This document explains the data protection policy which will be followed in the development of the NetEduProject, following the criteria and guidelines of the Blanquerna Foundation. It is based on the principles of the General Data Protection Regulation (EU) 2016/679 of the European Council of 27 April 2016. We fully assume the spirit of this European regulation that reinforces the rights and provides guarantees to individuals regarding the processing of their data, object that matches perfectly with our commitment to continuous improvement of our educational services. We go over the fundamentals of our data protection policy.
Who is responsible for the processing of personal data?
The responsible of data processing is the Blanquerna Foundation, residing at Passeig de Sant Gervasi, 47 Barcelona (CP 08022), CIF Via Augusta, 390, 08017 Barcelona, CIF R5800622B, tel. 932 53 30 00, firstname.lastname@example.org, registered in the Register of Foundations of the Generalitat of Catalonia with the number 000286 (103/SE/F).
Blanquerna Foundation is a center of higher education founder of the Ramon Llull University.
What role has the Data protection Officer?
The Data Protection Officer (DPO) is the person who oversees compliance with our policy of data protection, ensuring that are treated properly and protects the rights of individuals. Its duties include the care of any questions, suggestions, complaints or claims of people who are treated data. You can contact the Data Protection Officer, which is common to the three institutions, addressing in writing to our postal address and telephone number, or email address directly email@example.com.
For which purposes we treat data?
We treat personal information when thinking about all rights of the people and always in proportion. This means that the data may require adequate, relevant and limited compliance with the explicit purpose that motivated the acquisition; only the data necessary to enable the development of the NetEduProject. No data received will be used for any purposes incompatible with those listed.
For the tools management, users share public data from their organizations as the location and website. Also, users respond to a survey for enabling the analysis. The answers are treated statistically and is decoupled from the data identifying the person who answers. To participate in the assessments, surveys collect perceptions and opinions by organization and community members that are gathered by Likert scale questions. The answers are treated statistically without identifying the person who answers. The only contact information we have from respondents are their names and Emails, and will be deleted once the analysis is closed by the user and tool manager.
In most cases the data comes directly from users and respondents and obtain mainly through the forms prepared for this purpose.
What is the legal legitimacy for the treatment of the data?
Data processing that we perform have different legal bases, depending on the nature of each treatment. We classify the main data processing we make following the legal basis of Article 6.1a of the General Data Protection Regulation.
All data we obtain is based on consent. When we send information about our activities and services we use contact with the explicit consent of the person who will receive. It is also based on the consent we obtain navigation data of the person who visits our site, you consent may be revoked at any time by uninstalling cookies.
Who communicate data?
In the development of the project no data is communicated to other people.
How long do we keep the data?
If the data are treated exclusively based on the consent of the person concerned are kept until this person does not revoke this consent. Regarding survey respondents, name and email are deleted once the analysis is finished by the user manager.
What rights do people have about the data we try?
As provided for in the General Data Protection Regulation, persons who deal data have the following rights:
To know if it is. Any person has, first, whether the right to treat their data, regardless of whether there has been a prior relationship.
To be informed on the collection. When the data obtained from the person concerned, at the time of providing the information must be clear at the end that will be used, who will be responsible for processing and the main issues arising from this treatment.
To access. Law includes very broad know preciselywhat personal data are processed, what is the purpose for what it is, communications in others it will (if applicable) or the right to obtain a copy or know the deadline conservation.
To ask for rectification. Is the rightto rectify inaccurate data to be processed by us.
To ask for the deletion. Incertain circumstances there is a right to request the deletion of data when, among other reasons, are no longer necessary for the purposes for which they were collected and justified treatment.
To apply for limited treatment. And also on certain circumstances recognizes the right to request the limitation of data processing. In this case no longer be processed and kept only for the exercise or defense of claims, according to the General Data Protection Regulation.
A portability. In the cases provided for in the legislation recognizes the right toown personal data in a structured format commonly used machine-readable, and to transmit it to another data controller if so decided by the person concerned.
Oppose treatment. A person can adduce reasons related to their particular situation, the reasons that lead them to stop treating the data onthe degree or measure which could lead to damage, except for legitimate reasons or exercise or defense against claims.
Unless receive information. Serve immediately requests not to continue receiving information on our activities and services, when these shipments were based solely on the consent of the person who is receiving.
How can we defend the rights of exercise?
The rights can be exercised just by sending a request to the Blanquerna Foundation to the address or other contact information listed in the header.
If no satisfactory response has been obtained in the exercise of rights, you may lodge a complaint with the Catalan Data Protection Authority, through the forms or other channels accessible from its website (www.apd.cat).
In all cases, whether to submit complaints, request clarifications or send suggestions, you may contact the Data Protection Officer by e-mail to firstname.lastname@example.org.