The Osuna University School (hereinafter, EUOsuna), is responsible for the processing of personal data that is carried out in it. By virtue of the principle of proactive responsibility, it is committed to the highest level of data protection in all its manifestations, and in particular, to strict compliance with current regulations, specifically the General Data Protection Regulation (hereinafter, RGPD ), and Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights (hereinafter, LOPDGDD).
By virtue of the foregoing, EUOsuna will collect and process personal data in a lawful, loyal and transparent manner; and only for specific, explicit, and legitimate purposes. The personal data will be adequate, pertinent and limited to what is necessary in relation to the purpose, in addition it will be ensured that they are exact and updated.
It is also guaranteed that the data of the interested party will not be kept for longer than necessary for the purposes of the treatment, and that they will be subjected to the appropriate security measures to guarantee their integrity, availability and confidentiality, in accordance with the provisions of the Scheme National Security.
For all these reasons, we offer below the corresponding information on data protection in accordance with the principle of transparency that inspires the actions of EUOsuna.
Contact details of the data controller
EUOsuna's contact details can be found in the legal notice of this website.
Personal Data Protection and Information Security Policy
EUOsuna has approved a document that constitutes the data protection and information security policy, within the framework of information systems and personal data processing activities of the Francisco Maldonado de Osuna University Studies Foundation , whose main activity is the management of the University School of Osuna.
This Policy applies to all information systems and all personal data processing activities for which EUOsuna is responsible; being mandatory for all departments of the organization, as well as for all personnel with access to the information for which it is responsible, regardless of their destination, employment status or relationship by which the information is accessed. It contains the basic guidelines that inspire the organization to comply with the provisions of the RGPD and the LOPDGDD.
The Record of Processing Activities
In accordance with the provisions of art. 30 of the RGPD, EUOsuna has prepared a record of the treatment activities carried out under its responsibility.
The aforementioned document develops, therefore, the Registry of Processing Activities of the Osuna University School, in terms of Data Protection, responding to the obligation established in article 30 of the RGPD. Said Registry is currently undergoing a revision process, being published as soon as the appropriate modifications are approved.
The Data Protection Delegate
As established in art. 37.1.a) of the RGPD, when the processing of personal data is carried out by an authority or public body, as is the case of EUOsuna, the data controller must appoint a Data Protection Officer, whose functions will be to supervise and help the person in charge in everything related to compliance with the RGPD, through information, supervision, advice and cooperation with the control authority.
In compliance with the foregoing, EUOsuna has formally appointed a Data Protection Officer, whose contact email address is as follows: email@example.com
Compliance with the right to information in EUOsuna procedures and forms
Among other issues, you will be informed about the purpose and legal basis of the treatment, the data retention period or criteria used to determine it, the recipients, if any (entities other than EUOsuna to which the personal data is communicated or transferred ) and about the rights that assist you and how to exercise them.
When applicable, said basic information will also include the origin and type of data (if they are not collected from the recipient), the possible existence of automated decisions (including profiling), and the eventual intention to transfer personal data to a third country. or international organization, as well as the existence or absence of adequacy or guarantees of a level of protection in the treatment by said countries.
Rights of the interested parties
In accordance with current regulations, you can exercise your rights of access, rectification, deletion and portability of your data, limitation of treatment, opposition to its treatment, as well as not being the subject of decisions based solely on the automated treatment of your data when they come.
You can exercise these rights by writing to the University School, through its General Registry. To facilitate the exercise of these rights, you have specific models on the website of the Spanish Agency for Data Protection, which you can access through the following link. Through this link you can also find out more information about each of the rights that you can exercise along with their characteristics.
EUOsuna, as data controller, will respond to the request to exercise rights without delay and within a maximum period of one month. If you have not obtained satisfaction in the exercise of your rights, you may file a claim with the Andalusian Council for Transparency and Data Protection.
In the Electronic Window of the Council you will find the form to present the claim, as well as information on how to present it. In your claim you must properly identify yourself, indicate the body claimed, and attach a copy of the request made before said body in relation to the exercise of your rights; where appropriate, you must also attach a copy of the response received, as well as any other information or documentation that may be of interest in the resolution of the claim.
Finally, you can contact the Data Protection Officer (firstname.lastname@example.org), indicating the situation in which the processing of your data occurs, the right you wish to exercise and any information or documentation that you consider to be of interest or relevant for the care of your case.
Information on the processing of personal data collected through the website
In the following table you can locate the information about the data processing that is carried out on this website in general, specifically those that derive from contact requests through the corresponding forms.
When the introduction of personal data results in a different treatment, the individualized information will be opportunely offered in the corresponding form or form.
|a) Legal basis||Art. 6.1.a) RGPD: The interested party gave their consent for the processing of their personal data for one or more specific purposes (if applicable).|
|b) Purposes of the treatment||Management of the contacts made through the different forms offered on the website of the Osuna University School ( www.euosuna.org )|
Current and potential members of the University Community
Professors and collaborators
Former students, professors, and collaborators
|c) Data Categories||Identification data.|
|d) Recipient category||The data will only be communicated to guarantee the correct achievement of the purpose of the treatment, and specifically, for the correct resolution of the request made by the interested party through the website. This is in addition to the assignments that may be legally foreseen.|
|e) International Transfer||International data transfers are not planned.|
|f) Deletion period||They will be kept for the time necessary to fulfill the purpose for which they were collected and to determine the possible responsibilities that may arise from said purpose and from the processing of the data. The provisions of the archives and documentation regulations will apply.|
|g) Security measures||The security measures implemented correspond to those of a basic level, provided for in Annex II (Security measures) of Royal Decree 3/2010, of January 8, which regulates the National Security Scheme in the field of Electronic Administration.|
|h) Responsible entity||Osuna University School|
|i) Contact details of the Data Protection Officeremail@example.com|
Information on additional data processing and possible assignments
The data of the treatments carried out by EUOsuna may be used, where appropriate with the appropriate anonymization procedures, for the purpose of compiling statistics, sending scientific information, managing incidents or carrying out market studies, in addition to for the purposes for which the data has been expressly collected.
On the other hand, depending on the process, procedure or service, in accordance with the request made, the administrative bodies receiving the request may communicate your data to other recipients in the public sector, when so required within the framework of their procedures, in accordance with to the regulations on administrative procedure.
In general, international data transfers are not foreseen, however, and depending on the process, procedure or service in accordance with the request made, international data transfers could take place to entities that request academic data, but always with unequivocal and informed consent. of the interested party and in accordance with the provisions of current regulations.
EUOsuna undertakes to comply with the obligation of secrecy regarding the personal data being processed and declares its intention to implement the necessary technical and organizational measures to guarantee the security of personal data and avoid their alteration, loss, treatment or unauthorized access, taking into account the state of the technology, the nature of the data stored and the risks to which they are exposed, whether they come from human action or from the physical or natural environment.
In any case, the protection measures of the information systems established in the National Security Scheme will be respected, in accordance with the provisions in relation to security measures in the public sphere in the First Additional Provision (point 2) of the LOPDGDD .
If you need any additional clarification regarding data protection, you can contact the Data Protection Officer at the following email address: firstname.lastname@example.org .