These policies have been prepared in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, General Data Protection (GDPR) and the current data protection regulations in Spain, Organic Law 3/2018 on Personal Data Protection and guarantee of digital rights.
Responsible for the processing of personal data
CODELY TECH, SLU (CodeOp)
Tax Identification Number B-67289439
C/ Pallars 193
08005 Barcelona, Spain
Principles applied to the processing of personal data
The principles set out below are applied by CodeOp and by any member of its staff who has access to or otherwise processes personal data. Personal data will always be:
- dealt with in a lawful, fair and transparent manner.
- collected for specified, explicit and legitimate purposes and will not be further processed in a way incompatible with those purposes.
- adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
- accurate and, if necessary, updated, taking all reasonable steps to delete or rectify those that are inaccurate with respect to the purposes for which they are treated.
- kept for no longer than is necessary for the purposes of processing.
- Processed with integrity and confidentiality, in such a way as to ensure adequate security of the data.
Types of personal data processed and purpose
We collect the following categories of personal data on our website:
- Personal information related to the handling of requests and resolution of queries, such as name, surname, email address and contact telephone number. This personal data is stored in our databases for the management of requests and commercial relations and will be used to complete any request or query through our website electronic forms.
At any time, you can change your information or preferences or provide additional details.
- Personal information related to the application to any of our courses, and any information necessary for subsequent operations related to such registration, such as name and surname, e-mail and contact telephone number, date of birth, address, nationality, city of residence, preferred pronoun. In addition, in some cases a LinkedIn profile or Curriculum Vitae is requested in order to assess the suitability for the chosen program.
We will not use your personal data to make automated decisions that affect or create profiles other than those described above. In any case, if there is a further processing of the data whose purpose is different from that for which it was originally collected, we will inform you about all aspects relevant to this other purpose before proceeding with such further processing.
Personal data retention
The personal data provided will be kept for the duration of the execution of pre-contractual arrangements, the attention to requests and resolution of queries and, in any case, for the time necessary to fulfil the purpose for which the personal data was collected and to determine the possible responsibilities that may arise from such purpose and processing.
In determining the appropriate retention period for personal data, we also look at the amount, type and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data, and any applicable legal requirements.
Legitimation to process personal data
We process your personal data on the basis of the consent given for the handling of requests and inquiries, and also on the basis of the execution of pre-contractual arrangements and subscription of the enrolment agreement itself.
Recipients of personal data
Personal data may be communicated to the following recipients:
- Financing and academic credit companies, when applicable.
- Commercial partners.
- Public Administrations and Bodies, when so required by tax, labour or any other applicable regulations.
In the event of international data transfers as a result of the above communications, in the event that the recipient companies are outside the European Economic Area, CodeOp will use the standard contractual clauses adapted by the European Commission recently in June 2021, as a guarantee of those transfers made to countries that do not have an adequacy decision of the European Commission.
In any case, those third parties with whom certain personal data is shared will have previously accredited the adoption of appropriate technical and organisational measures for the correct protection of the same in accordance with the GDPR.
Rights of persons
Users may exercise any of the rights recognised in the data protection regulations before us.
We undertake to respect and facilitate the exercise of these rights and, in particular, the rights of access, rectification, suspension, opposition, limitation of processing and data portability. These rights may be exercised by sending an email to firstname.lastname@example.org
We will provide you with all necessary information concerning the actions we take on the basis of any request to exercise your rights as a data subject, within the stipulated legal deadlines.
In any case, we inform you that you can file a complaint with the Spanish Data Protection Authority the protection of any of your rights.
Implementation of security measures on personal data
We guarantee that we maintain the necessary security levels for the protection of personal data provided to us through the website in accordance with current regulations, and that all the corresponding technical and organisational measures have been established and applied to prevent the accidental loss, destruction or damage, misuse, alteration and unauthorised or unlawful processing of the data provided.
We have also implemented a notification procedure in case of any suspected breach of personal data security, addressed to the data subjects and also to the relevant supervisory authority.