Política de privacitat

Through this privacy policy, Fundació TecnoCampus Mataró-Maresme wants to inform how personal data is treated to everyone who browses and accesses the website www.TecnoCampus.cat.

 

Access to the website does not require prior registration. In any case, the user with their browsing fully accepts this privacy policy. However, before sending any request for information through the contact form on this website, the user must accept the privacy policy, in order to give express consent and informed for the processing of data for the purposes indicated.

 

TecnoCampus Mataró-Maresme Foundation, in accordance with Regulation (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, as well as Organic Law 3/2018, of 5 December, on the Protection of Personal Data and the Guarantee of Digital Rights as the Person responsible for the Processing of the personal data provided, provides the following information:

 

1- Responsible for the Treatment:

  • Company name: TecnoCampus Mataró-Maresme Foundation - from now on TecnoCampus-.
  • NIF: G62034111
  • Registered offices: Avinguda d'Ernest Lluch, 32 - 08302 Mataró (Barcelona)
  • Correu Electronic: rgpd@tecnocampus.cat

2- Data Protection Officer.

The Data Protection Officer is the person in charge of ensuring that this municipal administration complies with and adapts correctly to the current regulations on the subject. data protection. You can contact them in the following ways:

MATARÓ-MARESME TECNOCAMPUS FOUNDATION - rgpd@tecnocampus.cat

 

 

3- Purpose of the treatment

TecnoCampus will process the data incorporated in the forms made available to students and users through the website, for the purposes specified in each of them, in accordance with the regulations established by the RGPD and other provisions of application.

 

4- Legitimation

The legitimacy of the treatment, depending on the procedure, may be based on the consent of the persons concerned and / or the fulfillment of a legal obligation and / or the fulfillment of a mission of public interest and / or the protection of interests. vital and / or the execution of a contract.

In addition, the legal basis for the processing of data for the sending of communications is the prior and express consent that the User grants by ticking the corresponding box, in accordance with the provisions of art. 21 of the LSSI-CE.

 

5- Data retention criteria

The data will not be kept longer than necessary, unless there is a legal obligation.

 

6- Communication of data

The data collected will only be transferred, where applicable, with the prior consent of the person concerned or in accordance with the provisions of the aforementioned legislation.

In any case, in each corresponding procedure, the possible transfers of data to other public administrations or to the corresponding companies will be informed.

 

7- International data transfers

The interested party is informed that for the sending of commercial communications will be made through Mailchimp and Benchmark, with registered office and servers and located in the US. It is also reported that they have the standard contractual clauses that allow international transfers with the guarantees established in the RGPD.

 

8- Rights that assist the interested party

Right of access

The data subject has the right to obtain from the controller the confirmation of whether data affecting him are being processed and if so, he has the right to access this data and the following information:

a) the purposes of the treatment

b) the categories of personal data

c) recipients of your data

d) shelf life

e) the existence of other rights

f) the right to lodge a complaint with a supervisory authority

g) origin or provenance of the data

h) the existence of automated decisions, including profiling, applied logic and the consequences of this treatment

i) in the case of international data transfers, the appropriate guarantees offered.

 

Right of rectification

The data subject has the right to obtain from the controller the rectification of his inaccurate personal data and the completion of those that are incomplete, even by means of an additional declaration.

 

Right of deletion (or right to be forgotten)

The interested party has the right to obtain the deletion of their personal data "right to be forgotten", in any of the following cases:

a) when personal data are no longer necessary in relation to the purpose for which they were collected

b) when the consent on which the treatment was based is revoked

c) when the data subject opposes the processing and no other legitimate interest in its processing prevails

d) when the data has been processed illegally

e) when the data must be deleted in order to fulfill a legal obligation

f) when personal data have been obtained as a result of an offer of information society services aimed at minors, once they are old enough to consent.

 

Right of opposition

The interested party has the right to object, at any time, for reasons related to their particular situation, that their data be processed in the cases set out below. In these cases, the data controller must stop processing the data of the data subject:

a) when the treatment is based on the public interest or the exercise of public powers conferred on the controller.

b) when the controller must stop processing them, unless the controller proves a legitimate interest that prevails over that of the data subject or is necessary to exercise or defend claims.

c) when the purpose of the treatment is direct marketing, including the elaboration of profiles related to this marketing.

d) when the treatment has statistical or scientific or historical research purposes and a reason related to their personal situation is invoked.

 

 

Right to limit treatment

The data subject has the right to obtain from the controller the limitation of the processing of the data, if any of the following four cases are met:

a) if the interested party challenges the accuracy of the personal data, within a period that allows the person responsible to verify its accuracy.

b) if the processing is illegal and the data subject opposes the deletion of personal data and, instead of deleting them, requests that their use be limited.

c) if the controller no longer needs the personal data for the purposes of processing, but the data subject needs them to formulate, exercise or defend claims.

d) if the interested party has objected to the treatment in accordance with article 21.1 of the RGPD, while verifying whether the legitimate reasons of the person in charge prevail over those of the interested party.

 

Right to data portability

The interested party has the right to obtain a copy of their data in a structured, commonly used and machine-readable format. This right implies that the personal data of the interested party are transmitted from one person in charge to another, without the need to be previously transmitted to the same person concerned, whenever technically possible. The right to portability may only be exercised when:

a) the treatment is carried out by automated means.

b) the treatment is based on consent or a contract.

The interested party is also informed that he may revoke the consent to send commercial communications by sending an e-mail to rgpd@tecnocampus.cat

 

Exercise these rights

The student may exercise their rights of access, rectification and deletion (Right to be forgotten), limitation of data, portability of data and opposition, by sending a letter addressed, accompanied by a photocopy of the DNI of the holder of data, at the General Secretariat of the Fundació Tecnocampus Mataró-Maresme (Avinguda d'Ernest Lluch, 32. 08302 Mataró) or by e-mail rgpd@tecnocampus.cat, as well as filing a complaint with the Catalan Data Protection Authority.

FUNDACIÓ TECNOCAMPUS MATARÓ-MARESME informs you that it complies with all the requirements established by data protection regulations and with all the technical and organizational measures necessary to guarantee the security of personal data.

 

Exercise the right to complain to a Control Authority

If you consider that an appropriate response has not been given to your request, you can file a complaint with the Control Authority —Catalan Data Protection Authority—.

 

9- Is it mandatory to provide all the information requested in the forms on the website?

In relation to the form on the website, the User must fill in the markings as "mandatory". Failure to complete the required personal data or to do so in part may mean that TecnoCampus will not be able to attend to your requests and, consequently, TecnoCampus will be exonerated from any responsibility for the non-provision or incomplete provision of the requested services.

The personal data that the user provides to TecnoCampus must be current so that the information in the records is up-to-date and error-free. The user will be responsible for the veracity of the data provided.

 

10- What security measures has the entity implemented?

TecnoCampus informs that the processing of personal data is done at all times in accordance with the applicable regulations on data protection and information society services.

Therefore, and in accordance with Article 32 of Regulation (EU) 2016/679 of 27 April 2016, this municipal administration has the technical and organizational measures to ensure an adequate level of security at risk for:

  1. Pseudonymization and encryption of personal data
  2. The ability to ensure the confidentiality, integrity, availability and permanent resilience of treatment systems and services
  3. The ability to restore the availability and access to personal data quickly, in the event of a physical or technical incident,
  4. The processes for regularly verifying, evaluating and evaluating the effectiveness of the measures established to ensure the safety of treatment.

 

TecnoCampus treatment activities

TecnoCampus, as the person in charge, has compiled a register of treatment activities.

You can access the full description of the treatments, purposes, category of interested parties, category of personal data, category of recipients, international data transfers and retention, here.