Privacy Policy
Initial information
FUNDACIÓ EURECAT considers your personal information very important. For this reason, we handle it in a confidential and secure manner. We are committed to ensuring the privacy of personal data at all times and to not collecting unnecessary information.
To access our website, you do not need to register beforehand. If you require more information, you can contact us through the form available on our website, provided that you agree with our privacy policy, which you must accept to give your explicit consent for the processing of data for the purposes indicated.
In accordance with Regulation (EU) 2016/679 of April 27, 2016, relating to the protection of natural persons with regard to the processing of personal data and the free movement of such data, as well as Organic Law 3/2018 of December 5, on the Protection of Personal Data and Guarantee of Digital Rights, we provide you with information about the processing of your data through this Privacy Policy.
- Who processes the data?
Identity: FUNDACIÓ EURECAT (“Eurecat”)
Tax ID (NIF): G66210345
Address: Parc Tecnològic del Vallès, Avinguda Universitat Autònoma, 23 – 08290 Cerdanyola del Vallès
Legal email: legal@eurecat.org
Phone: +34 93 238 14 00
- Data Protection Officer
Data Protection Officer contact: dpo@eurecat.org
- What data do we collect, for what purposes, and for how long?
| DATA PROCESSING | PURPOSE AND LEGITIMATION | RETENTION PERIOD |
| Contact form | Responding to requests and inquiries made by the user, with the legal basis for processing being the explicit consent in accordance with Article 6.1.a) of the GDPR. | The data collected will be retained for the strictly necessary period to fulfill the purpose for which it was collected and, in any case, to determine any possible liabilities that may arise from this purpose, taking into account the periods established by the relevant regulations. |
| Sending informational communications from the entity and Newsletter. | Subscription to information, promotions, and offers from the entity, with the legal basis for processing being the explicit consent in accordance with Article 6.1.a) of the GDPR. | The data will be retained for the duration of the Newsletter subscription or until the data subject exercises their right to object or request deletion of the data. In any case, the data may be kept to determine any possible liabilities that may arise from this purpose. |
| Email management | Responding to received inquiries, as well as managing the commercial or professional relationship, with the legal basis being the contractual relationship between the Data Controller and the data subject, in accordance with Article 6.1.b) of the GDPR. | The data will be retained for the strictly necessary period to fulfill the purpose for which they were collected and, in any case, to determine any possible liabilities that may arise from this purpose, taking into account the periods established by the relevant regulations. |
| CV | Processing requests to participate in the entity’s selection processes. The processing of personal data for this purpose is legitimized by the implementation of pre-contractual measures at the request of the data subject, in accordance with Article 6.1.b) of the GDPR. | The data will not be retained longer than necessary for the purposes for which they were collected, unless there is a legal obligation. In such a case, they will be retained for a maximum period of one year. |
| Participation in projects/studies | Processing the evaluation of your participation in the project in which you have enrolled, with the legal basis for processing being explicit consent in accordance with Article 6.1.a) of the GDPR. | The data will be retained for the duration of the evaluation of participation in the project. Once the evaluation is complete, the data will be deleted. In any case, the data may be retained to determine any possible liabilities that may arise from this purpose, taking into account the periods established in the relevant regulations. |
| Activities, workshops, and events | Managing registration to participate in activities, workshops, and events, with the legal basis for processing being explicit consent, in accordance with Article 6.1.a) of the GDPR. | The data will be retained for the strictly necessary period to fulfill the purpose for which it was collected and, in any case, to determine any possible liabilities that may arise from this purpose, taking into account the periods established by the relevant regulations. |
| Training | Managing the enrollment process for training through the designated form, with the legal basis for processing being explicit consent, in accordance with Article 6.1.a) of the GDPR. | The data will be retained for the strictly necessary period to fulfill the purpose for which it was collected and, in any case, to determine any possible liabilities that may arise from this purpose, taking into account the periods established by the relevant regulations. |
- To whom will the data be communicated?
Except when subject to regulations that legally require us to transfer your personal data, or when you give your explicit consent, we will not share your personal data with third parties. In the event that data is shared with collaborators, sponsors, etc., of Eurecat activities, your explicit consent will be requested at the time of registration.
- Are international data transfers carried out?
No international data transfers are carried out to countries outside the European Union.
- What rights do you have as a user and how can you exercise them?
- Right of access
As a user, you can request that we explain what we do with your personal data.
Additionally, you can request information about the purpose of the processing of your personal data, the duration for which we retain it, the rights you have as a user, the transfer of data to a third country or an international organization, the existence of automated decisions or profiling on the website, among other things.
- Right to rectification
If the personal data you have provided to us is inaccurate or incomplete, you have the right to rectify or complete it. Please contact us, and we will correct the data you request.
- Right to restriction of processing
As a user, you may request the restriction of the processing of your personal data when:
- You dispute the accuracy of your personal data, during a period that allows us to verify its accuracy.
- If the processing is unlawful and you oppose the deletion of your personal data, but instead request that its use be restricted.
- If we no longer need your data for the purposes of processing, but you need it to formulate, exercise, or defend claims.
- Right to erasure (right to be forgotten)
You can request that we immediately delete your personal data. We are obligated to delete the data immediately when it is no longer necessary for the purposes for which it was collected. Additionally, you can ask us to erase your data when you change your mind about consent, object and there are no justified grounds for processing, when your data has been processed unlawfully, when deletion is required to comply with a legal obligation, or when the data was collected in connection with a legal offer.
- Right to information
If you have exercised your right to rectification, erasure, or restriction, we are obligated to inform all recipients to whom your personal data has been disclosed about this rectification, erasure, or restriction of processing, unless this proves impossible or involves a disproportionate effort.
As a user, you have the right to be informed by the data controller about who these recipients are.
- Right to data portability
You have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format. Additionally, you have the right to transmit this data to another data controller without our hindrance.
- Right to object
As a user, you have the right to object at any time, for reasons related to your particular situation, to our use of the personal data you have provided.
We will stop processing your personal data unless we have compelling legitimate grounds to use them that override your interests, rights, and freedoms, or if the processing is intended to formulate, exercise, or defend claims.
- Right to withdraw consent regarding data protection
As a user, you have the right to change your consent regarding data protection at any time. This change of decision regarding consent will not affect the lawfulness of the processing carried out based on the consent given prior to its withdrawal.
- Automated individual decisions, including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
- Right to lodge a complaint with a supervisory authority
As a user, you have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your residence, place of work, or place of the alleged infringement, if you believe that the processing of your personal data violates the GDPR.
- Where can you exercise your rights?
You can request the exercise of your rights at the following email address: legal@eurecat.org
- Is it mandatory to provide all the requested information in data collection forms?
Regarding the website forms, you must fill in the fields marked as “required.” Failure to complete the required personal data or doing so partially may result in Eurecat being unable to process your requests, and consequently, Eurecat will be exempt from all liability for the non-provision or incomplete provision of the requested services.
The personal data that the user provides to Eurecat must be current to ensure that the information in the records is up-to-date and error-free. The user will be responsible for the truthfulness of the data provided.
- What security measures do we have in place?
At Eurecat, we handle and use your personal data in compliance with current regulations on data protection and information society services.
We have implemented the necessary technical and organizational security measures to ensure the security of users’ personal data and to prevent its alteration, loss, unauthorized processing, and/or access, in accordance with the state of technology, the nature of the stored data, and the risks to which they are exposed—whether arising from human action or the physical or natural environment—compliant with current regulations.
