Data protection policy
Data Controller - Who will process my personal information?
UNIVERSITY OF DEUSTO
Avenida de las Universidades, 24-Bilbao (CP-48007)
Data Protection Officer:
Internal Audit and Control Manager
Tel: 94 413 94 30
Purpose - Why do we process your personal data?
The UNIVERSITY OF DEUSTO processes the collected personal data to be used for the following purposes:
- Register users and guests to manage library services.
- Loan bibliographical material.
- Loan laptops.
- Book Library spaces such as group work rooms, workshop or seminar rooms and/or research booths.
- Hold training courses or sessions for current students and alumni on thematic areas.
- Manage applications sent by physical or electronic means.
- Manage problems related to the adequate use of services and consequences of non-compliance.
- Process applications, suggestions and claims.
- Send information about the activities and services offered by the Library by physical and electronic means.
Legal basis - What is the lawful basis for processing your personal data?
For groups including students, staff, friends of the library and registered users, the legal basis for the processing of personal data is the implementation of the agreement.
For groups including guests or other interested parties, the legal basis for the processing of personal data is their consent.
If you do not provide the requested information, your application will not be processed.
In the case of delivery of information on the activities, products and services offered by UD by physical or electronic means, the legal basis is the legitimate interest.
Ud’s legitimate basis regarding the informed purposes is to offer the products and services that best meet your needs, respecting the interests, rights and fundamental freedoms you are granted.
Recipients - Who will be the recipients of your personal data?
No transfers of personal data will be made in this processing.
Data storage period - How long is my information kept?
Personal data will be kept during the term of the contractual relationship and will be stored for five (5) subsequent years in accordance with the labour and tax regulations.
Your personal data will be later stored for statistical and historical purposes with disassociated or anonymised personal data.
Rights - What are your rights when you provide your personal data to us?
Any person will have the right to obtain from the University of Deusto confirmation as to whether or not personal data concerning him or her are being processed.
Those concerned have the right to request access to their personal data and rectification of inaccurate data or, where that is the case, request erasure of personal data when, among other reasons, the data are no longer necessary for the purposes they were collected.
In some circumstances, those concerned may request restriction of processing of personal data, in which case these will only be stored for the exercise or defence of legal claims.
In certain circumstances or for reasons related to a specific situation, those concerned may object to the processing of their personal data. The University of Deusto will no longer process, unless the centre responsible demonstrates compelling legitimate grounds for the processing, or for the exercise or defence of legal claims.
Those concerned may request data portability to receive personal data concerning him or her which have been provided to the University of Deusto in a structured, commonly used, machine-readable and interoperable format, to be downloaded or transmitted directly from the University of Deusto to another entity.
In addition, in the event of disagreement with the University of Deusto regarding the exercise of your rights, you can contact the Data Protection Officer at the University by sending an email to: firstname.lastname@example.org
You can also contact the Spanish Data Protection Agency (Control Authority) to file a claim through its website www.agpd.es.
All data will be treated confidentially and will be subject to appropriate technical and organizational safety measures to prevent alteration, loss, unauthorised processing or access.