Personal Data Protection Policy

Users of this website are informed that the personal data they provide through this website, whether by filling in any form, by e-mail or by any other means, will be processed by the website’s owner, in accordance with this Data Protection Policy.

Who is the Data Controller of your data?

Identity: INSTITUTO DE CONSEJEROS-ADMINISTRADORES, IC-A.; Corporate Tax Id (CIF): G83705889; postal address: C/ Padre Damián, 23 – 28036 Madrid; telephone: +34 913 531 678; email:

For what purposes do we process your personal data?

The data may be processed for the following purposes, depending on the reason for which they were provided:

  1. To respond to requests, petitions, enquiries or complaints and follow up on them.
  2. To manage membership applications to IC-A.
  3. To manage registrations to our training courses, webinars, networking activities and events.
  4. To send commercial communications, both by electronic and non-electronic means.

What is the legitimacy for the processing of your data?

The legal basis for the processing of personal data for the purpose of responding to requests, petitions, queries or complaints will be the consent of the person providing their data, which is expressed through the completion and sending of the various forms provided on our website and/or their initiative to contact via email, and this consent may be revoked at any time. Providing data is voluntary, although if you do not do so, we will not be able to respond to your request, query or complaint. Therefore, the communication of your personal data for these purposes is a necessary requirement for us to be able to deal with requests made in this way. The categories of data processed are contact data.

The legal basis for the processing of personal data for the purpose of handling membership applications and registrations for our courses, webinars, as well as participation in various events is the contractual relationship or the adoption of pre-contractual measures with IC-A. In this case, the data must be provided, otherwise the contract could not be carried out.

Finally, the prospective offer of products and services is based on meeting a legitimate business interest consisting of being able to offer members the possibility of contracting services or products that are of interest to them and thus gain their loyalty. This legitimate interest is recognised by the applicable legal regulations, which expressly permit the processing of personal data on this basis for direct marketing purposes. However, you have the right to object to this processing of your data at any time, and you may do so by any of the means provided for in this legal text. In any case, the authorisation to process the data for this purpose is voluntary and opposition would only result in the fact that you would not receive any commercial information.

How long will we process your data for?

The data retention periods for the various processing operations are as follows:

  1. The personal data provided to make requests, petitions, queries or complaints will be kept for the time necessary to respond to them and to consider them definitively closed. Subsequently, they will be kept as a communications history for a maximum of one year, unless the user requests their deletion.
  2. The personal data provided to manage membership applications will be kept for as long as the legal relationship between the company and the IC-A is maintained and, even after that, until any liabilities that may arise expire and for as long as required by the applicable regulations.
  3. Personal data provided for registration to our training courses, webinars, networking activities and events will be retained until the end of the corresponding activity or event. Thereafter, the data will be retained until any liability arising from the activity or event in question expires.
  4. The personal data provided for the sending of commercial communications will be kept indefinitely, until, where appropriate, the interested party expresses their wish to delete them.

To which recipients will your data be communicated?

The personal data will be processed confidentially and will only be transferred to the Public Administrations, in the cases provided for in the Law and for the purposes defined therein, and to the financial institutions through which the collection and payment management is carried out, where applicable.

What happens with social networks?

If you become our friend or follower on social networks, we will process your data to keep you informed of our activities and promotions through these channels. This data will be processed on the legal basis of your consent and will be retained for as long as you remain our friend or follower, and you may revoke your consent at any time, although this will not affect the lawfulness of the processing previously carried out. Providing the data for this purpose is voluntary, although, if you do not do so, you will not be able to be a friend or follower on the social networks that we have. The categories of data that are processed for this purpose are identifying data.

In those cases in which the user registration is made through social networks, the personal data that we will process will come from the social network in question, to which, the interested party will have previously provided such data for the purposes set out in its corresponding privacy policies. The categories of data that we will collect from the social network in question are those that appear on our registration form and that you have provided to that social network. If, in order to register on our website, more data than those provided by the social network are required, you must additionally complete them on our registration form, subject to the privacy conditions set out in this clause.

What are your rights when you provide us with your data?

Any person has the right to obtain confirmation as to whether or not we are processing personal data concerning them. Data subjects have the right to access their personal data, as well as to request the rectification of inaccurate data or, where appropriate, to request its deletion when, among other reasons, the data is no longer necessary for the purposes for which it was collected.

Under the conditions provided for in the General Data Protection Regulation, data subjects may request the limitation of the processing of their data or their portability, in which case we will only keep them for the exercise or defence of claims.

In certain circumstances and on grounds relating to their particular situation, data subjects may object to the processing of their data. If you have given consent for a specific purpose, you have the right to withdraw your consent at any time, without affecting the lawfulness of the processing based on the consent prior to its withdrawal. In such cases, we will stop processing the data or, where appropriate, we will stop processing it for that specific purpose, except for compelling legitimate reasons, or in the exercise or defence of possible claims.

All the aforementioned rights may be exercised through the means of contact listed at the beginning of this clause.

In the event of any breach of your rights, especially when you have not obtained satisfaction in the exercise of your rights, you may lodge a complaint with the Spanish Data Protection Agency (contact details available at, or other competent supervisory authority. You can also obtain more information about your rights by contacting these bodies.

If you provide data of third parties, you assume the responsibility of informing them in advance of all the provisions of Article 14 of the General Data Protection Regulation under the conditions set out in that provision and having obtained their consent.

The user is responsible for the accuracy of the information provided through this website. To this effect, they are responsible for the veracity of all the data they provide and will keep the information provided suitably updated, in such a way that it corresponds to their current situation. The user will be responsible for any false or inaccurate information provided and for any damages that this may cause to the owner of this website or to third parties.

The owner of this website guarantees the security and confidentiality of the personal data provided. To this end, it has implemented the technical and organisational security measures necessary to prevent their alteration, loss, processing or unauthorised access, in accordance with the provisions of the applicable regulations.