This Privacy and Personal Data Protection Policy is an integral part of the Conditions of Use of the web page located at the URL www.fiep.es
CIRCULO FORMACION S.L, is aware of the importance of personal data, so we assure all Users and Customers that we ensure the proper treatment and privacy of the same, in strict compliance with the provisions of the Law, and in the terms explained below:
In compliance with the provisions of Organic Law 3/2018, of 5 December, on the Protection of Personal Data and Guarantee of Digital Rights (hereinafter " LOPDGDD"), in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, as well as the regulations that may extend or replace them in the future, we inform you that there is an automated processing of personal activities, with the sole purpose of facilitating the management of the activity of this Website, the management of the services offered through the same and, where appropriate, the management, development and fulfilment of the contractual relationship that the Client establishes with CIRCULO FORMACION S. L. Likewise, CIRCULO FORMACION S.L. will process the data to manage queries made through the Website.
CIRCULO FORMACION S.L. is, for the purposes of the provisions of the Law, the party responsible for data processing activities.
The processing activities are registered in the Company's Data Protection Policy and have the legally established security measures (technical and organisational measures that prevent the alteration, loss, processing or unauthorised access of the data, as appropriate).
The provision of personal data requested by CIRCULO FORMACION S.L. is compulsory in order to be able to purchase certain services offered on the Website as a Client. If the Client does not provide the personal data requested or does not accept this Privacy and Data Protection Policy, he/she will not be able to purchase the services offered.
Specifically, in order to attend FIEP events, and when registering for the event, the CLIENT's personal data will be included in CIRCULO FORMACION's files in order to generate a personal, encrypted and secure QR code, which they will receive in the email they provide us with, and with which they will be able to access and benefit from exclusive advantages.
During the on-site events, and only if the CLIENT so wishes, he/she may use his/her personal QR to provide his/her personal data to the participating Universities/Institutions he/she wishes in a fast and secure manner. In this process, by simply showing the personal QR, from your mobile phone, you can allow the Universities/Institutions you wish, to scan it and incorporate your personal data into their respective files, accepting the respective Data Protection Policies, so that they can contact you and inform you via email and/or telephone.
During virtual events, when the CLIENT accesses a videoconference, he/she will be providing his/her personal data to the University/Institution that gives the videoconference. In this process, simply by accessing, you will be allowing the University/Institution to incorporate your personal data into their respective files, accepting their Data Protection Policy, so that they can contact you and inform you via email and/or telephone.
All personal data you provide will be incorporated into our register of activities mentioned above.
The Directors of CIRCULO FORMACION S.L. are responsible for formulating the strategy and approving the Company's corporate policies, as well as organising the internal control systems. In the exercise of these responsibilities, and in order to establish the general principles that should govern the processing of personal data.
1. Purpose The Personal Data Protection Policy establishes the common principles and guidelines for action that must govern CIRCULO FORMACION S.L. in matters of personal data protection, guaranteeing, in all cases, compliance with the applicable legislation. In particular, the Personal Data Protection Policy aims to guarantee the right to data protection of all individuals who interact with the company, ensuring respect for the right to honour and privacy in the processing of different types of personal data from different sources and for different purposes depending on their business activity.
2. Evaluation: The Security Officer shall evaluate, at least once a year, compliance with and the effectiveness of this Personal Data Protection Policy and shall report the result to the management that assumes such functions at any given time.
This 3. Personal Data Protection Policy was initially approved by the Administrator on 15 May 2018.
4. By accepting this Privacy and Data Protection Policy, the Client guarantees the accuracy, validity and authenticity of the personal data provided, and undertakes to keep them duly updated.
The Client exonerates CIRCULO FORMACION S.L. from liability for any damage or harm that may be suffered as a result of errors, defects or omissions in the information provided to CIRCULO FORMACION S.L.
CIRCULO FORMACION S.L. undertakes to comply with its obligation of professional secrecy with respect to personal data received through the Website and to treat it confidentially.
The Client expressly accepts that CIRCULO FORMACION S.L. may transfer personal data as we sometimes make use of other companies to provide certain of our services. To do so, they need access to personal data of our clients and/or users. CIRCULO FORMACION S.L. may provide the information provided through the website to third parties related to or dependent on it or to service providers, for the provision of such services, for the purposes and with the application of the security measures set out in the RGPD.
In order to facilitate browsing the Website, CIRCULO FORMACION S.L. will use cookies or other files with similar functionality. For more information on Cookies, Users and Clients are recommended to read the document: LINK TO COOKIES.
5. Principles of personal data processing The principles governing the Personal Data Protection Policy are as follows:
a) General principles: CIRCULO FORMACION S.L will scrupulously comply with the legislation of its jurisdiction on data protection, that which is applicable depending on the processing of personal data that is carried out and that which is determined in accordance with binding rules or agreements adopted within the company CIRCULO FORMACION S.L will promote that the principles set out in this Personal Data Protection Policy are taken into account
(i) in the design and implementation of all procedures involving the processing of personal data,
(ii) in the products and services offered by it,
(iii) in all contracts and obligations entered into with natural persons, and
(iv) in the implementation of all systems and platforms allowing access by employees or third parties to personal data and/or the collection or processing of such data.
b) Principles relating to the processing of personal data:
(i) Principles of lawfulness, lawfulness and fairness in the processing of personal data. The processing of personal data shall be fair, lawful and lawful in accordance with the applicable legislation. In this regard, personal data must be collected for one or more specific and legitimate purposes in accordance with applicable law. Where required by applicable law, the consent of the data subjects must be obtained prior to the collection of their data. Likewise, when required by law, the purposes for processing personal data shall be explicit and determined at the time of collection.
In particular, CIRCULO FORMACION S. L will not collect or process personal data relating to ethnic or racial origin, political ideology, beliefs, religious or philosophical convictions, sexual life or orientation, trade union membership, health, or genetic or biometric data aimed at uniquely identifying a person, unless the collection of such data is necessary, legitimate and required or permitted by the applicable legislation, in which case they will be collected and processed in accordance with the provisions of that legislation.
(ii) Principle of minimisation. Only those personal data that are strictly necessary for the purpose for which they are collected or processed and appropriate to that purpose will be processed.
(iii) Principle of accuracy. Personal data must be accurate and up to date. If this is not the case, they must be deleted or corrected.
(iv) Retention time limitation principle. Personal data shall not be kept for longer than is necessary to achieve the purpose for which they are processed, except in the cases provided for by law.
(v) Principles of integrity and confidentiality. Personal data protection policy. In the processing of personal data, adequate security must be guaranteed by means of technical or organisational measures to protect them from unauthorised or unlawful processing and to prevent their loss, destruction or accidental damage. The personal data collected and processed by CIRCULO FORMACION S.L. must be kept with the utmost confidentiality and secrecy, and may not be used for purposes other than those that justified and permitted their collection and may not be communicated or transferred to third parties outside the cases permitted by the applicable legislation.
(vi) Principle of proactive responsibility (accountability). CIRCULO FORMACION S.L. will be responsible for complying with the principles stipulated in this Personal Data Protection Policy and those required by applicable legislation and must be able to demonstrate this, when required by applicable legislation. CIRCULO FORMACION S.L. shall carry out a risk assessment of the processing it carries out in order to determine the measures to be applied to ensure that personal data is processed in accordance with legal requirements. In cases where the law so requires, the risks to the protection of personal data that new products, services or information systems may entail shall be assessed beforehand and the necessary measures shall be adopted to eliminate or mitigate them. CIRCULO FORMACION S.L. shall keep a register of activities describing the processing of personal data carried out as part of its activities. In the event of an incident resulting in the accidental or unlawful destruction, loss or alteration of personal data, or unauthorised communication or access to such data, the internal protocols established for this purpose by the Security Manager and those established by the applicable legislation must be followed. Such incidents shall be documented and measures shall be adopted to resolve and mitigate the possible negative effects for the data subjects. In the cases provided for by law, data protection officers shall be appointed to ensure compliance with data protection regulations in the company.
(vii) Principles of transparency and information. The processing of personal data shall be transparent in relation to the data subject, providing him/her with information about the processing of his/her data in an understandable and accessible manner, where required by applicable law. In order to guarantee fair and transparent processing, CIRCULO FORMACION S.L., the data controller, shall inform the data subjects whose data it intends to collect of the circumstances relating to the processing in accordance with the applicable legislation.
(viii) Acquisition or collection of personal data. The acquisition or collection of personal data from illegitimate sources, from sources that do not sufficiently guarantee their legitimate origin or from sources whose data have been collected or transferred in contravention of the law is prohibited.
(ix) Hiring of data processors. Prior to contracting any service provider that accesses personal data for which CIRCULO FORMACION S.L. is responsible, as well as during the term of the contractual relationship, the latter must adopt the necessary measures to guarantee and, where legally required, demonstrate that the processing of data by the data processor is carried out in accordance with the applicable regulations.
(x) International data transfers. Any processing of personal data subject to European Union law involving a transfer of data outside the European Economic Area must be carried out in strict compliance with the requirements of the applicable law in the jurisdiction of origin. Likewise, business partners or affiliates located outside the European Union shall comply with the requirements for international transfers of personal data that may be applicable in their jurisdiction.
(xi) Rights of data subjects. CIRCULO FORMACION S.L. shall allow data subjects to exercise their rights of access, rectification, erasure, limitation of processing, portability and objection applicable in each jurisdiction, establishing, for this purpose, the internal procedures necessary to satisfy, at least, the legal requirements applicable in each case.
4. Implementation Pursuant to the provisions of this Personal Data Protection Policy, the Corporate Security Department, together with the company's Legal Services, shall develop and keep updated the internal regulations for global management of data protection, which shall be implemented by the Head of Security and shall be mandatory for all the Company's executives and employees. Likewise, the Head of Security shall establish internal procedures that develop the principles set out in this Code of Conduct.
5. Control and evaluation a) Control The Security Officer shall supervise the Company's compliance with the provisions of this Personal Data Protection Policy. In order to verify compliance with this Personal Data Protection Policy, periodic audits shall be carried out by internal or external auditors.
Any Client or Candidate may exercise their rights of access, rectification, cancellation, opposition and request the deletion of their data by writing to CIRCULO FORMACIÓN S.L. by sending an e-mail to info@circuloformacion.es. In order to process the request, it is essential that you previously prove your identity by sending a copy of your ID card, NIE, Passport or equivalent document.