Who is the Data Controller of your personal data?
- Data Controller: FUNDACIÓ EURECAT (“Eurecat” or “Data Controller”)
- Tax Identification Code: G-66210345
- Address: Parc Tecnològic del Vallès. Avda. Universitat Autònoma 23, 08290 Cerdanyola del Vallès Email address: firstname.lastname@example.org
- Telephone: +34 93 238 14 00 Data Protections Officer’s email address: email@example.com
What are the purposes and the legal basis for the processing of your personal data?
The Data Controller shall process your identified and contact data (name, surname, email address…) as the data included at your query, given through the contact form, for the purpose to manage and answer the user contact. The legal basis for its data processing is to develop the proper actions to answer the User’s contact (art 6.1 b) GDPR).
The Data Controller shall process your identified and contact data (name, surname, email address…) as professional data (business activity, position…) through the activity registration form, for the purpose of manage the registration and participation in the activity. The legal basis for its data processing is to manage the proper actions to ensure the User’s registration and participation at the activity.
The Data Controller shall process and have access to user’s navigation data (IP, location, browser…) because of the accessories cookies installed and agreed, for the purpose of improve the Web services and contents, further information regarding cookies data processing’s, consulting the Cookies Policy. The legal basis for its data processing is the consent granted by the user (art 6.1 a) GDPR).
Who are the recipients of your data?
Eurecat is the principal recipient of your data, however, they may be accessible to third parties that develop services to the Data Controller. When access to the user’s data is required for the services developed, it shall be submitted and fulfill with the legal obligations, which are those of article 28 GDPR’S. In any event, the services providers shall not process the user’s data for their own or different purposes and shall not overreach from the services purposes, and, in any case, shall not rent, sold, or make it available to third parties.
The Data Controller shall not transfer your data to third parties without your prior consent, which shall fulfill the legal requirements.
The Data Controller may transfer your data to third parties in case of legal obligations to do so, without the user consent.
How long your data be kept?
Eurecat shall process your data as long as are necessary to the purposes of the processing which the data were disclosed for and, in any case, until you ask its deletion.
Even if the User ask the deletion of the data, the Data Controller shall keep them blocked for the term required to afford legal obligations or make them available to third parties with the proper capacities because of legal issues.
Is your data subject to international data transfers?
Your data shall not be subjected to international data transfer, it means outside the European Economic Area (“EEA”). However, Eurecat may have services suppliers located or whom develop its services out of the EEA, in these sense, the Data Controller shall ensure to the User that their data object to international transfers shall be protected with the legal measures, that may consist on standard contractual clauses or privacy certifications, bot legal measures approved by the European Union.
Is the data subjected to profiling or automated decisions?
Your data shall not be subjected to automated decisions because of Eurecat’s data processing’s.
Eurecat through the accessory cookies installed and agreed by the user, may process user’s navigation data to profiling for the purposes of improve the Web services and contents, to obtain navigation and Web statistics, to develop and implement Web improvements. The cookies profiling is subjected to the cookies installed which are strictly linked to the user consent. You may consult further cookies information consulting the Cookies Policy.
What are your personal data rights?
Current privacy laws granted several rights to the users regarding the processing of their data, main information about them is detailed herein:
1. Right of access: users are entitled to find out which of your personal data are processed and the processing purposes
2. Right of rectification: users are entitled to request the rectifications regarding their data at any time
3. Right of erasure: users are entitled to request, at any time, that their data shall be erased from the data controller storage. However, as set out in the above section related on data storage, in certain circumstances to compliance with the laws in force may prevent this right from being exercised
4. Right to object: users are entitled to object to their personal data from being processed in relation to any of each purposes processing’s, pursuant to the privacy policies that may apply in each case.
5. Right to restriction of processing: users are entitled to request the restriction of purposes processing’s in the following cases:
a. If considers that their data are incorrect or inexact;
b. If considers that their data has been processing with not the proper legal basis and considered to restrict the processing’s instead of requests its erasures;
c. If the data recorded are no longer required for the processing purposes which were collected for but need its storage to file a lawful claim;
d. If the user having exercised its right to object for a specific purpose, is awaiting a reply from the data controller to this regard
6. Right to data portability: user is entitled to request that their personal data that were submitted to the data controller are being disclosed to another data controller, only in case that its request is technically possible and reasonable to do so.
How may you exercise your data rights?
Notwithstanding that your data has been collected within your consent or the proper legal basis, you may object to the data processing at any time whereby without consequences for you, however, depending on the right exercised certain services shall not be able to be rendered.
The users may exercise their rights according to the law terms and conditions by addressing to Eurecat through either of the following: (i). by email address to firstname.lastname@example.org
(ii). by postal to Parc Tecnològic del Vallès. Avda. Universitat Autònoma 23, 08290 Cerdanyola del Vallès (BCN)
The user may have the right to contact to the Data Controller Data Protection Officer by email to email@example.com
The users if considers that their data shall not been processed with legal basis or its requests or rights shall not been attended properly by the Data Controller, are entitled to file a claim upon the Supervisory Authority competent on data protection matters, it is the Agencia Española de Protección de Datos (www.aepd.es ).