The Honorable Chapter of the S.M. and P.I. Cathedral of Seville (hereinafter, the Chapter of the Cathedral of Seville) is committed to regulatory compliance regarding the Protection of Personal Data, respecting the privacy of the data collected, as well as the confidentiality, integrity, and security thereof.

This policy will apply to users who provide us with their personal data through https://catedraldesevilla.es/ and to all natural persons who provide us with their data through the various channels enabled for this purpose by the Chapter of the Cathedral of Seville. To this end, we inform you about the processing of your personal data as indicated in the European General Data Protection Regulation (GDPR) and in Organic Law 3/2018 on the Protection of Data and guarantee of digital rights (LOPDGDD).

Who is the Controller of your data?

• EXCMO. CABILDO DE LA S.M. Y P.I. CATEDRAL DE SEVILLA. CIF: R-4100146B.
• Address: Avenida de la Constitución s/n, 41001 – Seville.
• Telephone: :954214971
• Email: info@catedraldesevilla.es

Data Protection Officer (DPO)

The DPO informs and advises us on the requirements regarding the protection of personal data, supervising its compliance. If you have any questions or need additional information about the processing of personal data by the Chapter of the Cathedral of Seville, you can contact our Data Protection Officer at the following email address: dpo@catedraldesevilla.es

For what purposes do we process your personal data?

We will process the personal data you provide us with the following purposes:

1. Manage the purchase and sale of tickets and access to visits to the Temple. It is mandatory that you provide your personal data for this purpose since, otherwise, the purchase and sale of tickets cannot be managed.
2. Verify the identity of the visitor who holds the ticket and compliance with the requirements for the application of discounts.

In order to guarantee that access to the Temple is carried out by the person holding the nominative ticket, as well as to verify that the necessary conditions are met for the application of reduced rates, a visual check of the identification documentation and, where appropriate, of the supporting documents that prove the right to the discount will be carried out (for example, identity document, student card, unemployment or disability card, among others). This check is carried out at the time of access to the Temple and does not involve the conservation or registration of said documents or the personal data contained therein. The provision of this documentation is necessary for the use of nominative and/or subsidized tickets; if it is not accredited, the Chapter of the Cathedral of Seville reserves the right of admission or to require the payment of the difference in the amount until reaching the price of the general rate.

1. Manage user information and contact requests (queries, communications, requests…), to respond to them and carry out subsequent monitoring. Providing data for this purpose is voluntary, however, if you do not provide them, your request cannot be answered.
2. Manage commercial relations with our suppliers, including the billing and payment processes for services. For this purpose, it is mandatory that the supplier provide their data, since otherwise the execution of the contract would be prevented.
3. Sending newsletters (commercial communications) about our activities or new cultural offers and visits to the Temple. We will send you our newsletter if you give us your consent in the specific form. If you are our client, we will send you our newsletter unless you express your opposition by checking the corresponding box at the time you provided us with your data or, subsequently, when you notify us of your opposition through any enabled means.

On the other hand, if you finally do not contract our products or services, we will not send you such communications, unless you expressly authorize us to do so.

1. If you are a follower of our corporate profiles on social networks, we will process your data to inform you of our activities, promotions, and news about the Chapter of the Cathedral of Seville. The fact of providing your data for this purpose is voluntary. The categories of data that are processed for this purpose are identifying.

How long do we process your data?

We will keep your personal data for the following periods:

1. The data processed to manage the purchase and sale of tickets will be kept until the day the visit takes place. Subsequently, we may keep your data for the legally established period until the possible responsibilities derived from the contract prescribe.
2. The data processed when verifying the content of your accreditation documents regarding the tickets are not kept, being only viewed at the same time of access to the Temple, immediately. In no case are the documents shown or the personal data contained in them stored or registered.
3. The data processed for the management of information requests will be kept for the time necessary to process and respond to them. Once it is finished, we will keep your data blocked as a communication history for a maximum period of one year, unless you request its deletion.
4. The data processed to manage relations with our suppliers will be kept for the duration of the service provision contract between the parties. Once said relationship ends, we may keep your data for the legally established period until the possible responsibilities derived from the contract prescribe.
5. The data for sending newsletters about our activities or new cultural offers and visits to the Temple will be kept indefinitely until you indicate your willingness to delete them or stop receiving such communications.
6. In the case of our profiles on social networks, your data provided will be kept as long as you remain a follower on the platform in question.

What is the basis that legitimizes the processing of your data?

The legal basis for the processing of your data, both to manage the purchase and sale of tickets and to verify the content of the accreditation documents at the time of access to the Temple, is the execution of the ticket purchase contract.

The legal basis for responding to information requests is your consent. Said consent may be withdrawn at any time, however, this will not affect the legality of the treatments carried out previously.

If you are a supplier, the legal basis for the processing of your data is the execution of the service provision contract between the parties.

The sending of newsletters to interested parties about our activities or new cultural offers and visits to the Temple is based on your consent. Said consent is revocable at any time, however, this will not affect the legality of the treatments carried out previously. To oppose said treatment, you can express it through any means of contact established here.

The data provided through social networks will be processed based on your consent, and may be revoked at any time without affecting the legality of the treatments carried out previously.

To which recipients will your personal data be communicated?

Your data will be communicated to the following entities:

1. Competent Public Administrations, such as Courts and Tribunals, according to the cases legally provided for and in the purposes defined therein.
2. Financial entities to be able to carry out the management of payments and collections of services.

Although it is not a transfer of data, the Chapter of the Cathedral of Seville works with third-party companies, suppliers, who will process personal data in their capacity as data processors, in order to guarantee the service provided. These suppliers access your data according to our instructions and based on an agreement by which they are obliged to comply with the regulatory requirements regarding data protection.

What are your rights regarding data protection?

Any person, by writing to the Chapter of the Cathedral of Seville at Avenida de la Constitución s/n, 41001 – Seville, or through the email address dpo@catedraldesevilla.es, can exercise the following rights:

• Right of access: Right to obtain confirmation on whether or not we are processing your personal data and to know the purpose for which they are being processed, the categories of data affected, the recipients to whom your data is communicated, and the retention period.

Form for exercising the right of access

• Right of Rectification: Right to rectify your data when they are inaccurate.

Form for exercising the right of rectification

• Right of deletion: Right to delete your personal data when, among other reasons, they are no longer necessary for the purposes for which they were collected.

Form for exercising the right of deletion

• Right of opposition and revocation of consent: If you have given your express consent for a specific purpose, you may withdraw it at any time, although it would not affect the legality of the treatments carried out previously.

Form for exercising the right of opposition

• Right to limitation of treatment: In certain circumstances, you may request that the treatment of your data be limited, being exclusively treated for the exercise or defense of possible claims.

Form for exercising the right to limitation of treatment

• Right to portability: Right to receive your personal data provided in a structured way and to transmit them to another controller.

Form exercising the right to portability

• Right not to be subject to automated individual decisions: If automated decisions are adopted, including the elaboration of profiles, you have the right to challenge it.

Form exercising the right not to be subject to automated individual decisions

These rights are free and you can exercise them at any time. Only if there are reasonable doubts about your identity as a natural person, we may request additional information to prove it.

If you consider that your rights have been violated, you can file a claim with the Spanish Data Protection Agency through its Electronic Headquarters. More information at www.aepd.es.

In compliance with the provisions of article 21 of Law 34/2002 on Services of the Information Society and Electronic Commerce, if you do not wish to receive more commercial communications about our activities or new cultural visits, you can exercise your right of opposition in the same email by clicking the link “Unsubscribe” or similar mention. Likewise, you can also exercise your right of opposition at the email address dpo@catedraldesevilla.es, including in the subject the word “Unsubscribe newsletter” and then your email address or mobile phone number.

What security measures do we adopt to protect your personal data?

The Chapter of the Cathedral of Seville has adopted the necessary technical and organizational measures to protect the integrity, availability, and confidentiality of your data.

The staff of our organization with access to your personal data has been trained and is aware of their obligations in relation to the processing of your personal data, in order to guarantee confidentiality in the processing.

The contracts signed with our suppliers include clauses in which they are required to maintain the duty of secrecy regarding the personal data to which they may have access by virtue of the assignment carried out, as well as to implement the necessary technical and organizational security measures to guarantee, in any case, compliance with data protection regulations.

What is your responsibility as the data owner?

When you provide us with personal data, you guarantee that it is true, accurate, complete, and updated. Likewise, the person who provides us with their personal data guarantees that they are over 14 years of age.

The interested party is responsible for the veracity of the data communicated, being responsible for the false and inaccurate data that they may provide, as well as for the damages, direct or indirect, that may arise.

If you provide personal data of third parties, you assume the responsibility of informing them in advance about the provisions of article 14 of the RGPD.