USHUAÏA ENTERTAINMENT S.L. and THE NIGHT LEAGUE, S.L. (hereinafter, “joint controllers”) are particularly committed to protecting the personal data of the Users of the website services and their customers. Through this Privacy Policy (or Data Protection Policy), Users of the website are informed about the uses to which their personal data is subjected, so they can decide freely and voluntarily whether they wish to provide the requested information.
The joint controllers reserve the right to modify this Policy. Any modifications will be announced in advance to ensure users are fully informed of its content.
There is joint responsibility for data processing between THE NIGHT LEAGUE, S.L., with NIF B16596009 and located at Apartado de Correos 1020, 07817 Sant Jordi de Ses Salines, (Balearic Islands), Spain, and USHUAÏA ENTERTAINMENT S.L., with NIF B57794620 and located at Avenida Bartolomé Roselló, 18, 07800 Ibiza (Balearic Islands), Spain, which has a Data Protection Officer whose email address is data.protection@thenightleague.com.
The data processing performed by THE NIGHT LEAGUE, S.L. and USHUAÏA ENTERTAINMENT S.L., as joint controllers, is aimed at:
For USHUAÏA ENTERTAINMENT S.L., the data processing is carried out to manage the leisure establishment and/or event, including ticket sales/purchases and reservations, as well as the management and representation of artists. This includes:
The processing is based on:
The personal data comes from the reservation of spaces and ticket purchase made by the interested party or from the forms completed by them, or from the user experience at events or shows. If the data does not come directly from the interested party, it will originate from the reservation or ticket purchase made by the interested party through a third party.
The personal data provided will be retained during the course of our relationship and later for the period required to comply with legal obligations or to respond to potential claims during the civil prescription period, adopting security measures for its storage.
The involved entities have adopted security measures aimed at protecting the confidentiality, integrity, and availability of the information, both with organizational and technical measures. Among other measures, the entities have the following: a) Data blocking procedures: In accordance with Article 32 of Organic Law 3/2018 on Personal Data Protection and Digital Rights Guarantee, the entity blocks the data to prevent processing. b) Security breach management procedures: The entities have technical measures to detect security incidents that may affect data processing. Once a security incident is detected, the entities have established measures to address the incident and, if necessary, notify the relevant authorities and/or the affected parties. c) Pseudonymization and data encryption procedures: With this measure, the joint controllers ensure that the data is handled with maximum confidentiality. d) Procedures to restore the availability and access to personal data in case of technical or physical incidents.
The involved entities regularly evaluate the effectiveness of technical and organizational measures to ensure the security of data processing.
The personal data you provide to the joint controllers may be communicated to the following categories of recipients:
The entities acting as controllers do not sell, market, or engage in similar activities with your personal data. They only process your data for the purposes stated. These entities may have service providers with access to personal data (Data Processors). Some of these service providers may be located outside the European Economic Area, and thus international data transfers may occur, in any case complying with the appropriate safeguards in accordance with Chapter V of the GDPR.
However, the data subject may exercise the following rights under the General Data Protection Regulation:
The data subject may exercise these rights by submitting a request specifying which right they wish to exercise, addressed to either of the joint controllers at the addresses provided above. In any case, USHUAÏA ENTERTAINMENT S.L. has been designated as the point of contact for the exercise of rights at Avenida Bartolomé Roselló, 18, 07800 Ibiza (Balearic Islands), or by email at data.protection@thenightleague.com. If the entity has doubts about your identity, it may request a passport/official identity document or equivalent identification. You may also contact the Data Protection Officer at USHUAÏA ENTERTAINMENT S.L. at data.protection@thenightleague.com.
If you consider your personal data protection rights have been violated, you may file a complaint with the relevant supervisory authority: the Spanish Data Protection Agency (www.aepd.es).
Last update: November 2024