This Privacy Policy (hereinafter, the “PRIVACY POLICY”) governs, in general, the collection and treatment by ELHUYAR FUNDAZIOA (hereinafter, the “ENTITY”) of (i) the personal data that you provide us with as a user of the website accessible via the domain name hiztegiak.elhuyar.eus (hereinafter, the “WEBSITE”), including the services that are available at any time through the WEBSITE; and (ii) other data collected through other collection systems duly identified below. All of the foregoing is without prejudice to the specific provisions established in certain sections, forms or services available on the WEBSITE in order to provide you with the relevant information and, where appropriate, obtain your consent.
The ENTITY reserves the right to modify the PRIVACY POLICY to adapt it to legislative, jurisprudential and/or administrative changes as well as to all practices developed through the WEBSITE, taking into account your rights and interests at all times.
In any case, the ENTITY will provide you with the appropriate technical resources so that you can access the PRIVACY POLICY, in our compliance with information obligations in accordance with the applicable regulations on data protection.
1. Who is your Data Controller?
The Data Controller is ELHUYAR FUNDAZIOA, an entity domiciled in Usurbil (Gipuzkoa), Zelai Haundi, 3, Polígono industrial Osinalde, registered in the Mercantile Registry of Gipuzkoa in volume 1.972, folio 69, page SS-21.026, and with CIF No. B-20779161.
For any questions related to the PRIVACY POLICY or to the treatment of your personal data, you can contact us at the postal address indicated above or via the email address datuensegurtasuna@elhuyar.eus
2. How have we obtained your data?
The data that we process at the ENTITY have been obtained from you through (i) the different forms that you fill out whilst navigating the WEBSITE or through other channels (e.g. registration as a WEBSITE user - if applicable -, contact forms, registration forms for contests, events or activities organised by the ENTITY, etc.); (ii) by sending an email enquiry.
In the event that the personal data provided belongs to a third party, you guarantee that you have informed said third party of the PRIVACY POLICY and have obtained their authorisation to provide their data to the ENTITY for the purposes indicated below.
Additionally, we inform you of the possible processing of your social network data through the corporate profiles of the ENTITY on each social network in which it is present, under the terms and conditions established in each social network.
3. What type of data do we process?
The data processed by the ENTITY are those provided by you whilst navigating the WEBSITE, through the relevant forms that we use to enter into contact with you, or through email, as well as data that, if applicable, we obtain through the ENTITY’s corporate profiles on the social networks in which we are present.
The ENTITY processes the following type of data in particular:
4. Why do we process your data and on what legitimate grounds?
We process your personal data for the following purposes:
The processing of your personal data by the ENTITY, in accordance with the applicable regulations, is based (i) on your consent, granted at the time of collecting the personal data that you voluntarily provide us with via the systems provided for this purpose on the WEBSITE; (ii) on the relationship established with us if you contract our products or services; or (iii) on the legitimate interest of the ENTITY.
Where the processing of your data is based on your consent, you may at any time revoke it freely, and free of charge, under the terms indicated in Section 7 below.
5. To whom do we disclose your data?
We inform you that your personal data may be communicated to the following third parties:
We do not envisage any international transfer of your data.
6. How long do we keep your data?
In general, personal data is stored for as long as you do not revoke your consent to its processing or request its deletion, as well as for the time necessary for the ENTITY to comply with the legal obligations.
In any case, we inform you that the ENTITY has established internal data cleaning policies aimed at controlling the retention periods of the personal data in its possession, so that these may be deleted when no longer necessary or suitable for the purpose for which they were obtained.
7. What are your rights?
The applicable regulations on data protection grant you a series of rights related to your personal data that you may exercise during their processing thereof. These rights are as follows:
You also have the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
You may exercise these rights by writing to the ENTITY at the postal address indicated in Section 1 or by sending an email to datuensegurtasuna@elhuyar.eus.
Finally, you may file a claim with the relevant Supervisory Authority (in Spain, the Spanish Data Protection Agency), in particular, when you have failed to obtain satisfaction in the exercise of your rights. You can contact said Authority through its web page: www.aepd.es.
8. Security Measures
The ENTITY will treat your data with strict confidentiality at all times and shall abide by the mandatory duty of secrecy regarding said data, in accordance with the applicable legal provisions on data protection, adopting for said purpose any technical and organisational measures that may be required to guarantee the security of your data and to avoid its alteration, loss, unauthorised processing or access, having due regard to the state of technology, the nature of the stored data and the risks to which they are exposed.
9. Cookies policy
Additionally, we remind you that the ENTITY has established a Cookies Policy which is accessible via the following link.