1. INFORMATION TO THE USER
In case of introducing modifications in the future on it, we will notify you through the web page or through other means, so that you can know the new privacy conditions introduced.
In compliance with Regulation (EU) 2016/679, General Data Protection and Organic Law 3/2018, of December 5, Protection of Personal Data and guarantee of digital rights, we inform you of the following:
Responsibility of the user / interested
By providing us with your data, the user guarantees that they are over 18 years of age and that the data provided to MANANTIAL DE IDEAS, SL is true, exact, complete and up-to-date. For these purposes, the user confirms that he is responsible for the veracity of the data communicated and that he will keep said information properly updated, so that it responds to his real situation, taking responsibility for false and inaccurate data that he could provide, as well as for damages. and damages, direct or indirect, that may derive from it.
2. RESPONSIBLE FOR THE TREATMENT
Identity: MANANTIAL DE IDEAS, SL
Registered office: C/ Bretón de los Herreros, 2 local 6 bajo - 26500 Calahorra (La Rioja)
Telephone: 941 145 057
For the proper management of the processing of your personal data, the Responsible Party has designated a Data Protection Delegate to whom you can go to resolve any question you may need, being able to contact him through the following means:
Postal address: C/ Bretón de los Herreros, 2 - Bajo, 6, 26500 Calahorra (La Rioja)
3. PURPOSES, CONSERVATION TERMS AND LEGITIMATION OF PROCESSING
SOURCE OF IDEAS, SL,as Responsible for the Treatment of personal data that the Interested Party provides, as well as those that may be provided in the future, informs you that these data will be processed in accordance with the provisions of current regulations for the protection of personal data, for which you are provides the following information about treatments:
CONTACT / INQUIRIES (Contact forms)
Purpose of the treatment: respond to and follow up on queries, requests for information, suggestions and complaints, as well as maintain contact with those people who have shown interest in the company, its products or services.
Data retention criteria: they will be kept for the time necessary for the processing and response of the query.
Legitimation for data processing: GDPR: 6.1.f) the legal basis for data processing is based on the legitimate interest of the Data Controller to attend to and respond to communications or requests received.
Purpose of the treatment: user management and to manage and enable the use of the different services offered on the web and/or through the App of the Data Controller. Streamline the purchasing process.
Data retention criteria- We review and UPDATE public.this information and remove information from users who have not logged in to their account in the last 24 months (maximum).
Legitimation for data processing:GDPR: 6.1.a) The legal basis for data processing is the consent provided by the Interested Party at the time of providing their data.
Registration or login through a Facebook or Google account:Alternatively, you can sign up with using one of your existing Facebook or Google accounts:
PURCHASE OF TICKETS / CUSTOMERS
Purpose of the treatment: Complete management of the entire ticket sales process: we will be able to send you information about incidents in the event, we will send you a welcome email, in case your purchase process is left halfway, we will also inform you about it so that you do not stay without your tickets. If you expressly authorize us, we will use your email to send you commercial communications by electronic means. You can revoke this authorization at any time.
Management and contracting of the products and services offered by our company, customer management, maintenance of contractual and/or commercial relationships with them, as well as administrative management (billing, collections, etc.), accounting and tax of the company and for the fulfillment of the legal obligations that all this implies. Includes contact details of natural persons who provide services to a legal person, including individual professionals.
Data retention criteria: they will be kept as long as the contractual and/or commercial relations between both parties are maintained and their deletion is not requested and, in case of doing so, during the time provided by the regulations in force (fiscal, commercial, etc.) regarding the prescription of responsibilities. 5 years, maximum, from your last purchase.
Legitimation for data processing: GDPR: 6.1.b) the legal basis for data processing is the execution and maintenance of contractual and/or commercial relationships between both parties, as well as compliance with legal obligations (fiscal, commercial, etc.) that all this implies.
SEND COMMERCIAL COMMUNICATIONS
Purpose of the treatment: send information by any means, postal or electronic, about events, activities, offers, products, services and other information of the Data Controller, which may be of interest to the Interested Party.
Only in those cases in which you give us your consent, your data may be communicated to the promoting/organizing company of the event so that it can send you general or personalized commercial communications, including by electronic means (email and telephone), of other events, products and/or services of the promoter/organizer. In any case, at the time such consent is requested, the recipient of such communication will be clearly identified, providing their company name and registered office.
You can unsubscribe whenever you want, below we explain how. If you join to receive commercial information, you can add data such as your date of birth, or preferences in events to congratulate you or send you information of only what you prefer.
Data retention criteria: they will remain in the system indefinitely as long as the interested party does not request their deletion.
Legitimation for data processing: GDPR: 6.1.f) The sending of commercial information to clients is based on the legitimate interest of the Data Controller to send them commercial communications about products or services similar to those contracted and thus achieve their loyalty. The treatment may also be based on consent provided by the Interested Party at the time of collecting the data "RGPD: 6.1.a".
However, in either of the two cases, the Interested Party has the right to oppose this treatment, and may do so by any of the means described in this document. The withdrawal of said consent will not affect in any case the maintenance of commercial relations, but the data processing carried out previously for this purpose will not lose its legality due to the fact that the consent has been revoked.
4. COMMUNICATION OF DATA
In general, personal data will not be communicated to third parties, except in cases where there is a legal obligation or when it is necessary for the provision of services or for the maintenance and development of relationships, such as, by way of example, but not limiting:
- Public Administrations, Judges and Courts, for compliance with legal obligations, as well as for the attention of possible responsibilities derived from the applicable regulations.
- Financial / banking entities, for the management of collections and payments.
- Payment Service Providers, for the management of collections and payments (Mastercard, VISA, PayPal, etc.).
- Entities Promoters and Organizers of the events, for the management of the event, control access to it and, in general, the execution of the contract of sale of the attendees' tickets.
- Venues where events are held, to manage access control.
- Transport companies, for the delivery and/or collection of products.
- Service providers contracted by the Responsible Party, who will have the status of data processor.
Likewise, and provided that the Interested Parties (buyers) provide their consent, their identifying data (name, surname, email and telephone), may be transferred to the ORGANIZER / PROMOTER of the event, so that they can store and process them to send them commercial communications. , by any means, postal or electronic, about events and shows, musical, cultural, theatrical, recreational, sporting, artistic or others that may be offered in the future.
At the time such consent is requested, the data of the ORGANIZER / PROMOTER will be informed so that they can revoke their consent at any time easily and free of charge if they wish.
SOURCE OF IDEAS, SLdoes not plan to make international transfers of your data to countries outside the European Economic Area (EEA). In those cases in which it is necessary, they will only be made to recipients who are in a country, a territory or one or more specific sectors of that country or international organization that has been declared an adequate level of protection by the European Commission; or are under the Privacy Shield agreement; or that are covered by any of the adequate guarantees provided for in article 46.2 of Regulation (EU) 2016/679.
In the event that you access your account through your FACEBOOK social network account, you should know that the operator of said social network is the entity Facebook Inc., with headquarters at 1601 S. California Ave, Palo Alto, CA 94304, USES. When you access through said social network or click the "Like" button, the user's browser will connect with the Facebook servers and said social network receives the information from the user's access website, date and time of access, IP address of the user and may keep information about such access in the user's Facebook account.
5. RIGHTS OF INTERESTED PARTIES
Anyone has the right to obtain confirmation as to whether the Data Controller is processing personal data that concerns them or not, as well as to withdraw, at any time, the consent that they may have granted for any specific purpose, without affecting the legality of the treatment based on the consent prior to its withdrawal.
The regulations on data protection allow you to exercise your rights of access, rectification, deletion and portability of data and opposition and limitation to its treatment, as well as not being subject to decisions based solely on the automated processing of your data, when appropriate.
These rights are characterized by the following:
- Its exercise is free, except in the case of manifestly unfounded or excessive requests (eg, repetitive nature), in which case the Data Controller may charge a fee proportional to the administrative costs borne or refuse to act.
- You can exercise your rights directly or through your legal representative or volunteer.
- We must respond to your request within one month, although, taking into account the complexity and number of requests, the term can be extended for another two months.
- We have the obligation to inform you about the means to exercise these rights, which must be accessible and without being able to deny you the exercise of the right for the sole reason of opting for another means. If the request is submitted electronically, the information will be provided through that channel whenever possible, unless you request otherwise.
- If the Data Controller does not process the request, he will inform you, at most in one month, of the reasons for his non-action and the possibility of claiming before a Control Authority.
How to exercise these rights?
The Interested Parties may exercise their rights by directing a written communication to the postal or electronic address of the Treatment Manager, indicating in the reference "LOPD RIGHTS EXERCISE", including: petition in which the request is specified, address for the purposes of notifications, date and signature.
If you request it, we will provide you with the forms to be able to exercise these rights, indicating which right you wish to exercise.
Likewise, and especially if you consider that you have not obtained full satisfaction in the exercise of your rights, we inform you that you may file a claim with the National Control Authority by contacting the Spanish Agency for Data Protection, C/ Jorge Juan, 6 – 28001 Madrid.
6. SOCIAL NETWORKS
MANANTIAL DE IDEAS, SL uses social networks and this is another way of reaching you. The information collected through the messages and communications you post may contain personal information that is available online and accessible to the public. These social networks have their own privacy policies, which explain how they use and share your information, so we recommend that you consult them before using them to confirm that you agree with the way in which your information is collected. , treated and shared.
The Data Controller will process your data for the purposes of correctly managing your presence on the corresponding social network, sending personal and individual messages through the social network channels, informing you of the activities, products and/or services of the Data Controller, or from third parties that may be related to our activity, as well as any other treatment that the regulations of social networks may allow.
In the event that you access your account through your FACEBOOK social network account, you should know that the operator of said social network is the entity Facebook Inc., with headquarters at 1601 S. California Ave, Palo Alto, CA 94304, USES. When you access through said social network or click the "Like" button, the user's browser will connect with the Facebook servers and said social network receives the information from the user's access website, date and time of access, IP address of the user and may keep information about such access in the user's Facebook account. If the user clicks on the "Like" button in the purchase process, this information is also transferred to Facebook and is kept in the user's account. In any case, MANANTIAL DE IDEAS SL has no influence on the plug-ins that collect said information,
In general, if you browse the internet you can accept or reject cookies from the configuration options of your browser.
Its functions can be very varied: store browsing preferences, collect statistical information, allow certain technical features, store information about the browsing habits of the user or his team, etc.
Cookies are useful for several reasons. From a technical point of view, they allow web pages to work in a more agile way and adapted to user preferences, such as storing their language or the currency of their country, etc. In addition, they help the Website Treatment Managers to improve their services and make the advertising displayed on them more efficient, thanks to the statistical or habit information collected through them.
For the installation and use of certain cookies it is necessary to obtain the informed consent of the users. The cookies that require the user's consent are, among others, analytical, advertising and affiliation cookies, excepting those of a technical nature and those necessary for the operation of the website or the provision of services expressly requested by the user.
The user has the possibility of configuring their browser to be alerted to the reception of cookies and to prevent their installation on their equipment. Please, consult the instructions of your browser to expand this information. For more information about cookies, see our Cookies Policy.
8. MANDATORY OR OPTIONAL NATURE OF THE INFORMATION PROVIDED BY THE USER
The Interested Party, by marking the corresponding boxes and entering data in the fields indicated as mandatory in the various forms, expressly and freely and unequivocally accept that their data is necessary to meet their request by the Treatment Manager, The inclusion of information in the remaining fields is voluntary.
In the event that all the data is not provided, it is not guaranteed that the information and services requested are completely adjusted to your needs.
9. SECURITY MEASURES
SOURCE OF IDEAS, SLundertakes to protect your personal information: Using reasonably reliable and effective measures, controls and procedures of a physical, organizational and technological nature, aimed at preserving the integrity and security of your data and guaranteeing your privacy.
In addition, all personnel with access to personal data have been trained and are aware of their obligations in relation to the processing of their personal data.
In the case of the contracts that we sign with suppliers, we include clauses in which they are required to maintain the duty of secrecy regarding the personal data to which they have had access by virtue of the order carried out, as well as to implement technical security measures. and organization necessary to guarantee the confidentiality, integrity, availability and permanent resilience of the systems and services for the processing of personal data.
All these security measures are reviewed periodically to ensure their adequacy and effectiveness.
However, absolute security cannot be guaranteed and there is no security system that is impenetrable so, in the event that any information subject to treatment and under our control is compromised as a result of a security breach, we will take the appropriate measures to investigate the incident, notify the Control Authority and, where appropriate, those users who may have been affected so that they take the appropriate measures.