Menu
Through this Privacy Policy, UNESID aims to demonstrate its commitment to compliance with regulations and legislation derived from the processing of information necessary for the provision of its services and the use of Information and Communication Technologies. In particular, UNESID expresses its commitment to compliance with regulations aimed at the protection of personal data. In this regard, the main reference frameworks are:
Reglamento (UE) 2016/679 del Parlamento Europeo y del Consejo, de 27 de abril de 2016, relativo a la protección de las personas físicas en lo que respecta al tratamiento de datos personales y a la libre circulación de estos datos (RGPD)
Ley Orgánica de Protección de Datos (LOPD)
Ley 34/2002, de 11 de julio, de servicios de la sociedad de la información y de comercio electrónico (LSSI)
This declaration applies to any website, application, product, software, or service belonging to UNESID that is linked to it (together, our “Services”). Occasionally, a service may be linked to a different privacy statement, which will list the specific privacy practices of that service.
This policy may be periodically updated, so we encourage you to access and review it. In case of making changes that we consider significant, we will inform you through a notice on the relevant services or contact you through other means such as email.
Personal information refers to any information related to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, especially by reference to an identifier, such as a name, an identification number, location data, online identification, or one or more specific factors of the physical, physiological, genetic, mental, economic, cultural, or social identity of that person.
We collect, store, and process the information (particularly personal data) necessary for the provision of our services. In particular, the information we collect includes:
UNESID is highly committed to the security of the information we handle and compliance with the legal requirements applicable to us. In this sense, to ensure the confidentiality, availability, and integrity of both the information we handle (and, in particular, personal data) and the systems, networks, applications, and databases used for their processing, UNESID:
In case you, as a user or affected party, detect any security incident or violation, or any vulnerability that may be affected, UNESID makes available to the affected parties the email address: unesid@unesid.org , through which appropriate or necessary communications can be made for the improvement of the security of our information and systems.
UNESID has enabled the necessary means to comply with the right to information and obtain consent where necessary to ensure the legality of the processing of personal data. At the time of collection or gathering of information, UNESID undertakes to inform the data subjects about the identity of the controller, the purpose, possible communications or transfers, and the possibility of exercising the rights recognized by the regulations.
UNESID recognizes and guarantees the exercise of the rights of access, rectification, cancellation, opposition, limitation of processing, and portability, as provided by data protection regulations.
You can obtain confirmation as to whether your data is being processed, and if so, you have the right to access the following information regarding the processing of your data:
You can receive your personal data from UNESID and transmit it to another controller when:
You can object to personal data concerning you being processed based on the performance of tasks carried out in the public interest or in the exercise of official authority vested in the controller.
You can obtain from the controller the restriction of processing when one of the following conditions is met:
The data subject has objected to processing pursuant to the right to object.
For the exercise of these rights, UNESID has provided the email address: unesid@unesid.org , through which you can contact the organization to request the exercise of the rights recognized by the regulations. Similarly, these rights can be exercised through the postal address indicated in the first section.
For a proper exercise of these rights, we encourage you to use the templates and models for exercising rights that can be found on the website of the Data Protection Agency (www.agpd.es).
Additionally, we inform you of the possibility, if you believe that your rights have been violated or that appropriate action has not been taken regarding the requests for rights you may have made, to file the corresponding complaint with the Data Protection Agency, and you can contact it through its electronic headquarters accessible from its website (www.agpd.es).
As a general rule, from UNESID, we only communicate personal data to third parties or provide them with access to it in cases necessary to develop an adequate provision of the requested service, to comply with legal, tax, and corporate obligations, or for the development of certain processes or activities of the organization in a subcontracted manner (Data Access on Behalf of Third Parties).
In particular, we carry out communications and exchanges of information with banking entities, based on the services provided, to carry out the management of collections and billing of the services provided, the management of payments to service providers, or in compliance with legal, tax, and public duty requirements. Also, in compliance with these public duties, communications are made to other public administration bodies, such as Social Security or the Tax Administration.
On the other hand, at UNESID, we establish agreements, alliances, or collaborations with other entities that provide us with certain services or collaborate in the development of certain activities, being able to have access to the personal data we manage. This is the case, for example, with tax and labor advisory services to which access to personal data of our workers is granted for payroll management, compliance with public duties, or occupational risk prevention.
Additionally, we have certain subcontracted services on which we rely for the provision and development of our services. This is mainly the case with external hosting services (housing) or web hosting (hosting). For the provision of these services, the corresponding external processing contracts have been signed, ensuring compliance with the requirements of the regulations. It may be the case that these services are provided or require the intervention of entities or systems hosted in third countries. At UNESID, we ensure that, in cases where international data transfers are required, these are made to countries that demonstrate a level of security equivalent to European regulations. In this regard, the adequacy decisions of the European Data Protection Committee will be considered, or, failing that, certificates, corporate rules, contractual clauses, or any other recognized mechanism that demonstrates an adequate level of protection.
As a general rule, at UNESID, we only keep information and personal data for the time necessary to fulfill the purpose for which the data was obtained, as well as to address any claims or liabilities that may arise from the data processing. Generally, once the service provision is completed, the data is blocked, and no further processing is carried out on it beyond keeping it available to Public Administrations, Courts, and Tribunals, for the attention of possible responsibilities arising from the processing, during the prescription period of these, after which cancellation must be carried out. On the other hand, to determine data retention periods, UNESID considers local laws, contractual obligations, and the expectations and requirements of our clients. When we no longer need personal information, we delete or securely destroy it.