FUNDACIÓ EURECAT considers your personal information is very important. We therefore process it confidentially and securely. We are committed to ensuring the privacy of personal data at all times and not to collect unnecessary information.
Who processes the data?
Identity: FUNDACIÓ EURECAT (hereinafter referred to as “Eurecat“)
Tax Identification Code (NIF): G66210345
Registered office: Parc Tecnològic del Vallès. Avinguda Universitat Autònoma, 23 – 08290 Cerdanyola del Vallès
Legal department email address: firstname.lastname@example.org
Telephone number: + 34 93 238 14 00
Data Protection Officer
Email address of the Data Protection Officer: email@example.com
What data do we collect, for what purposes and for how long do we store them?
|PURPOSE AND LEGAL BASIS
|To respond to requests and enquiries made by the user, the legal basis of the processing being the data subject’s express consent pursuant to Article 6.1.a) of the GDPR.
|The data collected will be stored for the time strictly necessary to fulfil the purpose for which they were collected and, in any case, to determine the possible liabilities that could arise from such purpose, taking into account the periods specified in the relevant regulations
|Sending informative messages about the company and the Newsletter
|To subscribe to information, promotions and offers of the company, the legal basis for the processing being the data subject’s express consent pursuant to Article 6.1.a) of the GDPR.
|The data will be stored for the period the data subject has subscribed to the Newsletter or until he/she exercises the right to object to or erase the data. However, they may be stored in order to determine the possible liabilities that could arise from such purpose
|To respond to the enquiries received and to manage the commercial or professional relationship, the legal basis being the contractual relationship between the Data Controller and the data subject, pursuant to Article 6.1.b) of the GDPR
|The data collected will be stored for the time strictly necessary to fulfil the purpose for which they were collected and, in all cases, to determine the possible liabilities that could arise from such purpose, taking into account the periods specified in the relevant regulations
|Activities, conferences and events
|To manage the registration to take part in activities, conferences or events. The data will be processed for such purpose, the legal basis of which is the data subject’s express consent pursuant to Article 6.1.a) of the GDPR
|The data will be stored for the time strictly necessary to fulfil the purpose for which they were collected and, in all cases, to determine the possible liabilities that could arise from such purpose, taking into account the periods specified in the relevant regulations
To whom will the data be disclosed?
Eurecat is the main recipient of user data, however, it may be accessible to third parties that develop services to the Data Controller. Those scenarios that required Eurecat service suppliers’ access to the user’s data, because of the services arranged, shall be submitted to the legal obligations, which are those of article 28 GDPR’S. In any event, Eurecat service suppliers shall not process the user’s data for their own or different purposes and shall not overreach from the services purposes, and, in any case, shall not rent, sold, or make it available to third parties.
The Data Controller shall not transfer your data to third parties without your prior consent, which should fulfill the legal requirements.
The Data Controller in case of legal obligations may transfer your data to third parties, without the user prior consent.
The personal data obtained by the web forms may be transferred to certain consortium partners with whom Eurecat cooperate, for the purpose to manage and answer the user contact as well as to execute the proper actions to carry out the web form purposes for which the data was given This data access by the consortium partners, does not entail a data assignment for its own purposes. You may consult the detailed list of the project consortium partner here.
Are data transferred internationally?
There are no international data transfers to countries outside the European Union.
What are your rights as a user and how can you exercise them?
Right to access the data
As a user, you can ask us to explain what we do with your personal data. You can also ask us for information about the purpose of the processing of your personal data, the period of time for which we store them, your rights as a user, the transfer of the data to a third country or an international organisation, the existence of automated decisions or profiling on the website, among others.
Right to rectification
If the personal data you have provided to us are inaccurate or incomplete, you are entitled to rectify or supplement them. Please contact us and we will rectify the data according to your request.
Right to restrict the processing
As a user you can request restriction of the processing of your personal data in the following cases:
- If you question the accuracy of your personal data, for a period of time that allows us to verify their accuracy.
- If the processing is unlawful and you object to the erasure of your personal data, instead of erasure, you request that their use is restricted.
- If we no longer need your data for the purposes of processing, but they are needed for the establishment, exercise or defence of legal claims.
Right to erase
You can request us to erase your personal data immediately. We are obliged to erase the data immediately if they are no longer required for the purpose for which they were collected. In addition, you can ask us to erase your data if you change your mind about the consent you granted, if you object to the processing and there are no justified grounds for it, if your data are processed incorrectly, if the data must be erased in order to comply with a legal obligation or if the data has been obtained related to a legal offer.
Right to information
If you have exercised a right to rectify, erase or restrict your data, we are obliged to inform all the recipients to whom your personal data have been disclosed of such rectification, erasure or restriction of processing, unless this proves impossible or involves a disproportionate effort. As a user, you are entitled to be informed by the data controller about who these recipients are.
Right to data portability
You are entitled to receive the personal data you have provided to us in a structured, commonly used and machine-readable format. You are also entitled to transfer this data to another data controller without us being able to prevent this.
Right to object to the data processing
As a user, you are entitled to object to our use of the personal data made available to us at any time for reasons related to your personal situation. We will stop processing your personal data unless we have compelling legitimate grounds to use them, if such grounds override your interests, rights and freedoms or if the processing is for the establishment, exercise or defence of legal claims.
Right to withdraw the declaration of consent related to data protection
As a user you are entitled to change your declaration of consent related to data protection at any time. This change of decision regarding the consent will not affect the legality of the processing that took place on the basis of the consent provided prior to its withdrawal.
Automated individual decisions, including profiling
You are entitled not to be subject to a decision solely based on automated processing, including profiling, which has legal effects for you or significantly affects you in a similar way.
Right to submit a complaint to a supervisory authority
As a user you are entitled to submit a complaint to a supervisory authority, in particular in the Member State of your residence, place of work or place of infringement, if you consider the processing of your personal data implies a violation of the GDPR.
Where can you exercise your rights?
You can request to exercise your rights at the following e-mail address: firstname.lastname@example.org
Is it mandatory to provide all the information requested in the data collection forms?
Regarding the forms posted on the website, you must fill in the fields marked as “required”. Failure to complete the required personal data or only partial completion could mean that Eurecat will be unable to deal with your requests and, therefore, Eurecat will be held harmless for any liability due to not rendering or only partially rendering the requested services.
The personal data provided by the user to Eurecat must be current information so that our records are up to date and error-free. The user is responsible for the veracity of the data provided.
What security measures have we implemented?
Eurecat protects and uses your personal data according to the regulations in force on data protection and information society services.
We have implemented the necessary technical and organisational security measures to guarantee the security of the users’ personal data and prevent their alteration, loss, unauthorised processing and/or access thereto, bearing in mind the state of the art, the kind of data provided and the risks to which they could be exposed, whether due to human action or physical or natural factors, in accordance with the provisions in the regulations in force.