DETAILED INFORMATION ON THE PROCESSING OF PERSONAL DATA FOR ACADEMIC MANAGEMENT
Who is responsible for the processing of the data?
FUNDACIÓ PRIVADA UNIVERSITAT I TECNOLOGIA (FUNITEC), CIF G60643558, Sant Joan de la Salle Street, 42, 08022-Barcelona, Tel: 93 290 24 00, email: firstname.lastname@example.org, www.salleurl.edu (hereafter FUNITEC).
You can contact the Data Protection Officer (DPO) by email at email@example.com
What is the purpose of the data processing?
FUNITEC records personal data to certify enrolment on a course and, based on this, to provide the higher education services that you have requested. Both the data provided and any data resulting from the academic activity will be used for assessment of this academic activity, management of your academic record, administrative management, identification as users of the University's services and to help access these services, sending information of interest, issuing and registering degree certificates and assisting and following up on your entry into the job market.
How long is data kept?
All data will be eliminated when they are no longer necessary for the fulfilment of the purpose that led to its collection. The most relevant information, such as the record of studies taken, is kept permanently. The criteria for preserving or eliminating data are based on the regulatory norms applicable to public documentation or documentation derived from the exercise of public functions.
What is the legal ground for the data processing?
The processing of the data is carried out as part of a mission in the public interest, i.e. the provision of higher education services. Certain processing, such as communication to other public institutions or administrations, is carried out in compliance with regulations applicable to universities, mainly Organic Law 6/2001, of 23 December, on Universities, Law 1/2003, of 19 February, on the universities of Catalonia, and their implementing regulations.
Who is the data communicated to?
Data is communicated to various institutions, always for explicit purposes and only ever in a proportional way, i.e. we communicate only the data necessary for the fulfilment of the purpose in question. In order to recognise the studies carried out and issue certificates, data is communicated to Universitat Ramon Llull Fundació. In compliance with legal regulations, we communicate data to insurance entities and banking entities for purposes of collection of payment. In order to enable study and work placements, data is communicated to the receiving companies or institutions. They are also provided to other academic institutions where part of the studies are to be undertaken there.
Are there other companies or institutions that can access the data?
The University procures services from private companies that provide their experience and specialisation. On some occasions, these third-party companies must access personal data held by FUNITEC. Services are only procured from businesses that guarantee compliance with data protection regulations. Upon procurement of these services, these companies formalise their confidentiality obligations and their conduct is overseen. For example, certain data may reside on servers acquired from specialist companies or public institutions that offer services to the university system of Catalonia. Certain data held by us may also be accessed by companies that offer IT support for the use of programs, security companies and human resources and accounting consultants. You can obtain accurate information about these companies that offer their services to us at any time by contacting firstname.lastname@example.org
What rights exist with regard to the processing of data?
Everyone has the right to obtain confirmation as to whether FUNITEC is processing their personal data. Where we are, you have the right to know: where the data was obtained (in the event that it was not provided directly by you); the purpose for which it is held; and details about any transfers of your data that have been made or are planned for the future. The laws in question guarantee the interested parties enjoy the right to access their data, as well as to request the rectification of inaccurate data or, where appropriate, request deletion of the data when it is no longer necessary for the purposes for which it was collected and there is no obligation to keep it. Where FUNITEC processes data solely on the basis of the consent of the interested party, data must be deleted immediately. In certain circumstances, the interested parties may request limitation of the processing of their data, a right that gives them control over their data mainly in order to correct possible inadequate handling, as well as allowing them to make claims in defence of their rights.
How can you exercise or defend your rights?
Send an email to email@example.com
If a person considers their rights have not been adequately respected, they can contact the data protection officer of FUNITEC directly at firstname.lastname@example.org. You can also file a complaint with the Catalan Data Protection Authority (www.apd.cat)