The protection of personal data is important for us.
Individuals are recommended to read carefully this Policy before disclosing any personal data and/or filling in any electronic form posted on this Site. By visiting our website or by providing us your personal data, you agree and consent to the collection, use and disclosure of your personal information as outlined in this Policy.
“Personal Data” means any information or set of information that relates to an individual such as name, address, email, telephone number etc. which can be either direct or indirect and can be collected by or on behalf of the Company.
A few words about the Site
This website is used by the Company in order to inform the users about our Paradox Museum in Barcelona.
Personal Data we collect
We may collect and process the following personal data about you, including but not limited to:
- Personal information that can be used to identify you, such as name, postal and/or email address, phone number, date of birth, residence address and other information such as photographs and digital imagery, your communications preferences; queries you make to the Company;
- Professional data, such as your business address, business email address, business phone numbers, job title/position, educational information, professional qualifications, CVs only to the extent required to establish a business or employment relationship with you;
- Your Communications with Us. We collect personal information from you such as email address, phone number, or mailing address when you request information about our Museum, request customer or technical support, apply for a job or otherwise communicate with us.
- Identification data, such as your registration/identification information (for example, identity card numbers) insofar as required by the Company and permitted by law;
- Surveys. We may contact you to participate in surveys. If you decide to participate, you may be asked to provide certain information which may include personal information.
- Digital data generated from your use of our Site or for the delivery of services to the Company, such as IP address, login user credentials, your browser type and version, time zone setting, time period of user’s staying on a single page, the internal path analysis and/or other parameters regarding the user’s operating system and computer environment, browser plug-in types and versions, operating system and platform and other data transmitted via cookies. This data is collected and used only in an aggregated and not immediately identifiable manner; they could be used among others to ascertain responsibility in case of hypothetical crimes against the site or upon public authorities’ request; In addition, we may automatically collect data regarding your use of our website, such as the types of content you interact with and the frequency and duration of your activities. We may combine your information with information that other people provide when they use our website, including information about you when they tag you.
- Publicly available information.
- Information from Other Sources. We may obtain information about you from other sources, including through third party services and organizations to supplement information provided by you.
Ways of obtaining personal data
In most cases, the Company will collect data directly from you, although sometimes we will obtain data about you from public or third-party data sources.
Below are some examples of how you may provide personal information to the Company:
- searching and browsing for content;
- ordering newsletters and/or publications;
- participating in “join our mailing list” initiatives;
- contacting us for further information;
- contracting us for business purposes;
- visiting our Site while logged into a Social Media platform; and/or
- providing us with business cards or other contact information.
When you are asked to provide personal data, you may decline. But if you choose not to provide data that is necessary for us to provide certain functions of the Site, we may not be able to provide such functions.
Purposes of processing personal data
The Company will process your personal data only for purposes permitted by applicable laws, which may vary depending on where you live, and where the Company operates, and on the terms set forth in this Policy. The purposes of the data processing activities may include:
- Our primary purpose for collecting personal information from you is to provide you with more information about our Paradox Museum and our business in general, to explore collaboration opportunities with you and to employ individuals interested in working in our Museum.
- Managing our business and to provide you goods and services.
- Analyze and improve our business pursuant to our legitimate interest, such as:
- Detecting security incidents, protecting against malicious, deceptive, fraudulent or illegal activity, and prosecuting those responsible for that activity;
- Measuring interest and engagement in our Site and short-term, transient use, such as contextual customization of ads;
- Researching and developing products, services, marketing or security procedures to improve their performance, resilience, reliability or efficiency;
- Improving, upgrading or enhancing our business;
- Developing new products and services;
- Ensuring internal quality control;
- Verifying your identity and preventing fraud;
- Enforcing our terms and policies; and
- Complying with our legal obligations, protecting your vital interest, or as may be required for the public good.
- Managing our relationships/communications with individuals: for example, responding to questions and comments or inquiries, inviting individuals to the Company’s events, making proposals for future service needs.
- For collaboration and research purposes: for example, to enable Company to make more informed and objective decisions when identifying, engaging with individuals interested about our business.
- Direct marketing: to provide promotional material and engage in marketing and promotional activities with individuals in accordance with applicable laws.
- Website functions: to ensure that content from our website is presented in the most effective manner for you and for your device.
- Legal or regulatory obligations and the directions of law enforcement agencies and court orders: to comply with our legal or regulatory requirements (reporting for the safety of information and product quality complaints) or to fulfil transparency requirements.
- Sending you newsletters and other marketing material related to our project provided that you consent on these.
- Ensuring that the content of our Site is presented in the most effective way for you and your device.
The Company will process personal data for further purposes, where lawful to do so or when legally obliged to do so.
Legal basis of processing
The Company processes personal data based on one or more of the following conditions:
- Where you have provided your consent (in which cases, such consent can be withdrawn at any time and without giving any reason);
- Where it is necessary to comply with contractual obligations with you;
- Where the processing is necessary for our compliance with a legal obligation;
- Where the processing is necessary to protect the vital interests of an individual;
- Where processing is necessary in the public interest or for a public task; or
- Where the processing is in the Company’s legitimate interest, for example, the Company processes data for the improvement of our products and services, to provide security measures, to protect the Company’s employees, contractors, information and other assets and to prevent crime (such as fraud, financial crime and theft of intellectual and industry property and to ensure the integrity of its manufacturing and other operations), for statistical purposes or in other ways strictly necessary to carry out our business.
Redirect to other websites
Disclosure of your personal data to third parties
Personal data are not disseminated to unspecified recipients. The Company discloses your personal data to third party recipients on a -need to know- basis where this is reasonably permitted to pursue its legitimate business aims and as required by applicable law. Your personal data will be disclosed only in accordance with applicable laws, and appropriate safeguards through contractual agreements which will be established to protect your personal data.
Access to your personal data is provided to the absolutely necessary staff of the Company, which has committed to maintain confidentiality and our partner companies or third party service providers, who process your personal data as persons who execute the process on our behalf and in accordance with our orders.
The Company shares your personal data with:
– Third party service providers who process personal data on behalf of the Company, for example (indicatively mentioned) advice / outsourcing service providers and other providers of support and provision of administrative services that provide support services to us, business associates and associates for the management and maintenance of email distribution, research and analysis, brand and service promotion, Google, Facebook and management of certain services and data under agreements that have been made. In addition, the disclosure of personal data may take place if the Company or all of its assets are acquired by a third party, in which case the personal data held by us as individuals will be included as transferred assets or if the Company has obligation to disclose or share the information of individuals in order to comply with any legal or regulatory obligations.
– To other third parties when you have provided us with your consent.
The following is the policy we apply to those with whom we share your personal data:
– We only provide the information needed to perform their specific services.
– They may use your personal data only for the exact purposes set out in our contract with them.
– We work closely with them to ensure that your personal data are respected and protected at all times.
– If we stop using their services, any of the data they hold will be deleted or anonymised.
International Transfer of Data
The Personal Data we collect for the purposes provided herein are stored in the European Union. However, your personal data may be accessed by staff or suppliers or service providers in, transferred to and stored at, a location outside the EU or the EEA. Where the Company processes personal information in countries that may not provide the same level of data protection as in the EU/EEA or in your own country, where you are resident, the Company will implement reasonable and appropriate legal and technical and organisational security measures with the aim to ensure the security of the processing and in particular to protect your personal data from unauthorised access, use or disclosure.
In particular, for residents of EEA – whenever we transfer your information outside of the EEA, we will take all reasonable steps to ensure that adequate safeguards are put in place to protect your information (unless we are permitted under applicable data protection law to make such transfers without additional formalities e.g. where the recipient country is considered an adequate destination). Such safeguards include the use of European Commission approved standard contractual clauses as mentioned above. Where appropriate we may also ask for your explicit consent.
Security and data retention
We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy, applicable data protection laws and regulations as well as international security standards. All data you provide to us is stored on secure servers and accessed and used subject to our security policies and standards. The Company has implemented reasonable physical, technical and managerial controls and safeguards to keep your personal data protected from unauthorised access, disclosure, alteration, and destruction. Access to your personal data is limited to a restricted number of the Company’s employees whose duties reasonably require such information and third parties with whom the Company contracts to carry out business activities related to the Museum.
We will retain your personal data for the time strictly necessary to achieve the purposes for which the data were collected and any other permitted associated purpose such as provide you with information about the Museum or liaise with regard to cooperation opportunities, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, comply with applicable laws. Data may be retained for a longer duration where applicable laws or regulations require or allow the Company to do so. When your data is no longer needed it will be either irreversibly anonymised (and the anonymised information may be retained) or securely destroyed.
Choices about marketing
If we intend to use your data for marketing purposes or if we intend to disclose your data to any third party for such purposes, we will inform you respectively. You have the right to object to personal data being used for the purposes of direct marketing and newsletters. You can also exercise the right at any time by contacting us as set out below.
Your data protection rights
Under applicable laws and subject to any legal restrictions, you may have the right to request us to:
- Provide you with further details on the processing of your personal information;
- Provide you access to your personal data that we hold about you;
- Update any inaccuracies in the personal information we hold that is demonstrated to be inaccurate or incomplete;
- Delete any personal information that we no longer have a lawful basis to use;
- Provide you or a third party, with a copy of your data in a digital format (data portability);
- Stop a particular processing when you withdraw your consent;
- Object to any processing based on the legitimate interests or public interest to process information, unless our reasons for undertaking that processing outweigh any prejudice to your data protection rights; and
- Restrict certain aspects of the processing of your information.
All data protection related requests should be addressed to the Company at email@example.com.
If we do not handle your request in a timely manner, or if you are not satisfied with our response to any exercise of these rights, you are entitled to lodge a complaint with the competent supervisory authority. Further information and contact details of the competent supervisory authorities can be found
The Company reserves the right to amend this Policy from time to time to reflect technological advancements, legal and regulatory changes, and the Company’s business practices, subject to applicable laws. If the Company changes its privacy practices, an updated version of this Policy will reflect those changes by posting any revisions on with the respective update of the effective date listed on the bottom of this Policy. We therefore encourage you to periodically visit this page to stay informed of how we are using your personal data.
If you have any questions in relation to this Policy, or you want to obtain more information about the Company’s privacy practices, please contact us by email at firstname.lastname@example.org.
Last updated on: March 10th, 2023