Last updated on November 16, 2023.
In compliance with Regulation (EU) 2016/679 of 27 April 2016, on the protection of natural persons with regard to the processing of personal data (GDPR), and Organic Law 3/2018 of 5 December 2018, on the protection of personal data and guarantee of digital rights (LOPD).
1. Introduction
The Catalonia Model United Nations (C’MUN) strongly believes in privacy rights and transparency in the use of personal data. For this reason, C’MUN handles all data related to an identified or identifiable person with due care and compliance with applicable Spanish and European legislation, regardless of the person’s place of residence or nationality.
2. Data Controller
The United Nations Association of Spain, with ID number G08945859 and registered office at Vía Laietana 51, entl. 3ª, 08003, Barcelona, Catalonia, Spain, and enlisted in the National Registry of Associations of the Ministry of the Interior of Spain with the number 9472, is the entity responsible for the data processing described in this text.
This Privacy Policy describes how the United Nations Association of Spain, the C’MUN Secretariat and Staff, and any other affiliated entities or people (collectively referred to as the “Catalonia Model United Nations” or “C’MUN”) manage personal data obtained through interactions with individuals via its websites, emails, or in person (at events, courses, conferences, phone, etc.).
This Privacy Policy does not apply to the collection or use of personal data by third parties, even when their activities are shared through C’MUN’s channels and platforms, nor it applies to any third-party entity participants engage with as part of or during their participation in the conference. C’MUN encourages reading their corresponding privacy policies before interacting with them.
3. Principles of Data Processing
In terms of this Privacy Policy, all data that directly identify a person, such as name and surname, and data that do not directly identify them but can reasonably be used to identify them are considered personal data. The Catalonia Model United Nations processes all personal data lawfully, fairly, and transparently for specific, explicit, and legitimate purposes. As detailed in this Privacy Policy, it complies with its duty of minimisation, accuracy, limitation, and confidentiality.
The Catalonia Model United Nations processes personal data only with the data subject’s explicit consent or when necessary to fulfil contractual obligations with them, except in exceptional cases. Exceptions in which C’MUN may process data without requiring authorisation occur when it is needed to protect the vital interests of individuals, safeguard C’MUN’s or its organisers’ legitimate interests, or when it is required by law. These exceptions are outlined in Article 6 of the GDPR.
4. Purpose and Collection of Personal Data
The stored personal data is collected for specific and legitimate purposes, explicitly or evidently communicated to the subject at the time of its collection. This data will not be subsequently processed in a manner incompatible with these purposes. Data related to the subject may be collected for statistical purposes as long as it is anonymised, making it non-identifiable, and, therefore, ceases to be considered personal data according to this Privacy Policy.
The Catalonia Model United Nations obtains personal data for the stated purposes through the channels chosen by the subject. These channels may include its websites, interactions on its social media profiles, emails, post, phones, in person, or others. Simply visiting or consulting C’MUN’s websites generally does not involve collecting or processing personal data, except for navigation data or cookies. The usage of these technologies is specified in the corresponding section of this Privacy Policy.
5. Data Minimisation
The Catalonia Model United Nations limits the scope of collected personal data to that appropriate, relevant, and limited concerning the purpose for which it was collected.
6. Accuracy and Rights of the Data Subject
The Catalonia Model United Nations provides channels and means for data subjects to assert their rights regarding data protection. These include the right of rectification, erasure, data portability, objection, and objection to automated individual decisions. The conditions for exercising these rights are detailed in the GDPR and the LOPD. The preferred channel for requesting the execution of these rights is the contact form on C’MUN’s website. Alternatively, they can be exercised through post, phone, or fax.
7. Storage Period
To minimise the risk of information leaks and ensure compliance with the commitment to processing data for a single purpose, the Catalonia Model United Nations does not retain personal data for longer than necessary for the initial purpose of its collection. The limitation of the storage period varies in each case, depending on the specific purpose of the personal data and the time of its collection. In all cases, the retention period is adjusted to the duration necessary to achieve the particular objective, including a reasonable time margin in case it is needed for corrections in favour of the data subject, for security reasons, or when the duration is specified at the time of data collection. This limitation does not apply in cases where the law requires otherwise.
8. Security and Confidentiality
The Catalonia Model United Nations is committed to ensuring the security and confidentiality of the personal data it handles. It implements measures, techniques, and technologies aligned with current security standards, providing adequate and proportional protection against the associated risks.
Access to personal data is limited to the necessary personnel and supported by appropriate security measures to prevent unauthorized access. Additionally, suitable solutions for backups and recoveries have been implemented, ensuring the integrity of the information.
Data is stored on computer equipment owned by UNA-Spain or on servers hired for this purpose, under the custody of Strato AG, headquartered at Otto-Ostrowski-Straße 7, 10249, Berlin, Germany. As a result, data storage never occurs outside the European territory, and its custodians are always subject to the GDPR and the conditions of this Privacy Policy. The contract terms with the provider explicitly limit their role in data custody and prevent access by individuals external to the Catalonia Model United Nations.
9. Third-Party Access to Data
Third-party access and transmission are only allowed when visibly explained to the subject when obtaining the data, provided it is justified and for a lawful, legitimate, and compatible purpose with the other points of this Privacy Policy and current legislation.
10. Produced documents, publications, and more
Participation in the Catalonia Model United Nations entails producing documents, sharing messages, comments, and other content. Individuals, by participating, acknowledge the public nature of their contributions and explicitly agree to the corresponding conditions. Including any personal data in these publications is at the subject’s discretion. The produced documents are to be shared with the participants of the conference.
11. Cookies and navigation data
Our website uses cookies to enhance the user experience and optimize functionality. Cookies are small text strings stored in the user’s browser and shared with the website when accessed. The information stored in these cookies can be used for various purposes, from saving settings to tracking and analyzing user interactions.
Cookies can be classified into several categories based on their function, duration, or ownership.
Based on their function:
- Essential or Necessary Cookies: Vital for the basic operation of the website, allowing users to navigate and use its functions.
- Performance Cookies: Collect information on how users interact with the website to enhance performance and user experience.
- Functionality Cookies: Enable the website to remember user choices (username, language, or region) and provide enhanced and more personalized features.
- Advertising or Tracking Cookies: Used to track user activity over time on different websites to deliver targeted advertising.
Based on their duration:
- Session Cookies: Temporarily stored during browsing and removed from the device when the browser is closed.
- Persistent Cookies: Remain on the user’s device for a specific period, even after closing the browser, and are activated each time the user visits the site.
Based on ownership:
- First-party Cookies: Belong to the same domain as the visited website, can only be accessed by it, and are managed by the visited website.
- Third-party Cookies: Belong to a different domain from the visited website, can be accessed and managed by a third party, and are often used to track users across various sites.
Cookies can be managed through browser settings, although each system and browser has its method. It is advisable to check the browser settings to adjust these preferences. It is essential to note that disabling certain cookies may impact some functions of the website.
12. Cookies on the site
| Name | Types | Duration | Description |
| session | Essential, session, first-party | – | Stores the logged in session. |
There may be third-party cookies in the content linked in the articles on the website, necessary to be able to display it. These cookies vary depending on the entry and are not controlled by C’MUN.
