Select Page

PRIVACY POLICY

Confidentiality and security are fundamental values of Centre de Recerca Matemàtica (CRM) and therefore we are always committed to ensuring the privacy of personal data of our customers and not to collect unnecessary information.

Next, we provide you with all the necessary information about our Privacy Policy in relation to the personal data we collect, explaining:

  • Who is the controller of the processing of your personal data
  • For what purposes we ask for the information we ask for.
  • What is the lawfulness of processing.
  • How long we keep them.
  • To which recipients their information is communicated.
  • What are your rights?
  • How to contact our Data Protection Officer

Who is the controller of the processing of your personal data?

Business name: Centre de Recerca Matemàtica (CRM)
VAT Number: V63009138
Address: Campus UAB Edifici C, 08193 Bellaterra – Cerdanyola del Vallès (Barcelona)
Contact: crm@crm.cat

Who are the data subjects?

The personal data processed are those of:

  • People who have given us their information in the different forms of the web to make inquiries or obtain information about our services and activities.
  • People who apply to job selection processes or visitor positions.

For what purposes and lawfulness do we process personal data?

In CRM we process personal data to respond to your information queries or requests.
These personal data will be treated for the legitimate purposes indicated below

  • Answer information or contact requests
    In CRM we use the contact information you give us to respond to your requests and queries regarding our products and services, whether made through the forms available on the website or directed to the contact email addresses that have been published.
  • Lawfulness of processing:
    • Processing is necessary for the purposes of the legitimate interests pursued by CRM, taking into account the reasonable expectations of those interested in receiving a response to their requests.
    • Freely given consent given by the data subject who sends its data through a form provided for such specific purpose.
  • Processing applications for job offers or visitors positions 
    We process personal data of people who applies to job offers or visitor positions published by CRM, and they will be processed in order to validate the candidacies to the positions to which they apply.
  • Lawfulness of processing:
    • Processing is necessary for the purposes of the legitimate interests pursued by CRM, taking into account the reasonable expectations of those applying to the job offers.
    • Processing is necessary in order to take steps at the request of the data subject prior to entering into a contract.
    • Freely given consent given by the data subject who sends its data through a form provided for such specific purpose.

In addition to the foregoing, CRM may carry out other processing of personal data. In this case, the data subject will receive the necessary information in relation to these treatments and CRM will request its consent if it is necessary.

How long will CRM keep the data?

As a rule, data will be kept for as long as necessary to fulfill the purpose for which they were requested and to determine the possible responsibilities that may arise from this purpose and the processing of these data.
Among others, implies that CRM will keep the personal data of the data subjects for the duration of the relationship with us and, where appropriate, during the period that is necessary for the formulation, exercise or defense of potential claims, or for comply with the legal obligations determined by the applicable legislation.
In the case of the data of the candidates who apply to job offers, the data of those candidates who pass the initial selection process will be kept as long as 1 year in our database of candidates until the interested party asks for its elimination or opposition to their treatment.
Once this period has expired, CRM undertakes to cease processing all personal data, destroy them, block them or anonymize them as far as possible for the purpose for which they are kept.

To which third parties will the data be communicated?

As a rule, personal data will not be transferred to third parties, unless it is necessary to respond to the request, we are bound by law or the interested party has given us his or her consent.
The fact of entering the data through the forms made available to the candidate implies the express acceptance of this data communication, which is essential for CRM to provide the services that are requested.
We might also communicate data companies that provide us with services related to the ordinary and administrative activity of the company acting as processors, national or international, within the framework of the provision of services such as, among others, service providers of email, hosting web services, server hosting, management application services in SaaS mode, file archiving in the cloud and others.
Among others, we can communicate data such as the IP address to Google, which provides analysis services for web use, as indicated in our cookies policy.
The provision of these services may involve the processing of personal data by companies located in countries outside the European Economic Area (international data transfers). However, it will only be done to countries that offer an adequate level of protection or, in the case of entities in the US, that are accredited within the framework of the EU-US Privacy Shield. Decision (EU) 2016/1250 of the Commission, of July 12, 2016.

What are the rights of the data subjects when they provide us with their data?

Gladly we will inform you whether and which of your personal data is processed by us and for what purposes. Furthermore, given the respective legal conditions, you have to the right to rectification, the right to restrict processing, the right to erasure, the right to object and the right to data portability.
These rights may be exercised free of charge by the data subject and, if applicable, by his/her representative, by means of a written and signed request, accompanied by a copy of his/her ID or equivalent document proving his/her identity, addressed to:

  • By email: dpo@crm.cat
  • By postmail: Campus UAB Edifici C, 08193 Bellaterra – Cerdanyola del Vallès (Barcelona)

In the case of representation, you must prove by means of a written document and attaching a copy of the DNI or equivalent document that proves your representation.
In addition to the foregoing rights, the interested party shall have the right to withdraw the consent granted at any time through the procedure described above, without this withdrawal of consent affecting the lawfulness of the treatment prior to the withdrawal of this consent. CRM may continue to treat the personal data of the interested party to the extent that the applicable law permits or persist any other legitimation that justifies it persists.
Opposition to the processing of candidate data implies the impossibility of providing the requested service, so that the exercise of this right will result in the erasure of the data or limitation of the processing of the data in the terms established in our data conservation policy.
Irrespective of these rights and the possibility of asserting another administrative or legal redress, you also have the possibility at any time of asserting your right to complain to a supervisory authority, in particular, in the member state of your place of domicile, of your place of work or of the location of the alleged infringement if you are of the view that the processing of personal data affecting you infringes legal data protection regulations.

Update of your data

It is important that in order for us to keep your personal information updated, you inform us whenever there has been any change in them. Otherwise, we do not respond to the veracity of these and the implications it may have on treatment.

Security in the processing and custody of data

CRM declares that it has applied the appropriate technical and organizational measures to guarantee and be able to demonstrate that the treatment is in accordance with current legislation and that the protection of the rights of the interested parties is guaranteed.
For this purpose, it has implemented a Personal Data Protection Management System to determine and apply the technical and organizational means at its disposal to prevent the loss, misuse, alteration, unauthorized access and theft of data provided by users, without prejudice to inform that security measures on the Internet are not impregnable.

Use of cookies

This website, like most websites on the Internet, uses cookies to improve the user experience. In our Cookies Policy you will find information about what cookies are, what kind of cookies this website uses, how you can disable cookies in your browser and how to specifically disable the installation of third-party cookies.
Please read our Cookies Policy carefully before continuing to browse our website.

Data Protection Officer

For all these matters you can contact our data protection officer who is available at the address mentioned above and at the following email address:
dpo@crm.cat

Modification of the Privacy Policy

CRM can modify its Privacy Policy in accordance with the applicable legislation at all times. In any case, any modification of the Privacy Policy will be duly notified so that you are informed of the changes made in the processing of your personal data and, if the applicable regulations so require, the interested party can confirm their consent.