| Who is responsible for the treatment? |
The Data Controller is UNISON RIGHTS OGI, S.L. (hereinafter UNISON), with address at Carrer de Reina Cristina, 9, pral., CP 08003 – Barcelona (Spain), CIF: B-66840612 Email: privacy@unisonrights.com, tel. 931 43 49 96. UNISON is an independent management entity of rights in musical works, authorized by management contracts signed with authors and musical publishers to manage their rights in accordance with the provisions of art. 153 of the Intellectual Property Law of Spain and Directive 2014/26/2014. |
||
| Applicable legislation |
UNISON commits to process your data in accordance with: · REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) · Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights (LOPD). · Any applicable regulations in force, regarding privacy, data protection, transparency and information security. |
||
How do we process your data? |
|||
| For what purposes is your data processed? |
A – If you are an author, composer, publisher
|
B – If you are a user of our website | C – If you are a client of our repertoire |
|
· Process your enrollment to UNISON. · Contact you regarding our contractual relationship. · Manage our contractual relationship. · Manage, collect and distribute your royalties. · Process claims · Identify works · Verify works in the process of being identified · Manage licenses to use your works. Negotiate, within the · Billing and accounting · Send you information about changes in our privacy policy · Enforce a contract, or take measures regarding a
|
· To respond to your requests for information or any other questions · Send you information about changes in our privacy policy · Enforce a contract, or take measures regarding a contract · To handle and respond to your questions regarding the exercise of your rights in accordance with the regulations in force relating to personal data |
· Process your enrollment to UNISON. · Contact you regarding our contractual relationship · Manage our contractual relationship. · Manage, collect and distribute the royalties from your licenses to the rights holders represented by Unison directly or indirectly · Process claims · Identify works · Verify works in the process of being identified · Manage the licenses to use the works · Manage agreements with other Collective Management Entities · Billing and accounting matters. |
|
| What is the legal basis? |
· Consent · Pursuant to the membership agreement you signed so that UNISON manages your rights or the rights that you represent · Celebration or execution of contracts in your interest · UNISON legitimate interest · Collective Management Provisions of the Intellectual Property Spanish Law Legal obligations · Legal obligations.
|
· Consent · Unison legitimate interest Celebration and/or execution of the agreement you have signed with UNISON · Provisions of the Intellectual Property Spanish Law · Legal obligations |
· Consent · Celebration or execution of an agreement between the parties · Unison legitimate interest · Collective Management Provisions of the Intellectual Property Spanish Law Legal obligations · Legal obligations |
| With whom do we share your data? |
· Unison employees and collaborators. · Public entities and authorities under legal obligation · Judicial authorities upon request or if necessary to comply with the contract between the parties · Other collective management organisations that work with us · Users or potential users of the repertoire managed by UNISON · Banks and financial entities to manage collections and / or payments
|
· UNISON employees and collaborators |
· UNISON employees and collaborators · UNISON clients · Public entities and authorities under legal obligation · Judicial authorities upon request or if necessary to comply with the contract between the parties · Other collective management organisations that work with UNISON · Banks and financial entities to manage collections and / or payments |
| For how long do we keep your data? |
· For the duration of the contractual relationship we have with you and up to 5 years later (without prejudice to the following sections) for legal purposes · During the periods defined by applicable legislation (tax, criminal, other …) – During the legal periods to which UNISON is subject in the course of its commercial activities · In certain situations, you may be asked to voluntarily provide supporting documentation to confirm your identity. These documents are kept for a period of two years. |
· For the time necessary to process your request · In the event of your participate in a contest or draw that we carry out, the information is kept until the prize has been awarded, up to a maximum period of one year · For the applicable legal periods in case of disputes · During the periods defined by applicable legislation (tax, criminal, other …) · During the legal periods to which UNISON is subject in the course of its commercial activities. |
· For the duration of the contractual relationship we have with you and up to 5 years later (without prejudice to the following sections) for legal purposes · During the periods defined by applicable legislation (tax, criminal, other …) · During the legal periods to which UNISON is subject in the course of its commercial activities. · In certain situations, you may be asked to voluntarily provide supporting documentation to confirm your identity. These documents are kept for a period of two years.
|
What are your rights ? |
|||
| Access | Right you have to consult what personal data is processed by UNISON, what is the purpose for which it is processed, the communications that will be made to third parties (if applicable) or the right to obtain a copy of your data or to know the expected period.
|
||
| Rectification | Right you have to modify the personal data that UNISON treats that are inaccurate.
|
||
| Objection | Right that you have for certain reasons related to a particular situation that your data is no longer processed to a degree or measure that may cause you damage.
|
||
| Erasure | Right you have to request that we delete your personal data.
|
||
| Restriction of processing | Right you have to request us to stop processing your data and only keep it for the exercise or defense of your claims.
|
||
| Data portability |
Right you have to receive your personal data in a structured, commonly used and machine readable format and also the right to transmit those data to another controller.
|
||
| Not to be subject of decision based on automated data procedures: |
Right you have not to be subject of a decision based solely on automated processing, including profiling, that produces legal effects or that significantly affects you in a similar way.
|
||
How to exercise your rights? |
|||
| The rights of Access, Rectification, Objection, Erasure, Restriction of Processing and Portability are personal and, therefore, must be exercised by the affected party who must prove their identity. However, it may be done through a legal or voluntary representative.
You may exercise the rights of Access, Rectification, Objection, Erasure, Restriction of Processing and Portability to the processing of your data, by means of a signed letter addressed to UNISON RIGHTS OGI, SL, Carrer de Reina Cristina, 9, pral. 08003 – Barcelona , or by sending it by email to privacy@unisonrights.com, adding in any case a copy of the ID of the interested person. If a satisfactory response has not been obtained in the exercise of these rights, it is possible to file a claim with the Spanish Agency for Data Protection, through the forms or other channels accessible from its website (www.aepd.es). |
|||
How does UNISON keep your data secure? |
|||
| UNISON, as a data controller, ensures the protection of the personal data you entrust to it by implementing appropriate technical and organisational measures, which guarantee a level of security commensurate with the risk.
Appropriate measures have been taken to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services, the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident and also, we have implemented a process of for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing. These measures adopted guarantee that the technical and organizational means are in place to prevent the loss, misuse, alteration, unauthorized access or copying of the data provided. These measures include, among others, the segregation of functions through access profiles, network threat monitoring controls, backups, storage in two different locations, access control mechanisms, network segmentation, procedures and channels for the exercise of rights, informative clauses and legitimating basis for data processing, monitoring the use of personal data, in addition to the application of firewalls, antivirus and working with companies that offer adequate levels of security. In case of a personal data breach, we will notify you and the supervisory authority, as appropriate in accordance with our legal obligations. Despite all these measures, it is a fact that there is no security system that can guarantee absolute protection. |
|||
Processing of special categories of personal data |
|||
| We do not collect nor process particularly sensitive personal data or data included in the special category such as personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.
|
|||
International transfer of data |
|||
| The protection provided by the GDPR travels with the data, which means that the rules protecting personal data continue to apply regardless of where the data is transferred.
International data transfers involve a flow of personal data from Spanish territory to recipients established in countries outside the European Economic Area (the countries of the European Union plus Liechtenstein, Iceland and Norway). The data controllers and processors may carry out international data transfers without the authorization of the Spanish Data Protection Agency provided that the data processing complies with the provisions granted by the GDPR. Given the global nature of our operations, we may transfer your personal data to the United States and to other countries where data protection laws may not be as extensive as those in force in the EU. When Unison transfers your personal data outside the European Economic Area, it will only transfer personal data when one of the following circumstances occurs: · To a country that, according to the European Commision, ensures an adequate level of protection · To a company that maintains a valid and current “Privacy Shield” (Privacy Shield Certification) between USA-UE valid that provides certain personal data protection regulations, in relation to the category of personal data being transferred. · When we have implemented an appropriate mechanism for data transfer, for example, the EU Standard Contractual Clauses, standard data protection clauses adopted by a supervisory authority and approved by the Commission, to ensure that your personal data is adequately protected. If none of the above criteria are met, Unison will continue to be empowered to transfer personal data outside of the European Economic Area in accordance with the situations provided for in Article 49 of the GDPR. Access to your personal data will be limited to people who need to know such data for any of the purposes described in this Privacy Policy.
|
|||
Links to other websites |
|||
| On the UNISON website there are links to other websites that we consider potentially useful and informative to you. However, please note that we do not endorse or recommend the content or services of such websites, nor are we responsible for their privacy policies. We encourage you to be aware of and read the privacy policies of all the sites you visit. Remember that what is indicated in this Privacy Policy only applies to the data that Unison collects and/or processes. | |||
Modification and integrity of our Privacy Policy |
|||
| We will only use your personal data as established in the Privacy Policy that is in force at the time we collect your personal data. Unison reserves the right to modify this Privacy Policy at any time, publishing such modifications on our website, so we recommend that you visit it each time you access the Privacy Policy.
If at any time we decide to use personal data differently from what was stated at the time it was obtained, we will notify you by email, as long as we have it. At that time you will be given the option to authorize other uses or disclosures of the personal data that you would have provided us before the modification of our Privacy Policy. In the event that any clause of this Privacy Policy is annulled or considered null, the rest of the conditions will not be affected, fully retaining their validity and validity, in accordance with the current regulations applicable at all times. |
|||
Last update: September 2022