Privacy Policy
This Privacy Policy describes the processing of personal data carried out by AUDIOVISUAL GLOBAL NETWORK S.L. (“AGN”), which complies with Organic Law 3/2018, of December 5, on the Protection of Personal Data and Guarantee of Digital Rights, and with Regulation (EU) 2016/679 of the European Parliament and Council, of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and the free movement of such data.
1. Data controler
The Data Controller for personal data is Audiovisual Global Network S.L., with CIF B-88316468, and the following contact details:
Calle Julián Rabanedo nº 4
28045, Madrid, Spain
Email: legal@creast.network
You may direct any inquiries or communications to the Data Protection Officer via the email address legal@creast.network or, alternatively, by sending a letter to the “Data Protection Officer” at Calle Julián Rabanedo nº 4, 28045 Madrid, Spain.
2. Data Protection Rights
The data subject may send written communications to the Data Protection Officer (whose contact details are provided in section 1 above) to request the exercise of the following rights:
- The right to request access to their personal data.
- The right to request rectification or erasure.
- The right to request the restriction of processing.
- The right to object to processing.
- The right to data portability.
In all cases, the data subject must provide their name, surname(s), contact address, and include a photocopy of their ID or Passport with any request. The data subject can obtain more information about these rights, as well as the forms to exercise them, on the Spanish Data Protection Agency’s website (‘Agencia Española de Protección de Datos’, www.agpd.es).
If the data subject has given their consent for a specific purpose, they have the right to withdraw the consent at any time, without affecting the lawfulness of the processing based on the consent originally given.
If the data subject believes their rights regarding the protection of their personal data have been violated, especially if they have been unable to exercise them satisfactorily, they may file a complaint with the Spanish Data Protection Agency through its website (www.agpd.es)
3. International Transfers and Recipients
Unless required by law or with the express consent of the data subject, AGN will never carry out international transfers of personal data. If an international transfer is necessary to a third party, it will be carried out in strict compliance with AGN’s legal, professional, and conduct obligations.
In the scope of the professional services provided by AGN, as well as for the execution of contracts with clients and suppliers, AGN may communicate personal data to third parties, including:
- Third parties to whom personal data must be communicated, such as judges, courts, arbitrators, courts of law, public administrations, counterparts, auditors, accountants, consultants, experts, private investigators, lawyers, legal representatives, registrars, and other professionals in the legal field.
- Entities in the financial sector, such as financial institutions, collection agencies, credit rating agencies, and lists of defaulters.
- AGN service providers, such as IT providers, accountants, auditors, and document storage services.
AGN contracts virtual infrastructure and cloud storage services from providers who may have servers in countries outside the European Union, which offer a level of protection lower than that required by the data protection regulations in force in Spain. These AGN providers include:
- Microsoft, whose privacy policy is available here: https://privacy.microsoft.com/es-es/privacystatement
- Amazon Web Services, whose privacy policy is available here: https://aws.amazon.com/es/compliance/data-privacy-faq/
- Google Cloud, whose privacy policy is available here: https://cloud.google.com/security/gdpr/?hl=en
The data subject expressly agrees to the processing of their personal data by AGN through the aforementioned cloud storage and virtual infrastructure services. The data subject may withdraw their consent at any time.
4. Types of Data Maintained by AGN
4.1 Client Data
Purpose: AGN will retain personal data for the provision of services requested by any client or potential client. The scope of these services is typically outlined in the commitment letter signed between AGN and the client. AGN may also process personal data on a precontractual basis, such as for preparing a service proposal for clients or potential clients.
Retention Period: In all cases, personal data of clients and potential clients will be retained as long as the legal relationship with AGN is maintained and, thereafter, until the client or potential client requests their deletion.
In no case can the client or potential client, in exercising their rights, condition or limit (i) the execution of a contract between AGN and the legal obligations derived from it; and (ii) the payment obligations that the client or potential client may have with AGN. Therefore, AGN may deny the rights of such a client or potential client until the relevant contract is completed, legal obligations are fulfilled, debts to AGN are paid, and/or legal actions related to any of the aforementioned are completed (e.g., arbitration, legal or administrative actions).
Legitimacy: AGN is authorized to store personal data for the purpose of executing the commitment letter (contract) signed between AGN and the client, as well as any precontractual actions (e.g., preparing a service proposal). Additionally, AGN is authorized by the client’s consent, which will be reflected in the commitment letter signed between AGN and the client.
The communication of personal data is a necessary requirement for signing the commitment letter, so the client must provide such information to AGN. If the client does not provide their personal data, AGN may refuse to sign the commitment letter, refrain from starting to provide its services, and/or terminate the legal relationship at any time.
4.2 Supplier Data
Purpose: AGN will store personal data to receive services from any service provider or potential service provider. The scope of these services is typically outlined in the service provision contract signed between AGN and the service provider. AGN may also process personal data on a precontractual basis, such as requesting a service proposal from service providers or potential service providers.
Retention Period: In all cases, personal data of service providers and potential service providers will be retained as long as the legal relationship with AGN is maintained and thereafter until the service provider or potential service provider requests their deletion.
In no case can the service provider or potential service provider, in exercising their rights, condition or limit (i) the execution of a contract between AGN and the legal obligations derived from it; and (ii) the payment obligations that the service provider or potential service provider may have with AGN. Therefore, AGN may deny the rights of such a service provider or potential service provider until the relevant contract is completed, legal obligations are fulfilled, debts to AGN are paid, and/or legal actions related to any of the aforementioned are completed (e.g., arbitration, legal or administrative actions).
Legitimacy: AGN is authorized to store personal data for the purpose of executing the service provision contract signed between AGN and the service provider, as well as any precontractual actions (e.g., preparing a service proposal). AGN is also authorized by the service provider’s consent, which may be reflected in the contract signed between AGN and the service provider.
The communication of personal data is a necessary requirement for signing the service provision contract, so the service provider must provide such information to AGN. If the service provider does not provide their personal data, AGN may refuse to sign the service provision contract, refrain from receiving the services, and/or terminate the legal relationship at any time.
4.3 Data of Individuals Requesting Information
Purpose: AGN will store personal data and any attached materials submitted by individuals who request information about AGN’s services in any way. The purpose will be to respond to the individual’s inquiry.
Retention Period: Personal data of individuals requesting information about AGN’s services, or inquiring about any specific issue in any other form, will be retained until the individual withdraws their consent, unless there is a legal obligation to retain the personal data for a longer period.
Legitimacy: AGN is authorized to store the personal data of individuals requesting information based on the specific consent that must be signed by each interested party. If the data subject refuses to sign the specific consent, their data and materials will be deleted, and the inquiry will not be addressed.
4.4 Data of Users Connecting to AGN’s Wi-Fi Network
Purpose: AGN will store session data of any individual who connects to the Wi-Fi network in its offices. The data stored will include the following information of each device connected to AGN’s Wi-Fi network: name, MAC, IP, channel (Wi-Fi or Ethernet), connection time, connection duration, and browsing information. The purpose will be to maintain a record for cybersecurity purposes and to block unauthorized devices.
Retention Period: Personal data of individuals connected to AGN’s Wi-Fi network will be retained for a maximum period of five years.
Legitimacy: AGN is authorized to store personal data of users connected to AGN’s Wi-Fi network based on specific consent that each user must sign. If the user refuses to sign the specific consent, their data will be deleted, and they will not be able to connect to AGN’s Wi-Fi network.
4.5 Cookie Policy
5. Minors
6. Security Notice
7. Modifications
Copyright © 2020 Audiovisual Global Network S.L. All rights reserved. Reproduction, in whole or in part, of this Privacy Policy is prohibited.