At Athletic Club we are committed to the protection of privacy and the correct use of the personal data that we process and which you provide to us, both online (on this website, and, where appropriate, any of its sub-domains, micro-sites and/or mobile applications), as well as offline.
Please read this policy carefully and make sure that you understand it and agree with it, before providing us with your personal information. If you do not agree with it then please do not use this website or its services, or provide us with your information. The fact of accessing this site, using any of its services or providing your data, either online or offline, we take to understand as a clear affirmative action, by which you give us your consent (when necessary) to process your data for the purposes indicated below.
If you are a member or supporter, you have provided your data to us, either offline or online, when requesting your registration as such, in order to maintain the relationship with you.
If you have provided us with your data via this website, we collect information, for example, when you access the webpage, when you register as a user, fill out any form with personal information, when you download our Mobile App, when you start a session in our Services via third-party services such as Facebook or Google, when you buy from our store or get tickets, or when you communicate with us directly by email.
When you provide us with your personal data, you guarantee that you are authorised to provide it, and that the information is true, accurate, exact and up-to-date, that it is not confidential, that it does not violate any contractual restrictions or rights of third parties, and that you agree not to impersonate other users by using their registration data for the different services and/or contents of the Website.
You are responsible for keeping your data correct and updated, Athletic Club declines all responsibility in case of not doing so.
The personal data that both Athletic Club and the Fundación Athletic process may come from third parties, such as, for example, Clubs or entities or organisations with which we have reached agreements for organising social, cultural or sports projects. In these cases, the categories of data that we may process include identifying data, personal characteristics data, social circumstances data, and even specially protected data.
3.1.- Third party data
With respect to the data of other people, you must respect their privacy, taking special care when publishing their personal data. If you provide us with data about third parties, it is your responsibility to have their prior and express consent to use it and to communicate it to us, and it is your responsibility to inform them of the inclusion of their data in our files.
The publication of data about third parties without their consent may also infringe data protection regulations, relating to the right of honour, privacy or the image of said third parties.
We may process the data that you provide, as well as any other information generated during the development of the relationship that we have with you, for different purposes, for example:
– keep in touch and communicate with you,
– manage the contractual and/or commercial relationship, whereby, when appropriate, we will send you information about our activities, events, products and services, and, where appropriate, manage your registration and/or participation in such activities or events
– access control and compliance with regulations on the prevention of violence at sports venues
The provision of certain registration data (or its use if already registered as member or supporter, and marking the corresponding option in the registration form, or the data from your Facebook profile in case of using the Facebook Connect option to register, will be mandatory in some cases, for example for accessing certain services or content such as online shopping, online supporter, contact, VIP area, access for viewing or downloading audiovisual content etc., because such data is essential for the processing for the purposes as described above in this section. If you do not provide this information, we will not be able to fulfil the requested services.
The personal data that you provide us will be kept for as long as you do not request its deletion; even if this is requested, we may keep it, limiting its processing, solely for compliance with legal obligations and/or the exercise or defence of claims.
In some cases (e.g. members, buyers of tickets or items from our online store), the legal basis which legitimises our processing of your data is the relationship derived from the existing contract between the parties; in others it will be via your consent, for example, if you have made a request via our web page, in the case of being a simple user, or if you are a participant in the activities and/or derived events, social, cultural or sports projects that we hold directly, via agreements with other entities or organisations. This consent is unequivocally granted to us by you providing us with your data online, via our website, or offline, considering said provision as a clear affirmative act which manifests such consent. You can withdraw this consent at any time by sending us an e-mail in this regard to email@example.com with said withdrawal not affecting the processing of your data for the rest of the purposes as described.
In other cases it may be to comply with a legal obligation, for example in the case of regulations on the prevention of violence at sports venues and in other cases, given the relevant and appropriate relationship that you have with us as member, supporter, collaborator or user of our site, participating in activities and/or events, social, cultural or sports projects that we run, we have a legitimate interest in processing your data for its maintenance and management.
These purposes are compatible with the initial purposes for which we collected your data (managing contact and communication with you, and maintaining the relationship that binds us), but, in any case, the provision of your data for the above purposes, derived from our interest legitimate, is always voluntary and your interests, rights or freedoms will always prevail over our legitimate interest, so if you ask us to delete and stop processing your data for these purposes (sending us an e-mail in this regard to rgpd@ athletic-club.eus) we will do so, being able to retain your information in blocked form for the formulation, exercise or defence of claims. This withdrawal does not affect the processing of your data for the rest of the purposes described.
If you have provided sensitive data subject to special protection, the legitimacy to process it is by express consent. You give us this consent unequivocally when you provide us with your information, considering this provision as a clear affirmative act that manifests such consent. The provision of the data requested is mandatory because it is essential to respond to your request; if you do not provide it, we cannot carry out your request. You can withdraw this consent at any time by sending us an e-mail in this regard to firstname.lastname@example.org. This withdrawal does not affect the processing of your data for the rest of the purposes described.
We inform you that the data you provide may be communicated to third parties for the fulfilment of purposes directly relating to legitimate functions of the assignor and assignee, such as:
Our services include certain features and widgets of Social Networks, such as the features “Connect with Facebook” or “Login with Google”, the “Like” button on Facebook, the “Share” button or other common interactive mini-programs on social media. These Characteristics of Social Networks may collect information such as your IP address or what pages you visit on our Website, and may create a cookie to enable them to function correctly. The Characteristics of Social Networks are not hosted by a third party or directly in our Services. Your interactions with these third parties are governed by their policies and not by ours.
Once received, any of the above requests will be responded to within a maximum period of 10 days.
You have the right to complain to the Spanish Agency for Data Protection. If you want more information about the rights you can exercise and for requesting models forms for the exercise of your rights, please visit the website of the Spanish Agency for Data Protection (Agencia Española de Protección de Datos), www.agpd.es.