1. IDENTIFICATION DATA AND WEBSITE OWNERSHIP
This Privacy Policy aims to inform you, in accordance with the provisions of Regulation (EU) 2016/679 (General Data Protection Regulation), Organic Law 3/2018 of December 5, on the Protection of Personal Data and Guarantee of Digital Rights, and its implementing regulations, both national and EU, how we obtain, process, and protect the personal data that you provide or that we collect through forms or cookies on our website https://eventomind.com (hereinafter «the website»), so that you can freely and voluntarily decide whether you want us to process it.
This website is owned by Epika Comunicación, S.L.U., hereinafter EPIKA, with Tax Identification Number (CIF) B67963710, and registered office at Calle Serrano, 42-4ºA, 28001, Madrid (Spain), registered in the Mercantile Registry of Madrid, Volume 43098, Folio 180, Page M-761600, Entry 1.
2. DATA CONTROLLER
The company responsible for processing your data is Epika Comunicación, S.L.U., hereinafter EPIKA, with Tax Identification Number (CIF) B67963710, and registered office at Calle Serrano, 42-4ºA, 28001, Madrid (Spain).
3. DATA PROTECTION OFFICER
The Data Protection Officer (DPO) is the person appointed by EPIKA to ensure compliance with current data protection regulations. If you believe your data protection rights and freedoms have not been respected, you can contact the Data Protection Officer at the email address dpo@epikacomunicacion.com or by mail to the attention of the DPO, Calle Serrano, 42-4ºA, 28001 Madrid, Spain.
4. CONTENT AND ACCEPTANCE OF THE PRIVACY POLICY
This Privacy Policy aims to explain how personal data is collected, processed, and protected when accessed through the form on this website, so that you can freely and voluntarily give your consent and decide whether to provide your personal data through the form provided for this purpose.
Furthermore, EPIKA will provide you with the appropriate technical resources so that, prior to providing your personal data, you can access this Privacy Policy and any other relevant information regarding Personal Data Protection.
Accessing and using this website implies your full acceptance of, and agreement to comply with, the terms and conditions set forth in this Privacy Policy, as well as the provisions contained in the Legal Notice. Together, these documents constitute the applicable Legal Texts. You can find the corresponding links at the bottom of the registration form.
We remind you of the importance of carefully reading these Legal Texts each time you intend to use the website, as they may be modified based on new developments, legislative and jurisprudential requirements, or business needs.
This Privacy Policy applies to personal data obtained through the website and its registration platform and does not apply to other websites of linked third-party companies, nor to other websites owned by EPIKA. Therefore, we ask that you carefully read the privacy policies of each of those websites you visit. 5. DATA CONTROLLER AND COLLECTION OF PERSONAL DATA
EPIKA, through the form available on the portal, may collect the personal information detailed below in order to tailor services to your requests and offer you a more personalized and efficient service: name and surname, entity or organization, email address, telephone number, postal address, city, province, country and postal code, and all data necessary for the service request. This data will be incorporated into the personal data files owned by EPIKA, which guarantees the confidentiality of the personal data provided and compliance with all applicable regulations.
All fields included in this form are mandatory. Failure to complete any of them, due to the nature of the service provided, could prevent us from processing your request to participate in contests and promotions. Furthermore, by clicking the “Register” or “Continue” button, or equivalent, on the registration form, you declare that the information and data you have provided are accurate and truthful. To ensure that the information provided is always up-to-date and error-free, you must notify us of any changes as soon as possible.
icacion.com by providing a copy
of a document that proves your identity (such as a national identity card, residence permit, etc.),
or by using the link provided for this purpose in the commercial communications you receive. Your
request will be processed as soon as possible, within the timeframes established by
current regulations.
11.- TRANSFER OF PERSONAL DATA
By checking the box “I consent to EPIKA COMUNICACIÓN, S.L.U. transferring my data to
third-party companies for the sending of commercial information” or similar, you give your
express consent for EPIKA to share your personal data with companies
with which it collaborates, for the sole purpose of sending you commercial information about products
or services related to the sectors indicated in the “Commercial Communications” section or to the service you have requested.
In the event that these companies process your personal data on behalf of and under the instructions of EPIKA, and not for their own purposes, they will act as data processors, in accordance with Article 28 of Regulation (EU) 2016/679 and Organic Law 3/2018, of December 5, on the Protection of Personal Data and Guarantee of Digital Rights. In such cases, EPIKA will ensure the execution of the corresponding data processing agreement, which will include the legally required obligations to ensure the adequate protection of your personal data.
In any case, the consent given is freely given, specific, informed, and unambiguous, and you may revoke it at any time, without retroactive effect, by writing to EPIKA at the postal address indicated in this privacy policy or via email to dpo@epikacomunicacion.com.
You can consult the identity of the potential recipients of your personal data and their Data Protection Officers (DPOs).
12. COMMUNICATION OF PERSONAL DATA.
For the proper provision of the services offered at https://eventomind.com/ and the
maintenance of our relationship with you, the personal data previously provided
in the registration form may be processed by third parties.
The personal data you provide may be communicated to the various collaborators and
service providers of EPIKA, the data controller, who will process the personal data
as data processors on behalf of and for EPIKA, in order to
guarantee the services provided by said controller and comply with the
obligations arising from applicable regulations, in accordance with the consent given.
In any of the cases described, we inform you that the computer servers of these service providers may be located in countries outside the European Union. If the level of privacy protection in these countries is not equivalent to European and national regulations on the protection of personal data, EPIKA, the data controller, will adopt the appropriate and necessary measures to best safeguard the rights of data subjects and the security of information, based on the technical measures available at any given time and in accordance with current legislation.
Furthermore, if third-party access to data is necessary for the provision of any service subcontracted by EPIKA, the necessary documents will be signed to guarantee the security of your personal data and the proper exercise of your rights. 13. SECURITY
EPIKA has adopted the necessary technical and organizational measures to guarantee a level of security appropriate to the risk presented by the processing of personal data it carries out, in accordance with the provisions of Article 32 of the General Data Protection Regulation (GDPR). Evidence of this is the attainment of certification under the ISO/IEC 27001:2022 Information Security Management System standard.
In particular, mechanisms have been implemented to preserve the confidentiality, integrity, availability, and resilience of processing systems and services, as well as protocols that allow for the rapid restoration of data availability and access in the event of a physical or technical incident. These measures have been selected taking into account the state of the art, implementation costs, the nature of the data processed, and the identified risks.
However, EPIKA informs users that the transmission of information through open networks such as the Internet cannot be guaranteed to be completely secure. Therefore,
any communication of personal data made through this channel is carried out under the sole
responsibility of the data subject.
Once the information is received, EPIKA applies robust security controls to prevent
unauthorized access, misuse, alteration, or loss of the personal data
processed, and conducts periodic reviews of its security measures to adapt them to
evolving
of the risks and available technologies.
In the event of a security breach affecting personal data, EPIKA will activate its internal breach management protocol, assess the risk to the rights and freedoms of data subjects, and, if applicable, notify the Spanish Data Protection Agency within a maximum of 72 hours. When the risk is high, it will also inform the affected parties directly, clearly and promptly.
EPIKA also has internal information security policies that regulate in detail the procedures, controls, and responsibilities in the processing of personal data. These policies are reviewed periodically and audited, and are aligned with the principles of the GDPR, ensuring proactive and diligent data security management. 14. CONFIDENTIALITY
At EPIKA, we are aware of the importance of your personal data and treat it with absolute confidentiality, committing to maintain its secrecy and guaranteeing its safekeeping by adopting all necessary measures to prevent its alteration, loss, unauthorized processing, or access, in accordance with our legal obligations as data controllers.
15. MINORS
Minors may not participate in the activities available through the website without the prior authorization of their parents, guardians, or legal representatives, who will be solely responsible for all actions taken through the website by the minors under their care, including completing forms with the personal data of said minors and, where applicable, checking the corresponding boxes. In this regard, and insofar as EPIKA has no capacity to verify whether users are minors, it is advised that parents and guardians must implement the necessary mechanisms to prevent minors from accessing the website and/or providing personal data without their supervision. EPIKA accepts no responsibility in this respect.
16. EXERCISE OF RIGHTS
As a data subject, you may exercise the following rights:
• Right to request access to your personal data. Obtain a copy of your personal data being processed.
• Right to request its rectification or erasure. Correct any inaccurate or incomplete data.
• Right to request the restriction of its processing. In certain circumstances, such as when you contest the accuracy of the data or object to its processing.
• Right to object to the processing. In particular, the right not to receive commercial communications, even if you have previously given your consent.
• Right to data portability. The right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit it to another data controller, when the processing is based on consent or a contract and is carried out by automated means.
• Right to withdraw consent.
• Right not to be subject to automated decision-making, including profiling.
• Right to erasure (“right to be forgotten”). The right to request the deletion of your data when it is no longer necessary for the purposes for which it was collected.
Everyone has the right to obtain confirmation as to whether or not EPIKA is processing personal data concerning them. Interested parties have the right to access their personal data, as well as to request the rectification of inaccurate data or, where appropriate, to request its erasure when, among other reasons, it is no longer necessary for the purposes for which it was collected.
In certain circumstances, you may request the restriction of the processing of your data, in which case EPIKA will only retain it for the exercise or defense of possible legal claims. In certain circumstances, and for reasons related to your particular situation, you may object to the processing of your data. In this case, EPIKA will cease processing the data, except for necessary legitimate reasons, or for the exercise or defense of possible legal claims.
If you have given your consent for a specific purpose, you have the right to withdraw the consent given, without this affecting the lawfulness of the processing based on the consent prior to its withdrawal. To do so, you can use the forms provided by EPIKA COMUNICACIÓN, S.L.U., or send a letter addressed to the Data Protection Officer (DPO) at Calle Serrano, 42-4ºA, 28001 Madrid (Spain), or send an email to dpo@epikacomunicacion.com.
If you believe your rights regarding the protection of your personal data have been violated, especially if you have not received a satisfactory response when exercising your rights, you have the right to file a complaint with the Spanish Data Protection Agency (AEPD).
