The purpose of this Privacy Policy is to provide information on the use that the Diagrama Group Entities will make of your personal data as a web user of the #PreventGBV Project website, and on the rights that you have in accordance with the Spanish Organic Law 3/2018 of 5th of December, on Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD) and Regulation (EU) 2016/679 of the European Parliament and Council of 27th April 2016 on the protection of natural persons with regard to the processing of personal data and the free movement of such data (GDPR).
The personal data of users will not be collected via the website without their knowledge.
1. Identification and contact details of the Data Controller
Any data of a personal nature that could be collected directly from the data subject will be treated with confidentiality and will be incorporated into the corresponding processing activity owned by FUNDACIÓN DIAGRAMA INTERVENCIÓN PSICOSOCIAL (or, where appropriate, the Entities of the Group: AZARBE INTERVENCIÓN PSICOSOCIAL, APRENDIZAJES URBANOS, S.L.; MAKING PROCESSES, S.L.; NOSTRUM INTEGRA, S.L.; ZEKIA SERVICIOS AUXILIARES, S.L.; SERVICIOS DE VIGILANCIA Y PROTECCIÓN PROTEC, S.A., hereinafter referred to jointly as “Diagrama Group” and individually as the “Data Controller” for the processing of your personal data).
To get in contact with the data controller responsible for the processing of your data, you can contact the leading organisation of the group: Fundación Diagrama Intervención Psicosocial, with the C.I.F. G-73038457 and headquarters in Avenida Ciudad de Almería, Nº 10, C.P. 30002 in Murcia (Spain) – indicating the specific entity to whom your query is directed.
Additionally, if you have any queries regarding the processing of your personal data, you can get in contact with Diagrama Group’s dedicated Data Protection Officer via the following email address: dpd@diagrama.org
2. Minimisation of necessary information, accuracy, and updates
All the fields marked with an asterisk (*) in online forms will be appropriate, relevant, and limited to the purposes for which they are collected; therefore, they must be filled out, and any omissions may make it impossible for you to be provided with the requested services or information.
You must provide truthful information, so that the information provided is always be up-to-date and without errors, and communicate any changes or corrections regarding your personal data to the Data Controller as soon as possible, which can be done via email to: dpd@diagrama.org.
Likewise, by clicking on the “I Accept” button (or equivalent) included in the aforementioned forms, you declare that the information and data which you have provided is accurate and truthful.
3. Basic general information: description of the information contained within the privacy policy
In this Privacy Policy you will find a table identifying, for each of the different types of data processing carried out by the Responsible Entity, the following information:
a. The purposes of the processing of your personal data – that is, the reason why the Entity processes your personal data with regards to each of the processing activities that it carries out.
b. The legal basis or legitimation allowing the Entity to process your data for each of the purposes indicated lies in the fulfilment of legal obligations on the Entity’s part and for the fulfilment of its mission, carried out in the public interest. When the purpose of data processing requires your consent, this must be given via a clear act of affirmation.
c. The possible communication of your data to third parties, as well as the reason for said communication. Data collected through this website can be shared with the #PreventGBV project partners, defined in the “Partners” section of this website, and the European Comission. To this end, please note that we do not disclose your personal data to other third parties unless there is a legal obligation to do so. However, those from the Entity in charge of data processing will have access to your personal data (that is to say, the service providers who have to access your personal data in order to carry out their work). The service providers who access your data will generally belong to the information and technology sector. Indicated in the table below, where appropriate, are the other possible sectors to which service providers from the Entity who may have to access your personal data belong.
d. We will store the data that you provide us with for the period necessary to fulfil the purpose for which it is collected, or while your relationship with the Entity is maintained. In addition, please note that your data will remain locked for the purpose of potential judicial, administrative or fiscal claims or responsibilities, during the legally prescribed periods, as well as the periods set out in the regulation on filing and documentation. Once said periods are over, your data will be erased or anonymised.
e. In the event that there are potential international data transfers.
4. Exercising your rights
Anyone has the right to receive confirmation about the processing of their data carried out by the Data Controller. Please be informed you that you will be able to exercise the following rights:
i. The right to access your personal data in order to know what parts are being processed and the processing operations being carried out on them;
ii. The right to rectify any inaccuracies in your personal data;
iii. The right to erase your personal data, where possible;
iv. The right to request the limitation of the processing of your personal data when the accuracy, legality, or necessity of processing the data is in doubt, in which case, we may store it for the exercise or defence of any claims;
v. The right to the portability of your personal data when the legal basis that enables us to handle your data, which is specified in the table included above, is derived from a contractual relationship or your consent.
vi. The right to object to the processing of your personal data when the legal basis that enables us to process it from those specified in the table above is that of legitimate interest. To this effect, we will stop processing your data unless we have a compelling legitimate interest, or for the formulation, exercise, or defence of claims.
vii. The right to revoke the consent given at any moment, without affecting the legality of data processing based on consent given prior to such a withdrawal.
You may exercise your rights at any given moment, for free, by emailing dpd@diagrama.org and attaching your national national ID card, indicating your identifying data.
If you have any uncertainties/ issues, or you believe that we have not processed your personal data appropriately, you can contact the Data Protection Officer via the email address dpd@diagrama.org. Nevertheless, please be informed that you that you have the right to present a claim before the Spanish Agency for Data Protection (Agencia Española de Protección de Datos) if you believe that a data protection crime has been committed regarding the processing of your personal data.
5. Cookies
We use both our own and third-party data storage and recovery devices (‘cookies’) to improve our pages, identify new needs and assess possible improvements with the aim of offering a better service to visitors to our website, for example, by adapting our pages to the most used browsers or terminals.
The Data Controller will only use cookies when the user has given prior consent, in accordance with that stated in the pop-up message which appears when users access the website for the first time, and in the other terms and conditions indicated in the link to information about cookies.
6. Security Measures
The Data controller adopts the security levels required by the General Data Protection Regulation (EU) 2016/679 (GDPR) that are appropriate for the nature of the data being andled at any given time.
The Entity will use the appropriate technical and organisational measures to protect your personal information and privacy, which will be periodically reviewed.
Notwithstanding these measures, technical security in a medium like the internet is never infallible and there could be malicious actions by third parties, even though the Responsible Entity uses all the resources at its disposal to avoid such situations.
7. Minors
Minors may not use the services available on the website without the prior permission of their parents, guardians, or legal representatives, who will be solely responsible for all of the actions carried out on the website by the minors in their charge, including the completion of forms with the personal data of said minors and the marking, where appropriate, of the boxes that accompany them.
Additional and detailed information on the processing carried out by the Data Controller:
| Purpose of the treatment | Legal basis | Recipients | Conservation period |
|
"CONTACT FORM" Legitimate interest of the Entity to meet the information requests, queries, through the Web. Manage and respond to queries raised. |
Interés legítimo de la Entidad para atender a los requerimientos de información a través de la Web. | Your data may be transferred to partners of the #PreventGBV project or the European Commission on the legal basis of Fundación Diagrama's legitimate interest in meeting your request for information. | During the time necessary to fulfill the purpose for which the data was collected. |
|
“WEBSITE TRAFFIC” Report on website traffic statistics |
Report on website traffic statistics |
Data may be transferred to partners of the #PreventGBV project or the European Commission on the legal basis of Fundación Diagrama's. The data concerning website traffic will be used in order to report website traffic statistics, via Google Analytics and this website, to the European Comission in order to justify funding of its programmes for this website. |
During the time necessary to fulfill the purpose for which the data was collected. |
Additional detailed information about data processing carried out by the Responsible Entity:
Please be informed that you can request further details on how we handle your data with respect to any of the previous sections by sending an email to dpd@diagrama.org, indicating the specific area of data processing that you wish to know more about so that we may process your request.
9. Changes to the current privacy policy and data protection
We will review and update the information regarding data protection at least once a year, or whenever there are changes in legislation or any of the procedures that affect the processing of your personal information, indicating the date of the most recent update and the content changed.
Upon receiving your contact details, we will keep you informed of any changes that may take place and, where necessary, we will renew your consent to confirm that you agree to such changes.
NOTE:
The privacy and data protection policy was reviewed and last updated in February 2020.