Privacy Policy
IBEMUSIK PRODUCCIONES, S.L. is committed to protecting the privacy of users who access this website and/or any of its services.
The use of the website and/or any of the services offered by IBEMUSIK PRODUCCIONES, S.L. implies the user’s acceptance of the provisions contained in this Privacy Policy and the processing of their personal data as described herein.
Please note that, although our website may contain links to other websites, this Privacy Policy does not apply to other companies or organisations to which the website may redirect. IBEMUSIK PRODUCCIONES, S.L. does not control the content of third-party websites and accepts no responsibility for the content or privacy policies of such websites.
1. Company Information
In compliance with Article 10 of Spanish Law 34/2002, of 11 July, on Information Society Services and Electronic Commerce, the identifying details of the website owner are provided below:
Website: https://ibemusik.koobin.com/
Company name: IBEMUSIK PRODUCCIONES, S.L.
Registered address: C/ Isla de la Gomera, 27, 28791 Soto del Real, Madrid, Spain
Tax ID: B42760017
Telephone: 615604148
Email: [email protected]
Registration details: Ibemusik Producciones, S.L.
Notary: Carlos Huidobro y Arreba
Volume: 41311
Page: 171
Entry: 3
Company Registry Sheet: M-732227
2. Applicable Laws
This Privacy Policy has been drafted in accordance with current Spanish and European legislation on the protection of personal data on the internet.
In particular, this policy complies with the following regulations:
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, known as the General Data Protection Regulation, or GDPR.
- Spanish Organic Law 3/2018, of 5 December, on Personal Data Protection and the Guarantee of Digital Rights, known as LOPD-GDD.
- Spanish Law 34/2002, of 11 July, on Information Society Services and Electronic Commerce, known as LSSI-CE.
3. Privacy Matters
In compliance with Regulation (EU) 2016/679, GDPR, and Spanish Organic Law 3/2018, of 5 December, on Personal Data Protection and the Guarantee of Digital Rights, we provide the following information regarding the processing of personal data that users may provide to us.
Data Controller
The data controller is IBEMUSIK PRODUCCIONES, S.L.
The company details are set out at the beginning of this legal notice.
4. Personal Data Records
In compliance with the provisions of the GDPR and LOPD-GDD, users are informed that the personal data collected by IBEMUSIK PRODUCCIONES, S.L. through the forms available on its website will be incorporated into and processed in our records.
The purpose of this processing is to facilitate, expedite and fulfil the commitments established between IBEMUSIK PRODUCCIONES, S.L. and the user, to maintain the relationship established through the forms completed by the user, or to respond to a request or query submitted by the user.
Likewise, in accordance with the GDPR and LOPD-GDD, unless the exception provided for in Article 30.5 of the GDPR applies, a record of processing activities is maintained, specifying the processing activities carried out according to their purposes and the other circumstances established in the GDPR.
5. Legal Basis for Processing
The legal basis for the processing of personal data is the user’s consent.
IBEMUSIK PRODUCCIONES, S.L. undertakes to obtain the user’s express and verifiable consent for the processing of their personal data for one or more specific purposes.
The user has the right to withdraw their consent at any time. Withdrawing consent will be as easy as giving it. As a general rule, withdrawal of consent will not affect the use of the website.
Where the user is required or able to provide data through forms in order to make enquiries, request information or for reasons related to the content of the website, the user will be informed if completion of any of the fields is mandatory because such data is essential for the proper development of the operation requested.
Other legal bases for processing may include:
- Compliance with legal obligations.
- Legitimate interest, including the sending of the company’s own advertising communications.
6. Categories of Data
The categories of data processed by IBEMUSIK PRODUCCIONES, S.L. are limited to identifying data.
Under no circumstances are special categories of personal data processed within the meaning of Article 9 of the GDPR.
7. Source of the Data
The personal data processed may come from:
- Data provided by customers or recipients of the services, by any means.
- Data supplied by users through the different services offered on the website.
- Data included in website forms.
- Data collected through cookies to improve the browsing experience, as described in the Cookies Policy.
8. Data Retention Period
Personal data will only be retained for the minimum time necessary for the purposes of its processing and, in any case, only for the legally required period.
The data provided by the user will be kept for as long as necessary to carry out the activity that is the purpose of the processing, and in no case for longer than legally established, or until the user requests cancellation, objection or restriction of processing.
However, certain identifying personal data and traffic data may be retained for a maximum period of two years in the event that such data is required by courts or tribunals, or in order to initiate internal actions arising from misuse of the website.
At the time personal data is obtained, the user will be informed of the period during which the data will be retained or, where this is not possible, of the criteria used to determine that period.
General Rule
Pursuant to Article 30 of the Spanish Commercial Code, and unless other criteria apply, all company documents and/or information will be retained for six years.
This applies to all accounting, tax, employment and commercial documentation, including correspondence.
Specific Periods
The company may also establish minimum retention periods depending on the type of data processed and the applicable limitation periods.
No decisions based on automated processing that produce legal effects concerning the user’s data will be made.
9. Purposes of Processing
The purposes of the data processing carried out are detailed below:
Customer Management
To provide the contracted services within the ordinary business activity of the company and to invoice such services.
The data provided will be retained while the commercial relationship is maintained or for the years necessary to comply with legal obligations.
Event Organisation
To organise events, including courses, talks, competitions and other promotional or dissemination activities, by any of the data controllers.
The data provided will be retained until the user requests the cessation of the activity or for the years necessary to justify the activity.
Responding to Enquiries
If the user has requested information through an express action using one of our forms, the data provided in that form will be used to respond to the enquiry submitted.
10. Recipients of the Data
The user’s personal data will not be shared with third parties.
In any case, at the time personal data is obtained, the user will be informed of the recipients or categories of recipients of the personal data, where applicable.
11. Personal Data of Minors
In accordance with Article 8 of the GDPR and Article 7 of Spanish Organic Law 3/2018, only individuals over the age of 14 may lawfully give their consent for the processing of their personal data by IBEMUSIK PRODUCCIONES, S.L.
If the user is under 14 years of age, the consent of their parents or legal guardians will be required for processing, and such processing will only be considered lawful to the extent that it has been authorised by them.
If this is not the case, the legal representative must inform us as soon as possible.
12. Rights Arising from the Processing of Personal Data
The user may exercise the following rights before the data controller, as recognised by the GDPR and Spanish Organic Law 3/2018.
Right of Access
The user has the right to obtain confirmation as to whether IBEMUSIK PRODUCCIONES, S.L. is processing their personal data and, where applicable, to obtain information about their specific personal data and the processing that has been or is being carried out.
Right to Rectification
The user has the right to have inaccurate personal data corrected or, taking into account the purposes of the processing, incomplete data completed.
Right to Erasure, or “Right to Be Forgotten”
The user has the right, unless otherwise provided by applicable law, to obtain the deletion of their personal data when:
- The data is no longer necessary for the purposes for which it was collected or processed.
- The user has withdrawn their consent and there is no other legal basis for processing.
- The user objects to the processing and there is no overriding legitimate reason to continue.
- The personal data has been processed unlawfully.
- The personal data must be deleted in compliance with a legal obligation.
- The personal data was obtained in connection with an offer of information society services directly to a child under 14 years of age.
Right to Restriction of Processing
The user has the right to restrict the processing of their personal data in the cases provided for by applicable law.
Right to Data Portability
Where processing is carried out by automated means, the user has the right to receive their personal data in a structured, commonly used and machine-readable format, and to transmit that data to another controller.
Right to Object
The user has the right to object to the processing of their personal data or to request that IBEMUSIK PRODUCCIONES, S.L. cease processing such data.
Right Not to Be Subject to Automated Decision-Making
The user has the right not to be subject to a decision based solely on automated processing of their personal data, including profiling, unless otherwise provided by applicable law.
Users also have the right to lodge a complaint with the competent supervisory authority, the Spanish Data Protection Agency, known as AEPD, if they consider that there is a problem or infringement of current regulations regarding the way their personal data is being processed.
The user may exercise the above rights by sending a written request, attaching a copy of an identification document, to the postal address or email address indicated at the beginning of this text.
13. Principles Applicable to the Processing of Personal Data
The processing of the user’s personal data will be subject to the following principles:
- Lawfulness, fairness and transparency: the user’s consent will be required following transparent information regarding the purposes for which personal data is collected.
- Purpose limitation: personal data will be collected for specified, explicit and legitimate purposes.
- Data minimisation: the personal data collected will be limited to what is strictly necessary.
- Accuracy: personal data must be accurate and kept up to date.
- Storage limitation: personal data will only be kept for as long as necessary for the purposes of processing.
- Integrity and confidentiality: personal data will be processed in a manner that ensures its security and confidentiality.
- Accountability: the website controller will maintain the necessary technical and organisational means to ensure compliance with these principles.
14. Security Measures Applied
We apply the security measures established in Article 32 of the GDPR. Accordingly, we have adopted the necessary security measures to ensure a level of security appropriate to the risk of the data processing carried out.
Some of these measures include:
- Informing staff about data processing policies.
- Carrying out periodic backups.
- Controlling access to data.
- Regular verification, evaluation and assessment processes.
15. Confidentiality and Security of Personal Data
IBEMUSIK PRODUCCIONES, S.L. undertakes to adopt the necessary technical and organisational measures, according to the level of security appropriate to the risk of the data collected, in order to guarantee the security of personal data and prevent its accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access.
However, since IBEMUSIK PRODUCCIONES, S.L. cannot guarantee the absolute invulnerability of the internet, the data controller undertakes to notify the user without undue delay whenever a personal data breach occurs that is likely to result in a high risk to the rights and freedoms of natural persons.
Personal data will be treated as confidential by the data controller, who undertakes to ensure that such confidentiality is respected by its employees, associates and any person to whom the information is made accessible.
16. Links to Third-Party Websites
The website may include hyperlinks or links that allow access to third-party websites other than those operated by IBEMUSIK PRODUCCIONES, S.L.
Such websites are not operated by IBEMUSIK PRODUCCIONES, S.L. Their owners will have their own data protection policies and will be responsible for their own files and privacy practices.
17. Acceptance and Changes to this Privacy Policy
The user must have read and agreed to the terms concerning the protection of personal data contained in this Privacy Policy, and must accept the processing of their personal data so that the data controller may process it in the manner, for the periods and for the purposes indicated.
Use of the website implies acceptance of this Privacy Policy.
IBEMUSIK PRODUCCIONES, S.L. reserves the right to modify its Privacy Policy at its own discretion, or due to legislative, case-law or doctrinal changes from the Spanish Data Protection Agency.
Users are advised to consult this page periodically in order to stay informed of the latest changes or updates.
Privacy Policy: Google Login Application
1. Data We Collect Through Google
When the user chooses to sign in or register using their Google account, the application may access only the basic information necessary to identify the user and allow access to the platform.
The data that may be collected from the user’s Google profile includes:
- Email address.
- Full name.
- First name and surname, if available in the Google profile.
- Profile picture, if configured by the user and available.
- Unique Google user ID.
- Technical information necessary to keep the session securely active.
The application does not access the content of the user’s email, Google Drive files, contacts, calendar or other Google services, unless an additional permission is requested in the future in an express, clear and independent manner.
2. Purpose of Data Processing
The data obtained through Google login is used for the following purposes:
- To create a user account on the platform, where necessary.
- To allow secure login through Google.
- To identify the user within the system.
- To avoid requiring the user to create a specific password for the platform.
- To keep the user’s session active.
- To personalise the basic user experience, for example by displaying the user’s name or profile image.
- To manage technical issues, support requests or enquiries related to access to the platform.
- To guarantee system security and prevent unauthorised access.
The data will not be used for purposes other than those indicated in this policy without informing the user in advance and, where necessary, requesting their consent.
3. Legal Basis for Processing
The legal basis for processing personal data is:
- The user’s consent, given by voluntarily selecting the Google login option.
- The performance of a contractual or pre-contractual relationship, where access to the platform is necessary to provide a service requested by the user.
- The legitimate interest of the data controller in ensuring the security, operation and technical maintenance of the platform.
The user may withdraw their consent at any time by requesting the deletion of their account or by revoking the application’s access from the security settings of their Google account.
4. Data Storage and Security
The personal data collected is stored in systems and servers used for the operation of the platform linked to atlantidachamberorchestra.com.
The data controller undertakes to apply appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, disclosure or accidental destruction.
The security measures applied may include:
- Restricted access to personal information.
- Use of secure HTTPS connections.
- Authentication and access control systems.
- Secure storage of user identifiers.
- Protection measures against unauthorised access.
- Periodic review and maintenance of platform security.
Where external technology providers are used for hosting, maintenance or technical management of the platform, such providers will act in accordance with the applicable legal obligations regarding data protection.
5. Sharing Data with Third Parties
Data obtained through Google login is not sold, rented or transferred to third parties for commercial purposes.
User information may only be shared in the following cases:
- With technology providers necessary for the operation of the platform, such as hosting, maintenance, security or technical management services.
- Where there is a legal obligation requiring the communication of certain data to public authorities, regulatory bodies, courts or tribunals.
- Where necessary to protect the rights, security or integrity of the platform, the data controller or other users.
In all cases, data will only be shared where necessary and under the relevant legal safeguards.
6. Limited Use of Google Data
Data obtained through Google will be used exclusively for the purposes indicated in this Privacy Policy.
The application complies with the principle of limited use of data. Therefore:
- It only requests the permissions necessary to allow the user to sign in.
- It does not access Google data that is not necessary for authentication.
- It does not use Google data for unauthorised advertising purposes.
- It does not sell or transfer Google user data to third parties for commercial purposes.
- It does not allow unauthorised persons to access the user’s information.
If, in the future, the application requests access to sensitive or restricted Google APIs, such as Gmail, Google Drive, Google Calendar or other services, the user will be clearly informed in advance, the relevant express consent will be requested, and the use of such data will be limited to the authorised purpose.
7. Data Retention
The user’s personal data will be retained for as long as the account remains active on the platform or for as long as necessary to provide the requested service.
When the user requests the deletion of their account or the erasure of their data, the information will be deleted or anonymised, unless there is a legal obligation requiring certain data to be retained for an additional period.
In the event of prolonged inactivity, the data controller may review or delete inactive accounts, always in accordance with applicable regulations and, where appropriate, informing the user in advance.
8. User Rights
In accordance with applicable data protection legislation, particularly the European Union General Data Protection Regulation, the user may exercise the following rights:
- Right of access: to request information about what personal data is being processed.
- Right to rectification: to request the correction of inaccurate or incomplete data.
- Right to erasure: to request the deletion of personal data.
- Right to object: to object to the processing of data in certain cases.
- Right to restriction of processing: to request that the use of data be limited.
- Right to data portability: to request to receive data in a structured, commonly used format.
- Right to withdraw consent: to withdraw consent at any time.
To exercise these rights, the user may send a request to the following email address:
The request must clearly indicate the right the user wishes to exercise and provide the information necessary to verify the identity of the applicant.
9. Account and Data Deletion
The user may request the cancellation of their account and the deletion of their personal data by sending an email to:
It is recommended to include the following subject line:
“Request for Account and Personal Data Deletion”
Once the request has been received, the deletion of the data will be managed within a reasonable period, unless there is a legal obligation requiring certain information to be retained.
The user may also revoke the application’s access to their Google account from the security settings of their Google account, under the section for third-party applications with account access.
10. Minors
The platform is not specifically intended for minors.
If a minor uses the application, they must have the authorisation of their parents, guardians or legal representatives where required by applicable regulations.
If the data controller detects that personal data from a minor has been collected without the corresponding authorisation, the necessary measures will be taken to delete such data.
11. Changes to the Privacy Policy
The data controller may modify this Privacy Policy when necessary in order to adapt it to legal, technical, operational or platform-related changes.
The updated version will be available on the following domain:
https://atlantidachamberorchestra.com
Users are advised to review this policy periodically in order to stay informed about how their personal data is protected.
12. Contact
For any enquiry related to this Privacy Policy, the processing of personal data or the use of Google login, the user may contact:
Data Controller: IBEMUSIK PRODUCCIONES, S.L.L
Address: C/ Isla de la Gomera, 27, 28791 Soto del Real, Madrid, Spain
Email: [email protected]
Website: https://atlantidachamberorchestra.com
```