This privacy policy complies with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR), concerning the protection of natural persons with regard to the processing of personal data and the free movement of such data; Organic Law 3/2018 of 5 December (LOPDGDD); and, insofar as it does not contradict the aforementioned regulations, Organic Law 15/1999 (LOPD) and its implementing regulations, and/or any that may replace or update them in the future.
Our organisation is committed to the privacy of your personal data. The personal data provided are necessary for us to offer our services and are processed lawfully, fairly and transparently. We guarantee adequate security of the data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, through the application of appropriate technical and organisational measures.
Through this document, we aim to provide you with all the necessary information relating to the processing of your personal data in a transparent and fair manner.
I. DATA CONTROLLER
Identity: ASOCIACIÓN PROTECTORA DE ANIMALES DE DÉNIA
C.I.F. / N.I.F.: G03660305
Address: PTDA. MADRIGUERES SUD, 36 C, 03700 Dénia (Alicante)
Telephone: 966427678
E-mail: info@apad-apad.org
Data Protection Officer: info@apad-apad.org
II. RECIPIENTS OF PERSONAL DATA
- The personal data provided will not be transferred except in the specific cases detailed.
- Optionally, for cloud computing services, email delivery, communication or other IT services:
- They may be transferred to companies within the European Economic Area (EEA).
- Or transferred to companies outside the EEA that comply with the Privacy Shield, with adequate protection measures.
Information: https://www.privacyshield.gov/welcome
- Optionally, data may be transferred to public administrations and authorities as required by law.
III. LAWFUL BASIS FOR PROCESSING
For each specific processing activity, the corresponding lawful basis will be provided.
IV. RIGHTS
4.1. Right of Access
Right to obtain confirmation of whether personal data are being processed and access to: purposes, categories of data, recipients, storage period, available rights, existence of automated decisions, and international transfers.
4.2. Right to Rectification
Right to correct inaccurate or incomplete data.
The data subject guarantees the accuracy of the provided information and undertakes to communicate any changes.
4.3. Right to Erasure (Right to be Forgotten)
Allows the deletion of data when they are no longer necessary, when consent is withdrawn, or when processing is unlawful, except where there are legal obligations or the data are needed for the establishment/exercise/defence of claims.
4.4. Right to Restriction of Processing
Allows the temporary suspension of processing or retention of data beyond the necessary period.
4.5. Right to Withdraw Consent
Allows consent to be withdrawn at any time.
This does not affect processing based on legal obligations or contractual relationships and does not have retroactive effects.
4.6. Right to Data Portability
Right to receive your data in a structured format and transfer them to another controller when processing is based on consent and carried out by automated means.
4.7. Right to Object
Right to object to processing based on legitimate interest, except where compelling legitimate grounds exist or where data are needed for legal defence.
4.8. Right to Lodge a Complaint
You may file a complaint with the Spanish Data Protection Agency (AEPD):
https://www.agpd.es/portalwebAGPD/index-ides-idphp.php
4.9. Exercising Your Rights
You may exercise your rights by writing to the postal address provided or by email at info@apad-apad.org, attaching a copy of your ID (DNI/NIE/Passport).
V. SECURITY MEASURES
The data controller applies appropriate technical and organisational measures to ensure confidentiality, integrity and availability of personal data.
VI. PROCESSING OF PERSONAL DATA
6.1. General Provisions
The requested personal data are adequate, relevant and limited to what is necessary (principle of data minimisation).
Failure to provide the required information may make it impossible to provide the service.
The data communications described may be necessary to execute contracts or to comply with legal obligations.
6.2. Basic Processing Activities
CONTACT FORM
Purpose: respond to enquiries or requests for information.
Lawful Basis: explicit consent (“I have read and accept the privacy policy”).
Transfers: none, except where legally required.
Storage Period: 2 years from the last interaction.
DONATIONS AND MEMBERSHIP FEES
Purpose: manage economic contributions, issue receipts and tax certificates, maintain administrative relations, inform about the association’s activities, and comply with legal and tax obligations.
Lawful Basis: explicit consent (“I have read and accept the privacy policy”).
Transfers to:
- Banking entities for payment processing
- Tax authorities
- Accounting/tax advisory services
- Technology providers (hosting, software, communications)
(Always under confidentiality and data processing agreements.)
No international transfers outside the EEA are planned.
If services in third countries are used, EU standard contractual clauses will be applied.
Storage Period: for as long as the person remains a member/donor/adopter and subsequently for legally required periods.