Caring for life and the planet

Privacy Policy

This Privacy Policy is a Statement of the SOYSOL FOUNDATION to inform you of how we collect, store, process and protect your personal data, as a result of the use of this website, and what your rights are in this regard.

We consider it very important to provide you with this information and that you read and understand it. For this reason, we have tried to use a clear, simple and, as far as possible, transparent language.

We guarantee that you will always be in control of your personal information and we will never unlawfully or unfairly use your personal data. This means that we will use the data that you provide us for the strict and legitimate purposes of our activity, trying at all times not to undermine or harm any right or interest that affects you. Likewise, we guarantee that we will not treat your data for ulterior purposes incompatible with those initially declared.

This Privacy Policy has been prepared in accordance with the principles and standards approved by Regulation (EU) 2016/679, of April 27, known as the General Data Protection Regulation or “RGPD”, as well as, for what is appropriate , with the provisions of Organic Law 3/2018, of December 5, on the Protection of Personal Data and Guarantee of Digital Rights or “LOPDGDD”.


Name of the person in charge of the treatment: SOYSOL FOUNDATION, entity that, from now on, will receive the name of the “Responsable”.

NIF: G42937482

Adress: Calle San Isidoro de Sevilla 11, 28005 Madrid (Spain)

Email address:

Telephone: 622.742.645

Registration registration: [Poner la inscripción en el Registro de Fundaciones cuando esté disponible]

Both the address and the email address provided above are fully effective for the purposes of notifications regarding data protection issues.

Likewise, through the forms established on the web for this purpose, you can contact us to send as many clarifications, suggestions or notifications as you deem appropriate.


2.1. Generalities
When you use our website, the Controller may collect personal data that concerns you in any of the following ways:

Cuando contacta con nosotros a través de algún canal de comunicación dispuesto como funcionalidad de la presente web (por ejemplo, a través del formulario de contacto o vía correo electrónico).

Cuando usted introduce sus datos para cumplimentar alguno de los formularios que encontrará en nuestro sitio web

Mediante la utilización de cookies y tecnologías similares (dispone de más información en nuestra
Cookies policy ).

2.1.4. Finally, without the need for you to provide us with any personal information, with access to any page of this site, the web server will automatically store the access data in the so-called server log files or logs, which are communicated automatically. by your browser, such as the requested URL, the last visited web page, the date and time of access, the browser used, the amount of data transferred, or, among others, the IP address (which is considered personal data).

2.2. Google ReCaptcha
In order to prevent spam attacks directed by automated software (generally known as “bots”) against the forms on this website, we use the Google ReCaptcha service, from the Google company.

In the terms of Google ReCaptcha, the Google company recognizes that said ReCaptcha solution works by embedding JavaScript code that is used to collect hardware and software information, such as device and application data, or the IP address, and sends them to Google to analyze them. The information that is collected about the use made of ReCaptcha will be used to improve said service and for general security purposes. It will not be used for purposes related to personalized Google advertising.

Access link to the Google ReCaptcha Terms of Service:

You can reject the collection of data generated by JavaScript or by cookies and related to the use of the website (including your IP address) by selecting the appropriate settings on your browser. However, it is likely that if you do so, you will not be able to use all the functionalities of this website. Please note that this could limit some functionality of our website (eg contact forms).

2.3 Facebook
As the administrator of a website that includes the Facebook module, social connector or “like” button, the Controller is jointly responsible, together with Facebook Ireland Ltd., for the collection and communication by transmission of certain data of the visitors to this site. web, such as the IP of the device, browsing data and information about the desired content (user preferences).

Notwithstanding the foregoing, only Facebook Ireland Ltd will be responsible for the processing of the data once they are communicated to it.

In this Facebook link ( You can find information about Facebook’s Data Policy as well as a way to contact your Data Protection Officer.


We use your personal data for the following purposes:

Gestión del contacto, así como de la respuesta y atención al usuario.

Gestionar el envío de comunicaciones comerciales por vía electrónica.

Gestionar la ejecución del contrato:

– when you purchase any of the products and / or info-products offered and promoted on the website,
– or when you donate a monetary amount to the Responsible
– or when you acquire the condition of partner / associate, by accepting the corresponding membership agreement.

3.4. Manage requests for collaboration as volunteer staff.

3.5. Compliance with our legal billing and tax obligations.

3.6. Analysis of the behavior of users on the website, in order to improve the usability of the service or for statistical purposes, using cookies and similar technologies.

3.7. Management of the correct operation, maintenance and effective security of the website.


The Responsible uses the following bases of legitimation of their personal data

Intereses legítimos del responsable (artículo 6.1 letra f del RGPD)

This legal basis of “legitimate interests” means that we can process your personal data if we have a real, present and legitimate interest in doing so, and our treatment does not harm your rights and interests. Our legitimate interests and yours may even be aligned in some cases.

For this reason, the Responsible Party will use this legal basis to process the personal data that you use in order to contact us through the functionalities offered by this website, to the extent that this does not cause undue risk or harm to your rights and interests. We will also treat your personal data (eg your IP address) for legitimate interest in order to provide greater security to the website or for the prevention of computer crimes (eg by restricting the number of requests for access to the administration of the site. web with wrong credentials).

Extract from the legitimate interest weighting judgment: The treatments are necessary to achieve the objectives of the Responsible, specifically, to be able to communicate electronically with its clients, prospects and other contacts. Likewise, users are interested in being able to contact us by these means and it is within their reasonable expectations that such contact data processing is carried out. On the other hand, the Responsible Party is interested in providing security and confidence to the interactions and economic transactions that may take place on the website, as well as in avoiding actions of computer crime and preventing electronic fraud, communicating, where appropriate, the data collected from the State Security Forces and Bodies, as well as competent Judges and Tribunals.

Consentimiento del interesado (artículo 6.1 letra a del RGPD)

We will request your express, prior, free, informed and unequivocal consent for the use of cookies that are not strictly necessary for the correct technical functioning of the website, for example, analytical cookies. You can check our Cookies policy .

In the same way, through the corresponding subscription form, we will request your express consent to be able to send you editorial content, information or commercial communications related to the Responsible’s services electronically.

We will also require your prior consent for the treatment of your curriculum vitae data, that is, data related to academic, professional and work circumstances, if you make a request to the Responsible for collaboration as a Volunteer or Volunteer (“Become a volunteer”).

4.3. Execution of a contract (article 6.1 letter b of the RGPD)

In order to properly execute and execute the contracts entered into with the User, the Controller needs to process information and personal data relating to the contracting person. In general terms, on our website the User can:

  • Buy or purchase certain products in the website’s online store
  • Donate a monetary amount to the association
  • Celebrate a membership contract (Become a member)

4.4. Compliance with a legal obligation (6.1 letter c of the RGPD)

We could use the data provided by the user when contacting the Responsible, to comply with our legal billing and tax obligations.

On the other hand, and by virtue of different legal regulations, the Responsible Party would be obliged to process and / or transfer certain data for the purpose of defending claims, exercising rights or investigating crimes.


We collect the minimum possible amount of personal data to be able to carry out the provision of the information society service that you have requested from the Responsible Party.

None of the data processed by the Responsible on this website is of a special or sensitive category.

At the time of collecting personal data through this website, we will inform you about which of your personal data is mandatory to be able to provide the corresponding services (usually by marking them with the asterisk symbol or with the legend “mandatory”).

We consider it important that you understand that the omission of the mandatory data could lead to the impossibility of providing and / or correctly contracting the products and services described, facilitated or promoted on this website.

So that the information contained in our treatment system is always up-to-date and does not contain errors, we ask that you inform us as soon as possible of any modifications and rectifications that should be made on your personal data.

These are the categories of data processed when you use the website:

5.1. Identifiers: name, surname, nif

5.2. Contact: email address, telephone number, postal address.

5.3. Connectivity: IP address and other details (metadata) of your online browsing activities on our website

5.4. Payment details: credit card details

5.5. Data of academic, professional and / or work circumstances: data of curriculum vitae


The offer of content, products and / or services on this website is not deliberately directed to minors. Therefore, we do not knowingly collect information or personal data from children under fourteen (14) years of age.

Please pay attention! If you are a minor, it is required that you have the prior consent of your parents, guardians or legal representatives before proceeding to include your personal data in any of the forms on this website.

In the event that the parents, guardians or legal representatives of minors consider that their children or ward under the age of 14 have provided the Responsible with personal data without their mandatory consent, please contact us by writing to the email address indicated in section 1.


We will not transfer the data collected through the functionalities provided on this website to any other company or organization.

Only when a rule of European Union Law or Spanish Law obliges us to do so, may we communicate your data to the appropriate Public Administrations, to the competent authorities, as well as, where appropriate, to judges and courts.

We will also resort directly to some suppliers to be able to adequately provide you with the services that this website consists of as well as to process the shipment of the orders that you place.

In this regard, we inform you that when your personal data is to be processed on behalf of the Responsible, we will only choose providers (treatment managers) that offer sufficient guarantees to apply appropriate technical and organizational measures and that guarantee the rights of the interested. You can write to us at any time (contact information in Section 1 of this Policy) so that we can inform you about those in charge of treatment who, in the use of the functionalities of this website, could have access to your personal data on behalf of the Responsible Party .


In which cases could your personal data be transferred to a third country outside the European Economic Area?

In principle, the Responsible Party does not contemplate this possibility, except for the following exceptions:

8.1. Some cookies used by this website (as specified in the Cookies policy ) could transfer certain data, such as your IP address or certain navigation parameters or settings of your device or terminal, to servers of the Google company (Google LLC) located in the United States of America.

Note: At this time, the Responsible Party is analyzing the impact of the judgment of the Court of Justice of the European Union in the Schrems II case, by which the Privacy Shield is annulled, or Privacy Shield (adaptation decision of the European Commission by the one that declared that the United States granted an adequate level of protection to the data of European citizens). On the other hand, the Responsible is studying the viability of using exclusively providers that do not transfer personal data outside the territory of the European Union, as well as the most appropriate and guaranteed formulas for the transfer to third countries to be carried out in full compliance with the RGPD. and within the framework of what may be established by the European Commission and the European Data Protection Committee.



We will keep your personal data as long as said retention is necessary to fulfill the purposes for which they were collected, as well as during the limitation periods for legal actions that may arise from your relationship with the Responsible Party.

Likewise, we will keep your data as long as you do not withdraw your consent (in the event that this is the legitimacy of the treatment), or as long as you do not request the deletion of said data, or the limitation or opposition to the treatment by the Responsible Party.


10.1. Rights of the interested party or owner of personal data:

10.1.1. Right of access: you have the right to obtain from the Responsible party confirmation of whether or not you are treating personal data that concerns you. The Responsible, where appropriate, will provide you with a copy of the personal data that is the object of the treatment.

10.1.2. Right of rectification: you have the right to obtain without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the treatment, you will have the right to complete incomplete personal data, including by means of an additional declaration.

10.1.3. Right to erasure: you have the right to obtain without undue delay the erasure of personal data that affects you. When the circumstances expressed in article 17.1 of the RGPD concur, the Responsible Party would be obliged to delete their data without delay.

10.1.4. Right to data portability: you have the right to receive the personal data that concern you in a structured, commonly used and machine-readable format, and to transmit them to another data controller without our preventing it, when the treatment is based on your consent. and, in addition, it is carried out by automated means.

10.1.5. Right of limitation of treatment: when the processing of your personal data has been limited by virtue of a request on your part, said data may only be processed, with the exception of the mere conservation, with your consent or for the formulation, the exercise or defense of claims, or with a view to protecting the rights of another natural or legal person, or for reasons of important public interest. You will have the right to obtain the limitation of the processing of your personal data when any of the circumstances provided for in article 18.1 of the RGPD are met.

10.1.6. Right of opposition: you have the right to object at any time, for reasons related to your particular situation, to the fact that personal data that concerns you are subject to a treatment based on the legitimate interests of the Responsible or third parties.

We remind you that when the legal basis for data processing is your consent, you will have the right to withdraw said consent always and in any case, and as easily as you gave it to the Responsible.

You also have the right to file a claim with the respective control authority, generally the Spanish Data Protection Agency, if it considers that the Responsible Party has not correctly fulfilled the exercise of its rights. For more information, you can go to its website at thislink.

Finally, you also have the right not to be the subject of a decision by the Controller based solely on the automated processing of your personal data, including profiling, which produces legal effects or significantly affects you in a similar way.

10.2. How can you exercise these rights

You can exercise the aforementioned rights at any time by email addressed to the address listed in section 1 (Identity of the Responsible and Contact), or by sending a letter and accompanying a copy of your official identity document (DNI, NIE, etc. ) to the address of the Responsible Party (it also appears in section 1 of this Privacy Policy). A copy of the aforementioned official identity document will not be required in those situations where the identity of the person exercising the corresponding data protection right can be verified by other means.

You have more information about your rights, and even forms or models for their exercise in this website of the Spanish Agency for Data Protection .


The privacy of users and the security of personal data are key principles and firm commitments in the action and interaction of the Responsible with personal data.

Taking into account the state of the art, the costs of application, and the nature, scope, context and purposes of the treatment, as well as the risks of variable probability and severity for the rights and freedoms of natural persons, the Controller will apply appropriate technical and organizational measures to guarantee a level of security appropriate to the risk. Said technical and organizational measures will be aimed at reducing and minimizing the risks of loss, misuse, alteration, unauthorized access, or disclosure of said personal information that concerns you.

In other words, we will take the necessary measures to protect the confidentiality, integrity and availability of your data.

We will also require adequate security measures, both technical and organizational, from our suppliers, especially those who provide us with web hosting services.

To provide you with more security, this web page has installed an SSL (Secure Socket Layer) certificate that allows the communication of information between client and server to be transmitted encrypted.


In order to effectively implement the principle of proactive and constant compliance with the data protection regulations, as well as attending to our duty of transparency with the interested parties, it is likely that we will modify this Privacy Policy from time to time, if the circumstances of the processing of your personal data.

We will make the most diligent efforts to notify you of any significant change to this Privacy Statement that could have an impact on your rights or interests as the owner of personal data.


To clarify any doubts, questions or concerns raised or not resolved by reading this Privacy Policy, you can contact us at the postal and electronic addresses outlined in Section 1.

Last update: April 2021-.

You are SoySol

If you have lost your faith in human beings or even in yourself, we would like to tell you that we believe in you. Our dream is possible.