1. Who processes your personal data?
A22 Sports Management (“A22” or "we"), with Tax Identification Number B01661644 and registered address at Ortega y Gasset, 29, Fifth Floor, 28006 Madrid, España, will be the controller of your personal data processed for the purposes set out below. A22 is committed to protecting your privacy and maintaining the confidentiality and security of your personal information.
If you have any questions about this policy, please contact A22 by email at: [email protected].
2. What personal data we process, for what purposes and why do we process the personal data?
In general, you can use this Website without giving us any personal information. We will only process your personal data when you contact us and to the extent which is necessary to reply to your information request
The legal basis on which we rely to carry out this processing is the consent given when you voluntarily contact us.
In these cases we will collect and use the following information, which will be provided by you when submitting your request:
- Your name and contact information (including e-mail address) and any other contact details you provide to us when you contact us; and
- The reason for your contact; for example, an enquiry or to provide a comment.
3. Who is the recipient of the personal data?
- We may make use of authorised subcontractors acting on behalf of A22, as data processors (e.g. technical support providers, e-mail providers, etc.), who may have access to your personal data only to the extent which is necessary to provide the services to A22; and
- We may also share your personal data with the competent public authorities if there is a legal obligation or requirement to do so.
4. Are there any international data transfers?
We also use subcontractors who can have access to your personal data from outside the European Economic Area. These jurisdictions either (i) afford an adequate level of protection for your personal data (as declared by the European Commission by means of an Adequacy Decision) or, (ii) if they are not covered by an Adequacy Decision, then we have covered the transfer by means of one of the mechanisms foreseen in the GDPR..
5. For how long is your personal data retained?
We will retain your personal data for the period necessary to comply with the purposes for which your personal data is processed (please see section 2 above) and, subsequently, for the period which is necessary to comply with applicable obligations and/or for the period during which may arise liabilities from the processing.
6. Which are my data protection rights?
You have the following rights:
- Access. This is the right to obtain confirmation on whether we process your personal data and, if so, have access to such personal data and to certain information regarding the way in which we process your personal data.
- Rectification. This is your right to obtain the rectification of your personal data if it is inaccurate or incomplete (rectification right).
- Erasure. This is your right to request deletion of your personal data in certain circumstances.
- Restriction of the processing. This is your right to restrict our processing of your personal data in certain scenarios.
- Data portability. This is your right to receive your personal data in a structured, commonly used and machine-readable format and to transfer it to another data controller, provided that certain circumstances are met.
- Object. This is your right to object to our processing of your personal data for a specific purpose where such processing is based on:
- a legitimate interest or the performance of a task in the public interest; or
- direct marketing even if otherwise legally permitted.
- Withdraw your consent. This is your right to withdraw your consent to the processing of your personal data at any time, in those cases where the processing is based on your consent.
To make any requests as listed above, please contact: [email protected].
We maintain appropriate technical and organizational measures to ensure a level of security appropriate to potential risks, including physical, electronic and procedural safeguards that comply with the GDPR to protect customer information, including:
- the pseudonymisation and encryption of your personal data where appropriate;
- ensuring ongoing confidentiality, integrity, availability and resilience of processing systems and services;
- ensuring we can restore access to your personal data in a timely manner if a physical or technical incident occurs; and
- regular testing, assessment and evaluation of the effectiveness of its technical and organisational measures to attempt to ensure your personal data is secure.
We restrict access to your personal data to those employees who need to know that information in the course of their job responsibilities. We will destroy, erase or make unreadable data, computer files and documents containing your personal data that is non- public prior to disposal.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
8. How can you make a complaint in relation to the processing of your personal data?
If you would like to make a complaint about how your personal data has been processed, please contact us at [email protected].
You also have the right to lodge a complaint with a supervisory authority in the EU Member State of your habitual residence or place of work or in the place of the alleged infringement if you consider that the processing of personal data relating to you carried out by us or our service providers infringes the GDPR.