The Global Business & Finance Association (GBFA), headquartered in Madrid, Spain, is committed to protecting the privacy and security of your personal data. This Privacy Policy outlines how we collect, use, and safeguard your information in accordance with the EU General Data Protection Regulation (GDPR) and the Spanish Organic Law on Data Protection (LOPDGDD).

The entity responsible for your personal data is: Global Business & Finance Association Madrid, Spain Email: info@gbfassociation.com

We collect information that you provide directly to us or that we obtain through your use of our website and services, including:

• Identity Data: Name, surname, professional title.
• Contact Data: Email address, phone number, and business address.
• Professional Data: Company name, industry sector, and professional background (for membership and awards).
• Technical Data: IP address, browser type, and cookies (subject to your consent).

Under the GDPR, we process your data based on the following legal grounds:

• Consent: When you subscribe to our newsletter or accept cookies.
• Contractual Necessity: When you apply for membership or register for the GBFA Awards.
• Legal Obligation: To comply with financial reporting or regulatory requirements.
• Legitimate Interest: To improve our services and communicate relevant association updates.

We use your information to:

• Process and manage your membership and awards nominations.
• Provide access to exclusive financial insights and networking opportunities.
• Send administrative information and marketing communications (with your consent).
• Ensure the security and functionality of our website.

We retain your personal data only for as long as is necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. Typically, membership data is kept for the duration of your membership plus the statutory limitation periods.

GBFA does not sell your data. We may share data with trusted service providers (IT hosting, email services) under strict confidentiality agreements. As a global association, if data is transferred outside the European Economic Area (EEA), we ensure it is protected by Standard Contractual Clauses (SCCs) approved by the European Commission.

As a resident of the EU (or under GDPR protection), you have the following rights:

• Right of Access: Request a copy of your personal data.
• Right to Rectification: Request correction of inaccurate data.
• Right to Erasure ("Right to be Forgotten"): Request deletion of your data.
• Right to Restrict Processing: Limit how we use your data.
• Right to Data Portability: Receive your data in a structured, machine-readable format.

Right to Object: Object to processing based on legitimate interests or direct marketing.

Our website uses cookies to enhance user experience. You can manage your preferences through your browser settings or our cookie consent banner.

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at:

Email: info@gbfassociation.com

If you feel that your data has been handled incorrectly, you have the right to lodge a complaint with the Agencia Española de Protección de Datos (AEPD), the Spanish supervisory authority (www.aepd.es).