The consortium informs website users about its policy regarding the processing and protection of personal data of users and clients.

And guarantees at all times full and complete compliance with the obligations set forth by data protection and information society services regulations: Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR), the Organic Law 3/2018, of December 5, on the Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD), and Law 34/2002, of July 11, on Information Society Services and Electronic Commerce (LSSIce).

 

DATA CONTROLLER

CONSORCI DEL TURÓ DE LA SEU VELLA DE LLEIDA

C.I.F.: Q2500423E

Address: TURÓ SEU VELLA S/N - 25002 - LLEIDA (LLEIDA).

Registration data: Registry of Local Entities of the Generalitat de Catalunya

Phone: 973230653

Email: turoseuvella@turoseuvella.cat

 

DATA PROTECTION OFFICER

The consortium, in accordance with Article 37.1.a of the General Data Protection Regulation (EU) 2016/679, has appointed a Data Protection Officer (DPO). The contact email is: dpd@turoseuvella.cat

 

PURPOSES OF DATA PROCESSING

  • Process requests or application forms for information, services, or procedures with the consortium.
  • Manage data accessed by the consortium as a result of browsing, inquiries, and/or requests.
  • Manage registration requests for training courses, seminars, or any event organized by this administration through any of its services.
  • Send communications and the newsletter.

 

DATA RETENTION PERIOD

The personal data provided will be kept until the data subject requests its erasure by exercising their rights over the data, and in any case, in compliance with the applicable legal statute of limitations.

 

LAWFULNESS OF PROCESSING

The legal basis for processing personal data is based on:

  1. The express consent of the data subject (Art. 6.1.a GDPR).
  2. Necessary for compliance with a legal obligation applicable to the Data Controller (Art. 6.1.c GDPR).
  3. Law 39/2015, of October 1, on the Common Administrative Procedure of Public Administrations.
  4. Law 26/2010, of August 3, on the Legal Regime and Procedure of Public Administrations of Catalonia.

 

DATA RECIPIENTS

The data will be used by the Controller. Data may also be processed by third parties who hold the status of data processors, through the corresponding contracts or agreements.

 

RIGHTS OF THE USERS

The user has the right to:

  • Request access to their personal data being processed and receive this information in writing via the requested means.
  • Request the rectification of inaccurate personal data or, where appropriate, request its erasure when, among other reasons, the data is no longer necessary for the purposes for which it was collected.
  • Request the restriction of the processing of their data.
  • Object to the processing of their personal data when applicable, in which case their data will no longer be processed except for compelling legitimate grounds.
  • Right to data portability. The data subject has the right to receive their personal data if it has been provided in a structured, commonly used, and machine-readable format, and to transmit it to another controller, if the following requirements are met:
      1. The processing is based on consent or on a contract.
      2. The processing is carried out by automated means.
  • Right to withdraw the consent granted.
  • Right to lodge a complaint with the Spanish Data Protection Agency.


The User can exercise the aforementioned rights at the email address dpd@turoseuvella.cat, proving their identity with a scanned copy of their ID card or equivalent document, and specifying the right they wish to exercise.

 

HOW IS THIS DATA COLLECTED?

In most cases, personal data is collected directly from the citizens themselves (data subjects) through requests or forms they fill out when asking for information, a service, or starting a procedure with the consortium.

This data can also be obtained during the processing of established administrative procedures and through the data exchange provided for in Law 39/2015, of October 1, on the Common Administrative Procedure of Public Administrations, which also guarantees the protection and confidentiality of data held by public administrations.

Finally, the consortium's websites use cookies to improve the browsing experience and offer content and services of interest. You can find more information about the consortium's cookies by accessing here: Cookies Policy.

 

INFORMATION PROVIDED BY THE DATA SUBJECT

Minors under 14 years of age cannot provide their personal data without the prior consent of their parent(s) and/or legal guardians.

The data subject guarantees that the personal data provided is accurate and holds responsibility for communicating any modifications to it.

All data requested through the website is necessary to provide an optimal service to the data subject. If all data is not provided, there is no guarantee that the information and services provided by the Controller will completely suit their needs.

 

SECURITY MEASURES

In accordance with the provisions of current regulations on personal data protection, the Data Controller is complying with all provisions of the GDPR and LOPDGDD regulations for the processing of personal data under its responsibility, and manifestly with the principles described in Article 5 of the GDPR and Article 4 of the LOPDGDD, by which data is processed lawfully, fairly, and transparently in relation to the data subject and is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed.

The controller guarantees that it has implemented appropriate technical and organizational policies to apply the security measures established by the GDPR and the LOPDGDD in order to protect the rights and freedoms of the data subject and has communicated the appropriate information so that they can exercise them.

 

SECURITY BREACHES

The Data Controller will report any security breach affecting the database used by this website, or affecting any of our third-party services, to each and every person whose data may have been affected, and to the authorities, within 72 hours following the detection of the breach.

 

APPLICABLE LAW AND JURISDICTION

The right to bring any civil or criminal actions deemed necessary for the improper use of the Website and its Contents is reserved.

The relationship between the User and the Controller shall be governed by the regulations in force and applicable in the Spanish territory. In the event of any dispute regarding interpretation and/or application, the parties shall submit their conflicts to the ordinary jurisdiction, submitting to the judges and courts that correspond according to law.