Basic information about data protection
- Legal Basis
- GDPR: 6.1.a) The data subject has given consent to the processing of his or her personal data for one or more specific purposes.
- Law 1/1982, on civil protection of the right to honour, personal and family privacy and self-image.
- Law 34/2002, of 11 July, on information society and electronic commerce services.
- Organic Law 3/2018, on the Protection of personal data and guarantee of digital rights (LOPGDD).
- Article 19 LOPGDD. Processing of contact details of individual entrepreneurs and independent professionals.
- In the absence of evidence to the contrary, the processing of the contact data and, where appropriate, data concerning the function or position held by natural persons providing services at a legal person shall be assumed to be covered by article 6.1.f of Regulation (EU) 2016/679, as long as the following requirements are met: a) That the processing refers solely to the data necessary to locate them for professional purposes. b) That the purpose of the processing is solely to maintain relationships of any kind with the legal person at which the data subject provides services.
- The same assumption shall apply for the processing of data related to individual entrepreneurs and independent professionals, when they refer to them only in said capacity and they are not processed to initiate a relationship with them as natural persons.
- The data controllers or data processors referred to in article 77.1 of this organic law may also process the data mentioned in the foregoing sections when such is derived from a legal obligation or it is necessary to exercise their competencies.
- Purposes of the Processing
Minimum purposes required to carry out the event: Registration and control of attendance to the event. As well as to fulfil the rest of the obligations to which INCIBE is subject.
Other purposes for which the express consent of the participant is expressly requested in the form for applying to participate in the event:
- Information about future events and related initiatives organised by INCIBE through the email address provided.
- Receive the web link for the anonymous event evaluation survey through the email address provided in the registration form.
Applicants to participate in the event.
- Data Categories
- Only the following identifying information is gathered on the application form:
- Candidate details (name, surname(s), business email address) to get in touch if you are selected to participate in the event.
- The candidate’s professional details (organisation, post and country) to validate fulfilment of the participation requirements
- Category Recipients
Exceptionally, communications to public authorities and bodies to comply with a legal obligation to which INCIBE is subject.
- International Transfer
- Erasure Period
They shall be retained for the time required to achieve the purpose for which they were collected and to determine possible liabilities that may arise from the aforementioned purpose and from data processing and to send information of interest to the recipients, until they de-register.
The obligatory minimum data collected on the registration form shall be preserved for a year following the conclusion of the event.
- Security Measures
- The security measures implemented are those set out in the National Security Plan.
- Access, Rectification, Erasure, Restriction, Portability, Opposition You may exercise your rights by writing to
- You may file a complaint at the Spanish Data Protection Agency.
- Responsible Body
- State-Owned Enterprise Instituto Nacional de Ciberseguridad de España, M.P., S.A. (INCIBE), holder of Tax ID Code A24530735.
- Data Protection Officer
- Additional information
You can view additional and detailed Data Protection information on our website:
In relation to the cookies, you may obtain the data on the website: https://www.incibe.es/politica-cookies