Privacy Policy

Download privacy policy (PDF)


Valencia Club de Fútbol, S.A.D.

1. GENERAL INFORMATION

The purpose of this "Privacy and Data Protection Policy" is to inform you of the conditions that govern the collection and processing of your personal data by our entity to ensure your rights, all in compliance with the current regulations that regulate the Protection of Personal Data according to the European Union and the Spanish State. Being applicable REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR), and Organic Law 3/2018, of 5 December, on the Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD), as well as instructions and guidelines from the Supervisory Authority.


2. USER INFORMATION

Who is responsible for the processing of your personal data?

The Data Controller is any natural or legal person, public or private, who alone or jointly with others determines the purposes and means of the processing of personal data. In this case, the identification data of the Data Controller (hereinafter, "VCF") are as follows:

Valencia Club de Futbol S.A.D - CIF A46050217

Plaza del Valencia Club de Futbol Nº2. 46010, Valencia (Valencia), Spain

Email: lopd@valenciacf.es

Phone: 963372626


What do we process your personal data for?

The VCF will process the data of the interested party, manually and/or automatically for each of the processing activities depending on the purposes existing in relation to the interested party:

  •  Subscriber management: To process the data for the management of their status as season ticket holders/club members with all the necessary processing (entry to VCF venues, modification and updating of data, billing and payment control, etc.).
  • Participation in Sweepstakes and Promotions: Marketing, advertising and commercial prospecting. Management of the data requested for participation and monitoring of the raffles and promotions carried out by the Club.
  • Management of email mailings: Marketing, advertising and commercial prospecting.
  • Management of participation in events and promotions: Marketing, advertising and commercial prospecting. Attendance at events and/or promotions carried out by the Club in order to promote the image of the Club.
  • Management of Shareholders and/or their representatives: To process the data in your capacity as a shareholder and/or shareholder's representative, accounting, tax and administrative, as well as for your participation in meetings or for the exercise of your rights as a shareholder.
  • Management of registered users VCF APP: Marketing, advertising and commercial prospecting; e-commerce. Management of people who register on the website, online store, applications or similar, in order to allow them access to and use the services, contact, support and resolution of incidents. Sending push notifications, SMS, and electronic or equivalent means.
  • Job bank: Recruitment.
  • Supplier management: Supplier management, accounting, tax and administrative.
  • Website Consultations. Response to queries received through the website's electronic form.
  • Social Media: Sharing information on Social Media. Publish both photographic and audiovisual images obtained from their participation or attendance at events, acts or sports activities carried out by the entity.
  • Subscriber management: Marketing, advertising and commercial prospecting.
  • Management, attention and booking of travel and displacement requests: Management of associative, cultural, recreational, sports and social activities. use of data necessary for the VCF to manage and process the necessary information in response to the request by the interested party to book trips and displacements related to the Valencia C.F. teams.
  • Web User Management: E-commerce.


Why may we process your personal data?

The collection and processing of your data is always legitimized by one or more legal bases or legitimate interests, depending on the purpose, which we detail below:

  •  Subscriber management: Existence of a contractual relationship with the data subject
  • Participation in Sweepstakes and Promotions: Legitimate interest of the Data Controller or third parties. Compliance with legal obligations in order to process and manage your participation in sweepstakes and/or promotions of the entity.
  • Management of email mailings: Explicit consent of the interested party.
  • Management of participation in events and promotions: Explicit consent of the interested party.
  • Management of Shareholders and/or their representatives: Compliance with legal obligations and existence of a contractual relationship with the interested party.
  • Management of registered users of the VCF APP: Explicit consent of the interested party.
  • Job bank: Explicit consent of the interested party.
  • Supplier management: Existence of a contractual relationship with the interested party.
  • Website Consultations: Explicit consent of the interested party.
  • Social networks: Explicit consent of the data subject.
  • Subscriber management: Explicit consent of the data subject
  • Management, handling and booking of travel and travel requests: Legitimate interest of the Data Controller or third parties.
  • User management: Explicit consent of the interested party.


How long will we keep your personal data?

They will be kept for no longer than is necessary to maintain the purpose of the processing or there are legal prescriptions that dictate their custody and when it is no longer necessary to do so, they will be deleted with appropriate security measures to guarantee the anonymisation of the data or the total destruction of the same. The expected retention periods are as follows:

  •  Subscriber management: When they are no longer necessary for the relationship between the interested party and VCF.
  • Participation in Sweepstakes and Promotions: When they are no longer necessary for the relationship between the interested party and VCF
  • Management of email submissions: As long as the interested party does not request their deletion.
  • Management of participation in Events and promotions: When they are no longer necessary for the relationship between the interested party and VCF.
  • Shareholder Management: When they are no longer necessary for the relationship between the interested party and VCF.
  • Management of registered users of the VCF APP: As long as the user does not proceed to unsubscribe from the use of the same.
  • Job bank: For a period of 1 year from the last confirmation of interest.
  • Supplier management: For a period of 5 years from the last confirmation of interest.
  • Website Consultations: For a period of 1 year from the last confirmation of interest.
  • Social networks: As long as their deletion is not requested by the interested party.
  • Subscriber management: As long as their deletion is not requested by the interested party.
  • Management, attention and booking of travel and travel requests: As long as the commercial relationship is maintained. Personal data will be processed for as long as they are necessary for the management of the purposes informed
  • User management: For a period of 5 years from the last confirmation of interest.

In this sense, the VCF will keep the personal data once its relationship with you has ended, duly blocked, during the limitation period of the actions that may arise from the relationship maintained with the interested party. Once blocked, your data will be inaccessible to the VCF, and will not be processed by it, except for making it available to the Public Administrations, Judges and Courts, for the attention of possible liabilities arising from the processing, as well as for the exercise and defense of claims before the Spanish Data Protection Agency. Finally, and provided that you have not withdrawn your consent for this purpose, the VCF will keep your data in order to keep you up to date with Valencia CF products, events and services that may be of interest to you.


Who do we provide your personal data to?

Sometimes, in order to comply with our legal obligations and our contractual commitment to you, we are obliged and necessary to transfer some of your data to certain categories of recipients, which we specify below:

  •  VCF may communicate your data to entities that are within the business group: Tiendas Oficiales VCF, S.L.U with CIF B98205966.
  • As a general rule, VCF does not transfer your data to collaborators or sponsors. In the case of carrying it out due to a specific treatment, we will always ask for your consent. You can see the sponsors through the following link: https://www.valenciacf.com/es/club/partners
  • Third-party companies: For operational reasons and to offer VCF personalized services and attention, we may provide and/or give access to certain data of the interested party to companies that provide certain services to the VCF. This provision of services is regulated by the corresponding data processor agreements to guarantee the maximum confidentiality of the information.
  • Competent authorities in the matter, Money Laundering Prevention Agencies, State Security Forces and Corps, Courts and Tribunals, as well as Public Bodies.


Who do we provide your personal data to?

In the processes of processing your data carried out by our entity, we need to contract external services that may involve your data being stored and/or processed by organizations that are established or operate from outside the European Union, which would imply that we make international transfers of your data to the United States. All these companies comply with the requirements of the Control Authorities and current regulations. Having contractual contracts that respond to the appropriate guarantees and/or because they are adhered to the Data Privacy Framework in the United States. Here are all the details of those international transfers:

▪ Microsoft Corporation - 1 Microsoft Way - Redmond, WA 98052 USA

▪ Google LLC - 1600 Amphitheatre Parkway - Mountain View, California 94043

▪ Facebook, Inc. - 1601 Willow Road - Menlo Park, California 94025

▪ Twitter, Inc. - 1355 Market Street #900 - San Francisco, California 94103

Where did we get your personal data from?

All the data contained in our databases and processed by the interested party or his/her legal representative, at the time of initiating the relationship with VCF, by filling in the forms provided and/or by sending said information by the interested party through the online channels/emails provided by VCF.

What categories of data do we collect and process?

VCF will collect and/or process, depending on the category of data subject and purpose of the processing, any and/or all of the following categories of data, as may be specified in the forms provided for this purpose and/or in the corresponding requests for personal data:

  • Identification data
  • Social Circumstances
  • Academics & Practitioners
  • Employment Details
  • Commercial Information
  • Economic, financial and insurance (in the case of banks)
  • Economic, financial and insurance
  • Transactions in goods and services
  • Location data
  • Bless you


What are your rights?

The current data protection regulations protect you in a series of rights in relation to the use we make of your data. Each and every one of your rights is personal and non-transferable, i.e. they can only be exercised by the owner of the data, after verification of their identity. Below, we indicate what your rights are:

▪Request ACCESS to your personal data Request the RECTIFICATION of your data.

▪Request the ERASURE or deletion of your data (right to be forgotten) LIMIT or OPPOSE the use we make of your data.

▪Right to PORTABILITY of your data in cases of telecommunications or internet services.

▪Right to WITHDRAW your consent at any time.

▪Right to file a COMPLAINT: In addition to your rights, if you believe that your data is not being collected or processed in accordance with current Data Protection regulations, you may file a complaint with the Supervisory Authority, whose contact details are indicated below:

SPANISH DATA PROTECTION AGENCY C/ Jorge Juan, 6. 28001, Madrid (Madrid), Spain Email: info@agpd.es - Phone: 912663517 Web: https://www.agpd.es

Contact details to exercise your rights or request information about our data protection policy: We have a person specialised in data protection, who is responsible for ensuring that our entity complies correctly with current legislation and regulations. This person is called the Data Protection Officer (DPO) or VCF de Protección de Datos and, if necessary, you can contact them as follows: Valencia Club de Futbol S.A.D - CIF A46050217 Email: dpo@valenciacf.es Telephone: 96 337 26 26.


3. MANDATORY OR OPTIONAL NATURE OF THE INFORMATION PROVIDED BY THE USER

The interested parties, by ticking the corresponding boxes and entering data in the fields, marked with an asterisk (*) in the contact form or presented in download forms, expressly and freely and unequivocally accept that their data is necessary to attend to their request or processing requested, by the VCF, The inclusion of data in the remaining fields is voluntary. The Data Subject guarantees that the personal data provided to the VCF is accurate, true and complete, and is solely responsible for any damage, direct or indirect, that may be caused to VCF as a result of having provided false or inaccurate data. Their refusal to provide the requested data as mandatory may imply the impossibility of processing the request or data processing, likewise, they are responsible for communicating any modification of the same.

The VCF informs that all the data requested through the website or different actions for a correct relationship with the interested party are mandatory, as they are necessary for the provision of an optimal service. In the event that not all data is provided, there is no guarantee that the information and services provided will be completely tailored to your needs.


4. SECURITY MEASURES

That in accordance with the provisions of the current regulations on the protection of personal data, the VCF is complying with all the provisions of the GDPR and LOPDGDD regulations for the processing of personal data for which it is responsible, and manifestly with the principles described in article 5 of the GDPR, by which they are processed lawfully, fair and transparent in relation to the data subject and adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.

The VCF guarantees that it has implemented appropriate technical and organisational policies to apply the security measures established by the GDPR and the LOPDGDD in order to protect the rights and freedoms of the data subjects and has communicated to them the appropriate information so that they can exercise them. Among others, the following measures stand out:

1.Ensure the ongoing confidentiality, integrity, availability and resilience of treatment systems and services.

2.Restore availability and access to personal data quickly, in the event of a physical or technical incident.

3.Verify, evaluate and assess, on a regular basis, the effectiveness of the technical and organisational measures implemented to guarantee the security of the processing.

4.Pseudonymize and encrypt personal data, in the case of sensitive data.

For more information on privacy guarantees, you can contact the VCF through Valencia Club de Futbol S.A.D. Plaza del Valencia Club de Futbol, 2 - 46010 Valencia (Valencia). Email: dpo@valenciacf.es.