1. Who is responsible for the processing of the personal data provided?
In accordance with the provisions of Regulation (EU) 2016/679, of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) and Organic Law 3/2018 of 5 December on the Protection of Personal Data and the guarantee of digital rights.
The data provided through this contact form will be processed by Institute for Bioengineering of Catalonia (hereinafter IBEC), with VAT number G-64045719 and address at Calle Baldiri Reixac, 10-12, 08028 Barcelona.
IBEC has appointed a Data Protection Officer (DPO) in accordance with that set out in Articles 37 to 39 of the General Data Protection Regulation.
The Data Protection Officer appointed by IBEC is Juli Bafaluy, with email email@example.com, and with postal address for this purpose at Calle Baldiri Reixac, 10-12, 08028 Barcelona.
2. For what purpose do we process your personal data?
The treatment that IBEC will make of your data is the management of the requests made by the interested parties through our contact forms, as well as the management of the sending of our Newsletters, provided that it has been previously consented to by the interested parties.
3. What is the legal basis for the processing of your personal data?
The legal basis for the processing of your personal data is the consent of the user, provided through the checkbox enabled for this purpose. The data subject shall have the right to withdraw his/her consent at any time, by contacting IBEC, and exercising his/her right to delete the data in the terms set out in paragraph 6 of this Policy.
4. How long will we keep your personal data?
The data will be kept for the time necessary for the performance of the activities detailed above.
5. To which recipients will your personal data be communicated?
Your personal data will not be communicated to third parties, except in the cases legally provided.
6. What are your rights when you provide us with your personal data?
The interested party may exercise the rights detailed below, accompanying his request for a copy of a reliable identification document (DNI, NIE, etc.) and by contacting our Data Protection Officer, Juli Bafaluy, via email firstname.lastname@example.org :
- Right of access: It is the right of the data subject to obtain from IBEC confirmation of whether or not personal data concerning him/her are being processed and, in such a case, the right of access to personal data.
- Right of rectification: It is the right of the data subject to request the rectification of inaccurate personal data concerning him. The data subject, also taking into account the purposes of the processing, shall have the right to have the personal data that are incomplete, including by means of an additional declaration, be completed.
- Right to erasure: It is the right of the data subject to obtain the deletion of his/her personal data, provided that any of the circumstances provided for in Article 17 of the General Data Protection Regulation are met.
- Right to restriction of processing: It is the right of the data subject to obtain the limitation of the processing of personal data, provided that one of the conditions established in Article 18 of the General Data Protection Regulation is met. In this case, the data may only be processed, with the exception of their retention, with the consent of the data subject or for the formulation, exercise or defense of claims.
- Right to object: It is the right of the data subject, in certain circumstances and for reasons related to his particular situation, to object to the processing of his personal data, in accordance with the provisions of Article 21 of the General Data Protection Regulation.
- Right to data portability: It is the right of the data subject to receive personal data that concerns him, which he has provided to a controller, in a structured format, common use and mechanical reading, and to transmit them to another controller without being prevented by the controller to which he/she has provided them, provided that the conditions laid down in Article 20 of the General Data Protection Regulation are met.