Privacy Policy

In compliance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016, regarding the protection of natural persons with regard to the processing of personal data and the free movement of these dates (RGPD ), as well as in compliance with the provisions of Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights (LOPDGDD ), you are informed below about the following points related to the processing of personal data through this website:

WHO IS RESPONSIBLE FOR THE TREATMENT?

RESPONSIBLE FOR THE TREATMENT

The personal data collected will be processed, as Data Controller, by Grupo Sophie SL (hereinafter, GRUPO SOPHIE ), with NIF B67809095 registered office at C/Cerrojo 28, esc. 1, floor 2, CP 29007, Malaga; telephone 951 63 14 84; email info@sophie.es; Data of the Data Protection Delegate: Felipe Jiménez Gálvez.

WHAT IS THE PURPOSE OF PROCESSING YOUR DATA?

Depending on the different forms, services or content you access, your data may be processed for the following purposes:

DATA COLLECTION PROCESS

PURPOSE OF TREATMENT

CUSTOMERS

The information collected in the online purchase process will be processed in order to process the products purchased, as well as to provide customer service after the purchase.

PRESS PASS

The data collected for the allocation of press passes will be processed to control access to the events by the accredited media.

COMMERCIAL COMMUNICATIONS

In the cases in which, as a user of the website, you have given us your unequivocal consent, we will use your identification and contact data to send you personalized information about news on the website, news of interest, promotions and offers of our products and services. This information may be sent by post, telephone and/or electronically, and may involve sending personalized information about our products or services. You must bear in mind that this data processing entails the analysis of your user or customer profile to determine what your preferences are and, therefore, what may be the products and services that best fit your browsing and purchasing habits at the time. to send you information. For example, based on your purchase and browsing history, we may personalize our suggestions about products and services that we think may be of interest to you.

In the case of clients, we will use your information for these purposes as long as you have not objected to receiving these communications in the terms indicated in the following section.

WHAT IS THE BASIS THAT LEGITIMATE THE TREATMENT?

The legal basis for the processing of personal data collected by GRUPO SOPHIE is based on different legal precepts, depending on the context of the collection and processing:

DATA COLLECTION PROCESS

BASIS THAT LEGITIMATE THE TREATMENT

CUSTOMERS

In relation to the personal data collected during the online purchase process, the basis that legitimizes the treatment is the execution of the contractual relationship between the parties, in the terms provided in article 6.1.b) of the RGPD.

PRESS PASSES

The basis that legitimizes the treatment is the execution of the relationship between the parties, in the terms provided in article 6.1.b) RGPD.

COMMERCIAL COMMUNICATIONS

In the case of clients, the legitimizing basis will be the legitimate interest of GRUPO SOPHIE to manage promotional activities through the sending of commercial communications related to products and services addressed to its clients, as recognized in article 21.2 of the LSSI. Notwithstanding the foregoing, you can request to unsubscribe from receiving commercial communications by accessing the data protection section of your account, by clicking here . or by clicking on the unsubscribe section that is included in each commercial communication that we send you.

In all other cases, the data will only be processed for commercial purposes provided that the user has given their unequivocal consent. The User may request to unsubscribe from receiving commercial communications at any time by clicking on the link that we provide for this purpose in each commercial communication that we send.

TO WHOM ARE YOUR DATA COMMUNICATED ?

Payment by credit/debit card used in GRUPO SOPHIE implies that your card information will be sent directly to our payment partner Stripe. In this way, GRUPO SOPHIE does not have access to the bank data (for example, the credit card number) that the Client provides. Payment for purchases by credit/debit card at GRUPO SOPHIE implies that your card information will be sent directly to the payment method entity.

FOR HOW LONG IS THE INFORMATION KEPT?

The term of conservation of the information will vary depending on the type of treatment:

DATA COLLECTION PROCESS

CONSERVATION PERIOD

CUSTOMERS

Customer information will be kept for the period necessary to manage the processing of the purchase and the provision of after-sales service; Once the limitation period for legal actions has passed, the data will be deleted.

PRESS PASSES

The data collected for the allocation of press passes will be processed during the period necessary to control access to the events by the accredited media. Once the event is over, the information will be kept duly blocked and once the limitation period for legal actions has passed, it will be deleted.

COMMERCIAL COMMUNICATIONS

The information of recipients of commercial communications will be kept indefinitely unless the User requests to unsubscribe from receiving new communications, in which case, we will proceed to remove their data and include them in our Robinson List in order to guarantee that no new commercial shipments be made.

HOW DO WE PROTECT YOUR DATA?

SOPHIE GROUP uses technologies appropriate to the current state of the art, to protect your data and personal information, so our website is stored on secure servers protected against the most common types of attacks. SOPHIE GROUP has adopted the technical and organizational measures that guarantee the security of personal data and prevent their alteration, loss, treatment or unauthorized access, taking into account the state of technology, the nature of the data stored and the risks to that they are exposed. We remind you of the need for your username and password to be private and non-transferable.

In the event that you suspect any unauthorized access to the restricted access area, you must notify us immediately so that we can take the appropriate measures to guarantee the confidentiality, security and integrity of your personal data.

WHAT ARE YOUR RIGHTS REGARDING DATA PROTECTION?

The General Data Protection Regulation recognizes different rights to the interested party in relation to the processing of their personal data. Below, we inform you about each of these rights and we indicate the channels through which you can direct, where appropriate, the corresponding request:

TYPE OF RIGHT

DESCRIPTION

ACCESS

You have the right to obtain confirmation as to whether or not personal data concerning you is being processed, as well as access to the following information: the purposes of the processing; the categories of data processed; the recipients or categories of recipients to whom they have been communicated or will be communicated; if possible, the expected period of conservation of the personal data or, if not possible, the criteria used to determine this period

RECTIFICATION

You have the right to obtain the rectification of inaccurate personal data concerning you. In addition, taking into account the purposes of the treatment, you will have the right to have incomplete personal data completed, including by means of an additional declaration. To do this, you must tell us in your request what data you are referring to and the correction that we must make; Likewise, you will have to accompany, when necessary, the supporting documentation of the inaccuracy or incompleteness of the data object of the treatment.

LIMITATION

You have the right to obtain the limitation of data processing when any of the following conditions are met:

· when you have challenged the accuracy of your personal data, during the period that allows the Company to verify the accuracy of the same;

· in the event that you consider that the treatment is unlawful, you have opposed the deletion of personal data and request instead the limitation of its use;

· that the Company no longer needs the personal data for the purposes of the treatment, but the User needs them for the formulation, exercise or defense of claims;

· in the event that you have objected to the treatment, while verifying whether the legitimate reasons of the Company prevail over yours.

PORTABILITY

You will have the right to receive the personal data that concerns you, that you have provided to the Company, in a structured format, for common use and mechanical reading, and to transmit them to another data controller without being prevented by the Company, when the treatment is based on consent, and is carried out by automated means. By exercising your right to data portability, you will have the right to have personal data transmitted directly from controller to controller when technically possible. This right to portability will not apply to the treatment that is necessary for the fulfillment of a mission carried out in the public interest or in the exercise of public powers. The right to portability will not extend to the data that the Company has inferred from data derived directly from the use of the services provided.

OPPOSITION

You will have the right to oppose the processing of data that concerns you, at any time, including profiling. In the event that you exercise this right, the Company will stop processing your personal data, unless we prove compelling legitimate reasons for the processing to prevail over your interests, rights and freedoms, or for the formulation, exercise or defense of claims.

AUTOMATED DECISIONS

The interested party shall have the right not to be the subject of a decision based solely on automated processing, including the preparation of profiles that produce legal effects in the school that significantly affect in a similar way.

CHANNELS TO MAKE EFFECTIVE THE EXERCISE OF THESE RIGHTS:

To exercise any of the rights indicated in the previous sections, the User may send an email to privacy@sophie.es or send a letter to the following address: C/Cerrojo 28, esc. 1, floor 2, CP 29007, Malaga.

In cases where you consider that your data protection rights have been violated, especially when you have not obtained satisfaction in the exercise of your rights, you can file a claim with the Spanish Data Protection Agency. We indicate below the contact details of this control authority:

Postal address: Calle Jorge Juan nº 6, CP 28001, Madrid

Web address: www.aepd.es

Telephones: 901 100 099/ 91.266.35.17

TRUTH AND UPDATE OF THE INFORMATION PROVIDED

All information provided by the User must be true and accurate. For these purposes, the User must ensure the authenticity of all the data provided as a result of completing the corresponding forms. To register and/or fill out any form, the User will have to provide all the data that appears in said forms as mandatory, guaranteeing that the data provided is accurate and adequate to reality. The variation of your data must be notified as soon as possible to GRUPO SOPHIE . In any case, the User will be solely responsible for any false or inaccurate statements made, and for the damage caused to GRUPO SOPHIE , or to third parties, due to the information provided.

CHANGES IN THIS PRIVACY POLICY

GRUPO SOPHIE reserves the right to modify this Privacy Policy to adapt it to new legislation or jurisprudence, as well as to industry practices. In such cases, GRUPO SOPHIE will announce the changes introduced on this page reasonably in advance of their implementation.

Date of last update: 03/08/2022