Privacy Policy

1. Data Controller

Spanish Federation of Recreational and Tourist Port Associations (Marinas de España)

• Tax ID: G-29.XXX.XXX
• Registered address: [Federation's registered address]
• Contact email: [email protected]
• Phone / WhatsApp: +34 679 380 485

2. Purpose of Data Processing

Personal data collected through the registration form for the 2nd Spanish Marinas Congress will be processed for the following purposes:

• Managing registration and participation in the congress.
• Processing registration fee payments through the secure Stripe payment gateway.
• Sending event-related communications (registration confirmation, logistical information, updated programme).
• Preparing accreditations and congress materials.
• Complying with legal and tax obligations arising from the contractual relationship.

3. Legal Basis

The legal basis for data processing is:

• Consent of the data subject, given by accepting this privacy policy in the registration form.
• Performance of a contract, arising from the service provision relationship linked to congress registration.
• Compliance with legal obligations, particularly those of a fiscal and accounting nature.

4. Data Collected

The following data is collected through the registration form:

• Full name
• Email address
• Contact phone number (optional)
• Organisation or port affiliation (optional)
• Position or role (optional)
• Notes (optional)

Payment data (card number, expiry date, CVV) is managed directly by Stripe, Inc. and is never stored on our servers.

5. Recipients

Personal data may be disclosed to:

• Stripe, Inc. — payment processor, based in the United States, adhering to the EU-US Data Privacy Framework.
• Public authorities — where necessary to comply with legal obligations.
• Organising entities — Government of the Canary Islands and Canary Islands Ports, as event co-organisers, exclusively for congress logistical purposes.

No international data transfers will be made other than those strictly necessary for payment processing through Stripe, which has adequate safeguards in accordance with the GDPR.

6. Data Retention

Personal data will be retained for the time necessary to fulfil the purpose for which it was collected and, subsequently, for the legally established periods to address any liabilities arising from the processing.

7. Data Subject Rights

In accordance with the General Data Protection Regulation (GDPR) and Spanish Organic Law 3/2018 on Personal Data Protection, data subjects may exercise the following rights:

• Access — to know what personal data is being processed.
• Rectification — to request correction of inaccurate data.
• Erasure — to request deletion of data when no longer necessary.
• Restriction — to request restriction of processing in certain circumstances.
• Portability — to receive data in a structured, commonly used format.
• Objection — to object to data processing in certain circumstances.

To exercise these rights, please contact [email protected] stating your full name and the right you wish to exercise. You also have the right to lodge a complaint with the Spanish Data Protection Agency (AEPD) at www.aepd.es.

8. Security

We have adopted the necessary technical and organisational measures to ensure the security of personal data and prevent its alteration, loss, unauthorised processing or access. These measures include encryption of communications (HTTPS/TLS), the use of PCI-DSS certified payment gateways (Stripe), and access control to information systems.

9. Cookies

This website uses strictly necessary technical cookies for the operation of the registration service and user session. No third-party tracking, analytics or advertising cookies are used.

10. Amendments

We reserve the right to amend this privacy policy to adapt it to legislative or case-law developments. In the event of substantial changes, users will be informed through this page.