned. Any withdrawal of consent will not affect the legality of the processing based on initial consent.

The exercise of the aforementioned rights by a third party who is not authorised legally or by the User may be an offence. This, without prejudice to any other consequences that may arise as a result of any civil or administrative action that the User, who is the legitimate owner of the personal data, its representatives, where applicable, or ONCE itself, may be entitled to. The User, should he/she decide so, has the right to file a complaint with the Spanish Data Protection Agency.

SECURITY AND CONFIDENTIALITY.

Personal data shall be processed with the appropriate level of protection and to this end ONCE, in compliance with current legislation, has implemented the appropriate technical and organisational security measures to guarantee due security and protection of Users' personal data to prevent their alteration, loss, unauthorised processing or access, in accordance with the technology at all times. As Data Processor of the personal data collected via the website, ONCE is committed to complying with its obligation to keep the personal data obtained secret and confidential, and its duty to safeguard such data, always applying the most appropriate technical and security measures in accordance with the risks involved (risk approach principle)

The use of the Hyper Text Transfer Protocol (HTTPS) available on the Web is a reinforced guarantee for Users' personal data security.

VALIDITY AND AMENDMENT.

ONCE reserves the right to amend this policy to adapt it to future applicable legislative, doctrinal or jurisprudence developments, or for technical, operational, commercial, corporate and business reasons, informing the User beforehand of the changes, when possible. In any case, we recommend that Users read this policy in detail each time they access the Website, since every change will be published through it.